From 2c997e3866930d97f05937338013b2019ade5dcb Mon Sep 17 00:00:00 2001 From: Daniel Ponte Date: Sat, 12 Nov 2022 16:31:26 -0500 Subject: [PATCH] trustednetworks --- pkg/auth/authenticator.go | 28 ++++---- pkg/auth/provider/hass/provider.go | 7 +- pkg/auth/provider/provider.go | 12 ++++ pkg/auth/provider/trustednets/trustednets.go | 72 ++++++++++++++++++++ 4 files changed, 106 insertions(+), 13 deletions(-) create mode 100644 pkg/auth/provider/trustednets/trustednets.go diff --git a/pkg/auth/authenticator.go b/pkg/auth/authenticator.go index d1e30e5..0f6c639 100644 --- a/pkg/auth/authenticator.go +++ b/pkg/auth/authenticator.go @@ -11,9 +11,12 @@ import ( "github.com/rs/zerolog/log" "dynatron.me/x/blasphem/pkg/auth/provider" - "dynatron.me/x/blasphem/pkg/auth/provider/hass" "dynatron.me/x/blasphem/pkg/frontend" "dynatron.me/x/blasphem/pkg/storage" + + // providers + _ "dynatron.me/x/blasphem/pkg/auth/provider/hass" + _ "dynatron.me/x/blasphem/pkg/auth/provider/trustednets" ) var ( @@ -47,25 +50,26 @@ func (a *Authenticator) InstallRoutes(e *echo.Echo) { } func (a *Authenticator) InitAuth(s storage.Store) error { + a.providers = make(map[string]provider.AuthProvider) + for _, pI := range provider.Providers { + nProv, err := pI(s) + if err != nil { + return err + } + + a.providers[nProv.ProviderType()] = nProv + } + a.flows = make(FlowStore) + a.sessions.init() - hap, err := hass.NewHAProvider(s) - if err != nil { - return err - } - - // XXX: yuck. use init with a registry or something - a.providers = map[string]provider.AuthProvider{ - hap.ProviderType(): hap, - } + var err error a.store, err = a.newAuthStore(s) if err != nil { return err } - - return nil } diff --git a/pkg/auth/provider/hass/provider.go b/pkg/auth/provider/hass/provider.go index b1090c2..0abcf52 100644 --- a/pkg/auth/provider/hass/provider.go +++ b/pkg/auth/provider/hass/provider.go @@ -40,7 +40,7 @@ type HomeAssistantProvider struct { Users []HAUser `json:"users"` } -func NewHAProvider(s storage.Store) (*HomeAssistantProvider, error) { +func NewHAProvider(s storage.Store) (provider.AuthProvider, error) { hap := &HomeAssistantProvider{ AuthProviderBase: provider.AuthProviderBase{ Name: "Home Assistant Local", @@ -121,3 +121,8 @@ func (hap *HomeAssistantProvider) FlowSchema() []provider.FlowSchemaItem { }, } } + +func init() { + provider.Register(HomeAssistant, NewHAProvider) +} + diff --git a/pkg/auth/provider/provider.go b/pkg/auth/provider/provider.go index 6f5b109..57000c6 100644 --- a/pkg/auth/provider/provider.go +++ b/pkg/auth/provider/provider.go @@ -1,5 +1,13 @@ package provider +import ( + "dynatron.me/x/blasphem/pkg/storage" +) + +type Constructor func(storage.Store) (AuthProvider, error) + +var Providers = make(map[string]Constructor) + type AuthProvider interface { // TODO: this should include stepping AuthProviderMetadata ProviderBase() AuthProviderBase @@ -8,6 +16,10 @@ type AuthProvider interface { // TODO: this should include stepping ValidateCreds(reqMap map[string]interface{}) (user ProviderUser, success bool) } +func Register(providerName string, f func(storage.Store) (AuthProvider, error)) { + Providers[providerName] = f +} + type ProviderUser interface { AuthProviderMetadata ProviderUserData() interface{} diff --git a/pkg/auth/provider/trustednets/trustednets.go b/pkg/auth/provider/trustednets/trustednets.go new file mode 100644 index 0000000..1e806f9 --- /dev/null +++ b/pkg/auth/provider/trustednets/trustednets.go @@ -0,0 +1,72 @@ +package trustednets + +// TODO: This doesn't work at all + +import ( + "dynatron.me/x/blasphem/pkg/auth/provider" + "dynatron.me/x/blasphem/pkg/storage" +) + +type User struct { + UserID string `json:"user_id"` + + provider.AuthProvider `json:"-"` +} + +func (hau *User) UserData() interface{} { + return UserData{ + UserID: hau.UserID, + } +} + +type UserData struct { + UserID string `json:"user_id"` +} + +const TrustedNetworks = "trusted_networks" + +func (h *User) ProviderUserData() interface{} { return h.UserData() } + +type TrustedNetworksProvider struct { + provider.AuthProviderBase `json:"-"` +} + +func New(s storage.Store) (provider.AuthProvider, error) { + hap := &TrustedNetworksProvider{ + AuthProviderBase: provider.AuthProviderBase{ + Name: "Trusted Networks", + Type: TrustedNetworks, + }, + } + + return hap, nil +} + +// TODO: To implement this, ValidateCreds needs to be changed to accept an http.Request, or the echo context. +func (hap *TrustedNetworksProvider) ValidateCreds(rm map[string]interface{}) (provider.ProviderUser, bool) { + return nil, false +} + +func (hap *TrustedNetworksProvider) NewCredData() interface{} { + return &UserData{} +} + +func (hap *TrustedNetworksProvider) FlowSchema() []provider.FlowSchemaItem { + return []provider.FlowSchemaItem{ + { + Type: "string", + Name: "username", + Required: true, + }, + { + Type: "string", + Name: "password", + Required: true, + }, + } +} + +func init() { + provider.Register(TrustedNetworks, New) +} +