Compare commits

...

3 commits

Author SHA1 Message Date
9f39049dd6 user 2022-11-12 17:50:01 -05:00
a540f94108 gofmt 2022-11-12 17:42:51 -05:00
25c3e9421f fix now 2022-11-12 17:42:36 -05:00
7 changed files with 47 additions and 44 deletions

View file

@ -35,14 +35,14 @@ const (
) )
type Flow struct { type Flow struct {
Type FlowType `json:"type"` Type FlowType `json:"type"`
ID FlowID `json:"flow_id"` ID FlowID `json:"flow_id"`
Handler []*string `json:"handler"` Handler []*string `json:"handler"`
StepID *Step `json:"step_id,omitempty"` StepID *Step `json:"step_id,omitempty"`
Schema []provider.FlowSchemaItem `json:"data_schema"` Schema []provider.FlowSchemaItem `json:"data_schema"`
Errors interface{} `json:"errors"` Errors interface{} `json:"errors"`
DescPlace *string `json:"description_placeholders"` DescPlace *string `json:"description_placeholders"`
LastStep *string `json:"last_step"` LastStep *string `json:"last_step"`
request *FlowRequest request *FlowRequest
ctime time.Time ctime time.Time

View file

@ -39,7 +39,7 @@ func (h *HAUser) ProviderUserData() interface{} { return h.UserData() }
type HomeAssistantProvider struct { type HomeAssistantProvider struct {
provider.AuthProviderBase `json:"-"` provider.AuthProviderBase `json:"-"`
Users []HAUser `json:"users"` Users []HAUser `json:"users"`
} }
func NewHAProvider(s storage.Store) (provider.AuthProvider, error) { func NewHAProvider(s storage.Store) (provider.AuthProvider, error) {
@ -127,4 +127,3 @@ func (hap *HomeAssistantProvider) FlowSchema() []provider.FlowSchemaItem {
func init() { func init() {
provider.Register(HomeAssistant, NewHAProvider) provider.Register(HomeAssistant, NewHAProvider)
} }

View file

@ -49,5 +49,3 @@ type FlowSchemaItem struct {
Name string `json:"name"` Name string `json:"name"`
Required bool `json:"required"` Required bool `json:"required"`
} }

View file

@ -46,7 +46,7 @@ func New(s storage.Store) (provider.AuthProvider, error) {
func (hap *TrustedNetworksProvider) ValidateCreds(r *http.Request, rm map[string]interface{}) (provider.ProviderUser, bool) { func (hap *TrustedNetworksProvider) ValidateCreds(r *http.Request, rm map[string]interface{}) (provider.ProviderUser, bool) {
/* /*
if req.RemoteAddr in allowed then do the thing if req.RemoteAddr in allowed then do the thing
*/ */
return nil, false return nil, false
} }
@ -73,4 +73,3 @@ func (hap *TrustedNetworksProvider) FlowSchema() []provider.FlowSchemaItem {
func init() { func init() {
provider.Register(TrustedNetworks, New) provider.Register(TrustedNetworks, New)
} }

View file

@ -66,20 +66,20 @@ func (ss *SessionStore) verify(tr *TokenRequest, r *http.Request) (provider.Prov
} }
type Credential struct { type Credential struct {
ID CredID `json:"id"` ID CredID `json:"id"`
UserID UserID `json:"user_id"` UserID UserID `json:"user_id"`
AuthProviderType string `json:"auth_provider_type"` AuthProviderType string `json:"auth_provider_type"`
AuthProviderID *string `json:"auth_provider_id"` AuthProviderID *string `json:"auth_provider_id"`
DataRaw json.RawMessage `json:"data,omitempty"` DataRaw json.RawMessage `json:"data,omitempty"`
user provider.ProviderUser user provider.ProviderUser
} }
func (cred *Credential) MarshalJSON() ([]byte, error) { func (cred *Credential) MarshalJSON() ([]byte, error) {
rm := map[string]interface{}{ rm := map[string]interface{}{
"id": cred.ID, "id": cred.ID,
"user_id": cred.UserID, "user_id": cred.UserID,
"auth_provider_type": cred.user.ProviderType(), "auth_provider_type": cred.user.ProviderType(),
"auth_provider_id": cred.user.ProviderID(), "auth_provider_id": cred.user.ProviderID(),
} }
providerData := cred.user.ProviderUserData() providerData := cred.user.ProviderUserData()
@ -103,11 +103,12 @@ const defaultExpiration = 2 * time.Hour
func (a *Authenticator) NewToken(r *http.Request, user provider.ProviderUser, f *Flow) TokenID { func (a *Authenticator) NewToken(r *http.Request, user provider.ProviderUser, f *Flow) TokenID {
id := TokenID(genUUID()) id := TokenID(genUUID())
now := time.Now()
t := &Token{ t := &Token{
ID: id, ID: id,
Ctime: time.Now(), Ctime: now,
Expires: time.Now().Add(defaultExpiration), Expires: now.Add(defaultExpiration),
Addr: r.RemoteAddr, Addr: r.RemoteAddr,
user: user, user: user,
@ -122,7 +123,7 @@ type GrantType string
const ( const (
GTAuthorizationCode GrantType = "authorization_code" GTAuthorizationCode GrantType = "authorization_code"
GTRefreshToken GrantType = "refresh_token" GTRefreshToken GrantType = "refresh_token"
) )
type ClientID string type ClientID string
@ -134,8 +135,8 @@ func (c *ClientID) IsValid() bool {
type TokenRequest struct { type TokenRequest struct {
ClientID ClientID `form:"client_id"` ClientID ClientID `form:"client_id"`
Code TokenID `form:"code"` Code TokenID `form:"code"`
GrantType GrantType `form:"grant_type"` GrantType GrantType `form:"grant_type"`
} }
func (a *Authenticator) TokenHandler(c echo.Context) error { func (a *Authenticator) TokenHandler(c echo.Context) error {
@ -162,7 +163,7 @@ func (a *Authenticator) TokenHandler(c echo.Context) error {
return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: "bad user"}) return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: "bad user"})
} }
if err := user.allowedToAuth(); err != nil { if err := user.allowedToAuth(); err != nil {
return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: err.Error()}) return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: err.Error()})
} }
return c.String(http.StatusOK, "token good I guess") return c.String(http.StatusOK, "token good I guess")

View file

@ -1,8 +1,8 @@
package auth package auth
import ( import (
"fmt"
"encoding/json" "encoding/json"
"fmt"
"dynatron.me/x/blasphem/pkg/storage" "dynatron.me/x/blasphem/pkg/storage"
) )
@ -11,13 +11,13 @@ const (
AuthStoreKey = "auth" AuthStoreKey = "auth"
) )
type AuthStore interface { type AuthStore interface {
User(UserID) *User
} }
type authStore struct { type authStore struct {
Users []User `json:"users"` Users []User `json:"users"`
Groups interface {} `json:"groups"` Groups interface{} `json:"groups"`
Credentials []Credential `json:"credentials"` Credentials []Credential `json:"credentials"`
userMap map[UserID]*User userMap map[UserID]*User
@ -49,3 +49,7 @@ func (a *Authenticator) newAuthStore(s storage.Store) (as *authStore, err error)
return return
} }
func (s *authStore) User(uid UserID) *User {
return s.userMap[uid]
}

View file

@ -11,18 +11,18 @@ type GroupID string
type CredID string type CredID string
type User struct { type User struct {
ID UserID `json:"id"` ID UserID `json:"id"`
GroupIDs []GroupID `json:"group_ids"` GroupIDs []GroupID `json:"group_ids"`
Data interface{} `json:"data,omitempty"` Data interface{} `json:"data,omitempty"`
UserMetadata UserMetadata
} }
type UserMetadata struct { type UserMetadata struct {
Active bool `json:"is_active"` Active bool `json:"is_active"`
Owner bool `json:"is_owner"` Owner bool `json:"is_owner"`
LocalOnly bool `json:"local_only"` LocalOnly bool `json:"local_only"`
SystemGenerated bool `json:"system_generated"` SystemGenerated bool `json:"system_generated"`
Name string `json:"name"` Name string `json:"name"`
} }
func (u *User) allowedToAuth() error { func (u *User) allowedToAuth() error {
@ -35,8 +35,10 @@ func (u *User) allowedToAuth() error {
func (a *Authenticator) getOrCreateUser(c *Credential) (*User, error) { func (a *Authenticator) getOrCreateUser(c *Credential) (*User, error) {
log.Debug().Interface("userdata", c.user.ProviderUserData()).Msg("getOrCreateUser") log.Debug().Interface("userdata", c.user.ProviderUserData()).Msg("getOrCreateUser")
panic("not implemented") u := a.store.User(c.UserID)
return &User{}, nil if u == nil {
return nil, errors.New("no such user)
}
return u, nil
} }