Compare commits
3 commits
1aa1296732
...
9f39049dd6
Author | SHA1 | Date | |
---|---|---|---|
9f39049dd6 | |||
a540f94108 | |||
25c3e9421f |
7 changed files with 47 additions and 44 deletions
|
@ -35,14 +35,14 @@ const (
|
|||
)
|
||||
|
||||
type Flow struct {
|
||||
Type FlowType `json:"type"`
|
||||
ID FlowID `json:"flow_id"`
|
||||
Handler []*string `json:"handler"`
|
||||
StepID *Step `json:"step_id,omitempty"`
|
||||
Type FlowType `json:"type"`
|
||||
ID FlowID `json:"flow_id"`
|
||||
Handler []*string `json:"handler"`
|
||||
StepID *Step `json:"step_id,omitempty"`
|
||||
Schema []provider.FlowSchemaItem `json:"data_schema"`
|
||||
Errors interface{} `json:"errors"`
|
||||
DescPlace *string `json:"description_placeholders"`
|
||||
LastStep *string `json:"last_step"`
|
||||
Errors interface{} `json:"errors"`
|
||||
DescPlace *string `json:"description_placeholders"`
|
||||
LastStep *string `json:"last_step"`
|
||||
|
||||
request *FlowRequest
|
||||
ctime time.Time
|
||||
|
|
|
@ -39,7 +39,7 @@ func (h *HAUser) ProviderUserData() interface{} { return h.UserData() }
|
|||
|
||||
type HomeAssistantProvider struct {
|
||||
provider.AuthProviderBase `json:"-"`
|
||||
Users []HAUser `json:"users"`
|
||||
Users []HAUser `json:"users"`
|
||||
}
|
||||
|
||||
func NewHAProvider(s storage.Store) (provider.AuthProvider, error) {
|
||||
|
@ -127,4 +127,3 @@ func (hap *HomeAssistantProvider) FlowSchema() []provider.FlowSchemaItem {
|
|||
func init() {
|
||||
provider.Register(HomeAssistant, NewHAProvider)
|
||||
}
|
||||
|
||||
|
|
|
@ -49,5 +49,3 @@ type FlowSchemaItem struct {
|
|||
Name string `json:"name"`
|
||||
Required bool `json:"required"`
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -46,7 +46,7 @@ func New(s storage.Store) (provider.AuthProvider, error) {
|
|||
|
||||
func (hap *TrustedNetworksProvider) ValidateCreds(r *http.Request, rm map[string]interface{}) (provider.ProviderUser, bool) {
|
||||
/*
|
||||
if req.RemoteAddr in allowed then do the thing
|
||||
if req.RemoteAddr in allowed then do the thing
|
||||
*/
|
||||
return nil, false
|
||||
}
|
||||
|
@ -73,4 +73,3 @@ func (hap *TrustedNetworksProvider) FlowSchema() []provider.FlowSchemaItem {
|
|||
func init() {
|
||||
provider.Register(TrustedNetworks, New)
|
||||
}
|
||||
|
||||
|
|
|
@ -66,20 +66,20 @@ func (ss *SessionStore) verify(tr *TokenRequest, r *http.Request) (provider.Prov
|
|||
}
|
||||
|
||||
type Credential struct {
|
||||
ID CredID `json:"id"`
|
||||
UserID UserID `json:"user_id"`
|
||||
AuthProviderType string `json:"auth_provider_type"`
|
||||
AuthProviderID *string `json:"auth_provider_id"`
|
||||
DataRaw json.RawMessage `json:"data,omitempty"`
|
||||
user provider.ProviderUser
|
||||
ID CredID `json:"id"`
|
||||
UserID UserID `json:"user_id"`
|
||||
AuthProviderType string `json:"auth_provider_type"`
|
||||
AuthProviderID *string `json:"auth_provider_id"`
|
||||
DataRaw json.RawMessage `json:"data,omitempty"`
|
||||
user provider.ProviderUser
|
||||
}
|
||||
|
||||
func (cred *Credential) MarshalJSON() ([]byte, error) {
|
||||
rm := map[string]interface{}{
|
||||
"id": cred.ID,
|
||||
"user_id": cred.UserID,
|
||||
"id": cred.ID,
|
||||
"user_id": cred.UserID,
|
||||
"auth_provider_type": cred.user.ProviderType(),
|
||||
"auth_provider_id": cred.user.ProviderID(),
|
||||
"auth_provider_id": cred.user.ProviderID(),
|
||||
}
|
||||
|
||||
providerData := cred.user.ProviderUserData()
|
||||
|
@ -103,11 +103,12 @@ const defaultExpiration = 2 * time.Hour
|
|||
|
||||
func (a *Authenticator) NewToken(r *http.Request, user provider.ProviderUser, f *Flow) TokenID {
|
||||
id := TokenID(genUUID())
|
||||
now := time.Now()
|
||||
|
||||
t := &Token{
|
||||
ID: id,
|
||||
Ctime: time.Now(),
|
||||
Expires: time.Now().Add(defaultExpiration),
|
||||
Ctime: now,
|
||||
Expires: now.Add(defaultExpiration),
|
||||
Addr: r.RemoteAddr,
|
||||
|
||||
user: user,
|
||||
|
@ -122,7 +123,7 @@ type GrantType string
|
|||
|
||||
const (
|
||||
GTAuthorizationCode GrantType = "authorization_code"
|
||||
GTRefreshToken GrantType = "refresh_token"
|
||||
GTRefreshToken GrantType = "refresh_token"
|
||||
)
|
||||
|
||||
type ClientID string
|
||||
|
@ -134,8 +135,8 @@ func (c *ClientID) IsValid() bool {
|
|||
|
||||
type TokenRequest struct {
|
||||
ClientID ClientID `form:"client_id"`
|
||||
Code TokenID `form:"code"`
|
||||
GrantType GrantType `form:"grant_type"`
|
||||
Code TokenID `form:"code"`
|
||||
GrantType GrantType `form:"grant_type"`
|
||||
}
|
||||
|
||||
func (a *Authenticator) TokenHandler(c echo.Context) error {
|
||||
|
@ -162,7 +163,7 @@ func (a *Authenticator) TokenHandler(c echo.Context) error {
|
|||
return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: "bad user"})
|
||||
}
|
||||
|
||||
if err := user.allowedToAuth(); err != nil {
|
||||
if err := user.allowedToAuth(); err != nil {
|
||||
return c.JSON(http.StatusUnauthorized, AuthError{Error: "access_denied", Description: err.Error()})
|
||||
}
|
||||
return c.String(http.StatusOK, "token good I guess")
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"dynatron.me/x/blasphem/pkg/storage"
|
||||
)
|
||||
|
@ -11,13 +11,13 @@ const (
|
|||
AuthStoreKey = "auth"
|
||||
)
|
||||
|
||||
|
||||
type AuthStore interface {
|
||||
User(UserID) *User
|
||||
}
|
||||
|
||||
type authStore struct {
|
||||
Users []User `json:"users"`
|
||||
Groups interface {} `json:"groups"`
|
||||
Users []User `json:"users"`
|
||||
Groups interface{} `json:"groups"`
|
||||
Credentials []Credential `json:"credentials"`
|
||||
|
||||
userMap map[UserID]*User
|
||||
|
@ -49,3 +49,7 @@ func (a *Authenticator) newAuthStore(s storage.Store) (as *authStore, err error)
|
|||
|
||||
return
|
||||
}
|
||||
|
||||
func (s *authStore) User(uid UserID) *User {
|
||||
return s.userMap[uid]
|
||||
}
|
||||
|
|
|
@ -11,18 +11,18 @@ type GroupID string
|
|||
type CredID string
|
||||
|
||||
type User struct {
|
||||
ID UserID `json:"id"`
|
||||
GroupIDs []GroupID `json:"group_ids"`
|
||||
Data interface{} `json:"data,omitempty"`
|
||||
ID UserID `json:"id"`
|
||||
GroupIDs []GroupID `json:"group_ids"`
|
||||
Data interface{} `json:"data,omitempty"`
|
||||
UserMetadata
|
||||
}
|
||||
|
||||
type UserMetadata struct {
|
||||
Active bool `json:"is_active"`
|
||||
Owner bool `json:"is_owner"`
|
||||
LocalOnly bool `json:"local_only"`
|
||||
SystemGenerated bool `json:"system_generated"`
|
||||
Name string `json:"name"`
|
||||
Active bool `json:"is_active"`
|
||||
Owner bool `json:"is_owner"`
|
||||
LocalOnly bool `json:"local_only"`
|
||||
SystemGenerated bool `json:"system_generated"`
|
||||
Name string `json:"name"`
|
||||
}
|
||||
|
||||
func (u *User) allowedToAuth() error {
|
||||
|
@ -35,8 +35,10 @@ func (u *User) allowedToAuth() error {
|
|||
|
||||
func (a *Authenticator) getOrCreateUser(c *Credential) (*User, error) {
|
||||
log.Debug().Interface("userdata", c.user.ProviderUserData()).Msg("getOrCreateUser")
|
||||
panic("not implemented")
|
||||
return &User{}, nil
|
||||
u := a.store.User(c.UserID)
|
||||
if u == nil {
|
||||
return nil, errors.New("no such user)
|
||||
}
|
||||
|
||||
return u, nil
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue