# HG changeset patch # User Peter Sanchez # Date 1682463262 21600 # Tue Apr 25 16:54:22 2023 -0600 # Node ID f585adafeb142a4ea5ea1d6730f6f14e057c0247 # Parent 034018227502404771228f20c81fd3595665ade4 Adding routes, etc. diff --git a/bearer.go b/bearer.go new file mode 100644 --- /dev/null +++ b/bearer.go @@ -0,0 +1,169 @@ +package oauth2 + +import ( + "context" + "fmt" + "log" + "strings" + "time" + + "git.sr.ht/~sircmpwn/go-bare" + "hg.code.netlandish.com/~netlandish/gobwebs/crypto" +) + +// TokenVersion ... +const TokenVersion uint = 0 + +// Timestamp ... +type Timestamp int64 + +// Time ... +func (t Timestamp) Time() time.Time { + return time.Unix(int64(t), 0).UTC() +} + +// ToTimestamp ... +func ToTimestamp(t time.Time) Timestamp { + return Timestamp(t.UTC().Unix()) +} + +// BearerToken ... +type BearerToken struct { + Version uint + Expires Timestamp + Grants string + ClientID string + UserID int +} + +// Encode ... +func (bt *BearerToken) Encode(ctx context.Context) string { + kw := crypto.KWForContext(ctx) + plain, err := bare.Marshal(bt) + if err != nil { + panic(err) + } + enc, err := crypto.EncryptBytesB64(plain, kw.Keys[0]) + if err != nil { + panic(err) + } + return enc +} + +// DecodeBearerToken ... +func DecodeBearerToken(ctx context.Context, token string) *BearerToken { + var ( + found bool + payload []byte + err error + ) + kw := crypto.KWForContext(ctx) + if len(kw.Keys) == 0 { + panic(fmt.Errorf("no crypto keys provided in KeyWallet instance")) + } + + for _, key := range kw.Keys { + payload, err = crypto.DecryptBytesB64(token, key) + if err != nil { + log.Printf("Invalid bearer token: %v", err) + continue + } + found = true + break + } + if !found { + log.Printf("Invalid bearer token (exhausted all keys): %v", err) + return nil + } + + var bt BearerToken + err = bare.Unmarshal(payload, &bt) + if err != nil { + log.Printf("Invalid bearer token: BARE unmarshal failed: %v", err) + return nil + } + if bt.Version != TokenVersion { + log.Printf("Invalid bearer token: invalid token version") + return nil + } + if time.Now().UTC().After(bt.Expires.Time()) { + log.Printf("Invalid bearer token: token expired") + return nil + } + return &bt +} + +const ( + // RO ... + RO = "RO" + // RW ... + RW = "RW" +) + +// Grants ... +type Grants struct { + ReadOnly bool + + all bool + grants map[string]string + encoded string +} + +// DecodeGrants ... +func DecodeGrants(grants string) Grants { + if grants == "" { + // All permissions + return Grants{ + all: true, + grants: nil, + encoded: "", + } + } + accessMap := make(map[string]string) + for _, grant := range strings.Split(grants, " ") { + var ( + access string + ) + parts := strings.Split(grant, ":") + scope := parts[0] + if len(parts) == 1 { + access = "RO" + } else { + access = parts[1] + } + accessMap[scope] = access + } + return Grants{ + all: false, + grants: accessMap, + encoded: grants, + } +} + +// Has ... +func (g *Grants) Has(grant string, mode string) bool { + if mode != RO && mode != RW { + panic("Invalid access mode") + } + if g.ReadOnly && mode == RW { + return false + } + + if g.all { + return true + } + + access, ok := g.grants[grant] + if !ok { + return false + } + if mode == RO { + return true + } + return mode == access +} + +// Encode ... +func (g *Grants) Encode() string { + return g.encoded +} diff --git a/go.mod b/go.mod --- a/go.mod +++ b/go.mod @@ -3,9 +3,16 @@ go 1.18 require ( + git.sr.ht/~sircmpwn/go-bare v0.0.0-20210406120253-ab86bc2846d9 + github.com/Masterminds/squirrel v1.5.4 + github.com/labstack/echo/v4 v4.10.2 + github.com/segmentio/ksuid v1.0.4 + hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230425200922-0a998d338bdd +) + +require ( git.sr.ht/~sircmpwn/dowork v0.0.0-20221010085743-46c4299d76a1 // indirect github.com/99designs/gqlgen v0.17.29 // indirect - github.com/Masterminds/squirrel v1.5.4 // indirect github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f // indirect github.com/agnivade/levenshtein v1.1.1 // indirect github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387 // indirect @@ -17,9 +24,9 @@ github.com/emersion/go-message v0.15.0 // indirect github.com/emersion/go-pgpmail v0.2.0 // indirect github.com/emersion/go-textwrapper v0.0.0-20200911093747-65d896831594 // indirect - github.com/go-playground/locales v0.14.0 // indirect - github.com/go-playground/universal-translator v0.18.0 // indirect - github.com/go-playground/validator/v10 v10.10.0 // indirect + github.com/go-playground/locales v0.14.1 // indirect + github.com/go-playground/universal-translator v0.18.1 // indirect + github.com/go-playground/validator/v10 v10.12.0 // indirect github.com/golang-jwt/jwt v3.2.2+incompatible // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/uuid v1.1.1 // indirect @@ -28,11 +35,10 @@ github.com/json-iterator/go v1.1.12 // indirect github.com/klauspost/compress v1.13.5 // indirect github.com/klauspost/cpuid v1.3.1 // indirect - github.com/labstack/echo/v4 v4.10.2 // indirect github.com/labstack/gommon v0.4.0 // indirect github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect - github.com/leodido/go-urn v1.2.1 // indirect + github.com/leodido/go-urn v1.2.2 // indirect github.com/lib/pq v1.10.4 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.17 // indirect @@ -49,20 +55,18 @@ github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/procfs v0.8.0 // indirect github.com/rs/xid v1.2.1 // indirect - github.com/segmentio/ksuid v1.0.4 // indirect github.com/sirupsen/logrus v1.8.1 // indirect github.com/spazzymoto/echo-scs-session v1.0.0 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/fasttemplate v1.2.2 // indirect github.com/vaughan0/go-ini v0.0.0-20130923145212-a98ad7ee00ec // indirect github.com/vektah/gqlparser/v2 v2.5.1 // indirect - golang.org/x/crypto v0.6.0 // indirect - golang.org/x/net v0.7.0 // indirect - golang.org/x/sys v0.5.0 // indirect - golang.org/x/text v0.7.0 // indirect + golang.org/x/crypto v0.7.0 // indirect + golang.org/x/net v0.8.0 // indirect + golang.org/x/sys v0.6.0 // indirect + golang.org/x/text v0.8.0 // indirect golang.org/x/time v0.3.0 // indirect google.golang.org/protobuf v1.28.1 // indirect gopkg.in/ini.v1 v1.57.0 // indirect - hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230425001539-2024875947c8 // indirect petersanchez.com/carrier v0.1.1 // indirect ) diff --git a/go.sum b/go.sum --- a/go.sum +++ b/go.sum @@ -33,6 +33,9 @@ dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= git.sr.ht/~sircmpwn/dowork v0.0.0-20221010085743-46c4299d76a1 h1:EvPKkneKkF/f7zEgKPqIZVyj3jWO8zSmsBOvMhAGqMA= git.sr.ht/~sircmpwn/dowork v0.0.0-20221010085743-46c4299d76a1/go.mod h1:8neHEO3503w/rNtttnR0JFpQgM/GFhaafVwvkPsFIDw= +git.sr.ht/~sircmpwn/getopt v0.0.0-20191230200459-23622cc906b3/go.mod h1:wMEGFFFNuPos7vHmWXfszqImLppbc0wEhh6JBfJIUgw= +git.sr.ht/~sircmpwn/go-bare v0.0.0-20210406120253-ab86bc2846d9 h1:Ahny8Ud1LjVMMAlt8utUFKhhxJtwBAualvsbc/Sk7cE= +git.sr.ht/~sircmpwn/go-bare v0.0.0-20210406120253-ab86bc2846d9/go.mod h1:BVJwbDfVjCjoFiKrhkei6NdGcZYpkDkdyCdg1ukytRA= github.com/99designs/gqlgen v0.17.29 h1:z2MrNOFATCVgQLRCF6Uufz4uz2IQLB5BBMwPUMafJOA= github.com/99designs/gqlgen v0.17.29/go.mod h1:i4rEatMrzzu6RXaHydq1nmEPZkb3bKQsnxNRHS4DQB4= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= @@ -57,7 +60,9 @@ github.com/alexedwards/scs/v2 v2.4.0/go.mod h1:ToaROZxyKukJKT/xLcVQAChi5k6+Pn1Gvmdl7h3RRj8= github.com/alexedwards/scs/v2 v2.5.1 h1:EhAz3Kb3OSQzD8T+Ub23fKsiuvE0GzbF5Lgn0uTwM3Y= github.com/alexedwards/scs/v2 v2.5.1/go.mod h1:ToaROZxyKukJKT/xLcVQAChi5k6+Pn1Gvmdl7h3RRj8= +github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883 h1:bvNMNQO63//z+xNgfBlViaCIJKLlCJ6/fmUseuG0wVQ= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= +github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -72,10 +77,11 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+UbP35JkH8yB7MYb4q/qhBarqZE6g= github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= @@ -100,13 +106,13 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= -github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= -github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb8WugfUU= -github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs= -github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho= -github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= -github.com/go-playground/validator/v10 v10.10.0 h1:I7mrTYv78z8k8VXa/qJlOlEXn/nBh+BF8dHX5nt/dr0= -github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos= +github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= +github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= +github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= +github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= +github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= +github.com/go-playground/validator/v10 v10.12.0 h1:E4gtWgxWxp8YSxExrQFv5BpCahla0PVF2oTTEYaWQGI= +github.com/go-playground/validator/v10 v10.12.0/go.mod h1:hCAPuzYvKdP33pxWa+2+6AIKXEKqjIUyqsNCtbsSJrA= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= @@ -150,6 +156,7 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= @@ -165,10 +172,10 @@ github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/gopherjs/gopherjs v0.0.0-20220221023154-0b2280d3ff96 h1:QJq7UBOuoynsywLk+aC75rC2Cbi2+lQRDaLaizhA+fA= github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru/v2 v2.0.1 h1:5pv5N1lT1fjLg2VQ5KWc7kmucp2x/kvFOnxuVTqZ6x4= github.com/hashicorp/golang-lru/v2 v2.0.1/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= @@ -181,6 +188,7 @@ github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= @@ -193,11 +201,8 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/labstack/echo/v4 v4.3.0/go.mod h1:PvmtTvhVqKDzDQy4d3bWzPjZLzom4iQbAZy2sgZ/qI8= github.com/labstack/echo/v4 v4.10.2 h1:n1jAhnq/elIFTHr1EYpiYtyKgx4RW9ccVgkqByZaN2M= github.com/labstack/echo/v4 v4.10.2/go.mod h1:OEyqf2//K1DFdE57vw2DRgWY0M7s65IVQO2FzvI4J5k= @@ -208,8 +213,8 @@ github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o= github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk= github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= -github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w= -github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= +github.com/leodido/go-urn v1.2.2 h1:7z68G0FCGvDk646jz1AelTYNYWrTNm0bEcFAo147wt4= +github.com/leodido/go-urn v1.2.2/go.mod h1:kUaIbLZWttglzwNuG0pgsh5vuV6u2YcGBYz1hIPjtOQ= github.com/lib/pq v1.4.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.4 h1:SO9z7FRPzA03QhHKJrH5BXA6HU1rS4V2nIVrrNC1iYk= github.com/lib/pq v1.10.4/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= @@ -247,10 +252,10 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= @@ -278,27 +283,35 @@ github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/rs/xid v1.2.1 h1:mhH9Nq+C1fY2l1XIpgxIiUOfNpRBYH1kKcr+qfKgjRc= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= +github.com/rwtodd/Go.Sed v0.0.0-20210816025313-55464686f9ef/go.mod h1:8AEUvGVi2uQ5b24BIhcr0GCcpd/RNAFWaN2CJFrWIIQ= github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c= github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE= +github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/smartystreets/assertions v1.2.1 h1:bKNHfEv7tSIjZ8JbKaFjzFINljxG4lzZvmHUnElzOIg= +github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/spazzymoto/echo-scs-session v1.0.0 h1:2m1AHXRCSY9j6fjz0MpuIE/3L9GiHk1kux5mhhQh3WI= github.com/spazzymoto/echo-scs-session v1.0.0/go.mod h1:wd6nyO726b2b1+w+IBHYEG5vY+MqUYSnbBJFcTeWwOM= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= @@ -324,11 +337,10 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= -golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= +golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A= +golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -393,8 +405,8 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -454,14 +466,13 @@ golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -471,8 +482,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -604,7 +615,6 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/ini.v1 v1.57.0 h1:9unxIsFcTt4I55uWluz+UmL95q4kdJ0buvQ1ZIqVQww= gopkg.in/ini.v1 v1.57.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= @@ -614,13 +624,14 @@ gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230420010146-72d7927457af h1:NJoWSCJ9qp8vhmUF0qMRrODJGsNVpnKgxpo7ViOiQkQ= -hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230420010146-72d7927457af/go.mod h1:ZQOJcrnVvJYk+Ophr5PPq2sh8knLxwtvVIJS3/RjV+c= -hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230425001539-2024875947c8 h1:+tBiSehFsB2nmtd6tovWsfooEuiobeIvbqoY2I0tOt0= -hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230425001539-2024875947c8/go.mod h1:ZQOJcrnVvJYk+Ophr5PPq2sh8knLxwtvVIJS3/RjV+c= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230425200922-0a998d338bdd h1:l2Z28g5798LK5/jkAPozA6hBqKjHgOcNjJfU9fAoew4= +hg.code.netlandish.com/~netlandish/gobwebs v0.0.0-20230425200922-0a998d338bdd/go.mod h1:+gStIFMqfW/W36PtW25x86MFS0FtXzbhnltOcB6hNf4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/input.go b/input.go new file mode 100644 --- /dev/null +++ b/input.go @@ -0,0 +1,35 @@ +package oauth2 + +import ( + "fmt" + + "github.com/labstack/echo/v4" + "hg.code.netlandish.com/~netlandish/gobwebs/validate" +) + +type AddClientForm struct { + Name string `form:"name" validate:"required"` + Description string `form:"description" validate:"-"` + RedirectURL string `form:"redirect_url" validate:"required,http_url"` + ClientURL string `form:"client_url" validate:"http_url"` +} + +func (a *AddClientForm) Validate(c echo.Context) error { + // Binding each field specifically to use BindErrors + errs := validate.FormFieldBinder(c, a). + FailFast(false). + String("name", &a.Name). + String("description", &a.Description). + String("redirect_url", &a.RedirectURL). + String("client_url", &a.ClientURL). + BindErrors() + if errs != nil { + return validate.GetInputErrors(errs) + } + + if err := c.Validate(a); err != nil { + return err + } + fmt.Println("foo") + return nil +} diff --git a/interfaces.go b/interfaces.go new file mode 100644 --- /dev/null +++ b/interfaces.go @@ -0,0 +1,9 @@ +package oauth2 + +import "github.com/labstack/echo/v4" + +// Helper is an interface to allow you to customize behavior +// after a specific action from the application routes +type Helper interface { + ProcessSuccessfulClientAdd(c echo.Context) error +} diff --git a/models.go b/models.go new file mode 100644 --- /dev/null +++ b/models.go @@ -0,0 +1,30 @@ +package oauth2 + +import "time" + +// Client ... +type Client struct { + ID int `db:"id"` + OwnerID int `db:"owner_id"` + Name string `db:"name"` + Description string `db:"description"` + Key string `db:"key"` + SecretHash string `db:"secret_hash"` + SecretPartial string `db:"secret_partial"` + RedirectURL string `db:"redirect_url"` + ClientURL string `db:"client_url"` + Revoked bool `db:"revoked"` + CreatedOn time.Time `db:"created_on"` + UpdatedOn time.Time `db:"updated_on"` +} + +// Grant ... +type Grant struct { + ID int `db:"id"` + Issued time.Time `db:"issued"` + Expires time.Time `db:"expires"` + Comment time.Time `db:"comment"` + TokenHash string `db:"token_hash"` + UserID int `db:"user_id"` + ClientID int `db:"client_id"` +} diff --git a/oauth2_clients.go b/oauth2_clients.go --- a/oauth2_clients.go +++ b/oauth2_clients.go @@ -2,30 +2,18 @@ import ( "context" + "crypto/rand" + "crypto/sha512" "database/sql" + "encoding/base64" + "encoding/hex" "fmt" - "time" sq "github.com/Masterminds/squirrel" + "github.com/segmentio/ksuid" "hg.code.netlandish.com/~netlandish/gobwebs/database" ) -// Client ... -type Client struct { - ID int `db:"id"` - OwnerID int `db:"owner_id"` - ClientName string `db:"client_name"` - ClientDescription string `db:"client_description"` - ClientKey string `db:"client_key"` - ClientSecretHash string `db:"client_secret_hash"` - ClientSecretPartial string `db:"client_secret_partial"` - RedirectURL string `db:"redirect_url"` - ClientURL string `db:"client_url"` - Revoked bool `db:"revoked"` - CreatedOn time.Time `db:"created_on"` - UpdatedOn time.Time `db:"updated_on"` -} - // GetClients retuns oauth2 clients using the given filters func GetClients(ctx context.Context, opts *database.FilterOptions) ([]*Client, error) { if opts == nil { @@ -35,8 +23,8 @@ if err := database.WithTx(ctx, database.TxOptionsRO, func(tx *sql.Tx) error { q := opts.GetBuilder(nil) rows, err := q. - Columns("id", "owner_id", "client_name", "client_description", "client_key", - "client_secret_hash", "client_secret_partial", "redirect_url", "client_url", + Columns("id", "owner_id", "name", "description", "key", + "secret_hash", "secret_partial", "redirect_url", "client_url", "revoked", "created_on", "updated_on"). From("oauth2_clients"). PlaceholderFormat(sq.Dollar). @@ -52,8 +40,8 @@ for rows.Next() { var c Client - if err = rows.Scan(&c.ID, &c.OwnerID, &c.ClientName, &c.ClientDescription, &c.ClientKey, - &c.ClientSecretHash, &c.ClientSecretPartial, &c.RedirectURL, &c.ClientURL, + if err = rows.Scan(&c.ID, &c.OwnerID, &c.Name, &c.Description, &c.Key, + &c.SecretHash, &c.SecretPartial, &c.RedirectURL, &c.ClientURL, &c.Revoked, &c.CreatedOn, &c.UpdatedOn); err != nil { return err } @@ -73,11 +61,11 @@ if c.ID == 0 { err = sq. Insert("oauth2_clients"). - Columns("owner_id", "client_name", "client_description", "client_key", - "client_secret_hash", "client_secret_partial", "redirect_url", "client_url", + Columns("owner_id", "name", "description", "key", + "secret_hash", "secret_partial", "redirect_url", "client_url", "revoked"). - Values(c.OwnerID, c.ClientName, c.ClientDescription, c.ClientKey, - c.ClientSecretHash, c.ClientSecretPartial, c.RedirectURL, c.ClientURL, + Values(c.OwnerID, c.Name, c.Description, c.Key, + c.SecretHash, c.SecretPartial, c.RedirectURL, c.ClientURL, c.Revoked). Suffix(`RETURNING id, created_on, updated_on`). PlaceholderFormat(sq.Dollar). @@ -87,11 +75,11 @@ err = sq. Update("oauth2_clients"). Set("owner_id", c.OwnerID). - Set("client_name", c.ClientName). - Set("client_description", c.ClientDescription). - Set("client_key", c.ClientKey). - Set("client_secret_hash", c.ClientSecretHash). - Set("client_secret_partial", c.ClientSecretPartial). + Set("name", c.Name). + Set("description", c.Description). + Set("key", c.Key). + Set("secret_hash", c.SecretHash). + Set("secret_partial", c.SecretPartial). Set("redirect_url", c.RedirectURL). Set("client_url", c.ClientURL). Set("revoked", c.Revoked). @@ -106,7 +94,24 @@ return err } -// Delete will delete this rate +// GenerateKeys will create keys for client +func (c *Client) GenerateKeys() { + var seed [64]byte + n, err := rand.Read(seed[:]) + if err != nil || n != len(seed) { + panic(err) + } + secret := base64.StdEncoding.EncodeToString(seed[:]) + hash := sha512.Sum512(seed[:]) + partial := secret[:8] + clientID := ksuid.New() + + c.Key = clientID.String() + c.SecretHash = hex.EncodeToString(hash[:]) + c.SecretPartial = partial +} + +// Delete will delete this client func (c *Client) Delete(ctx context.Context) error { if c.ID == 0 { return fmt.Errorf("Client object is not populated") diff --git a/oauth2_grants.go b/oauth2_grants.go --- a/oauth2_grants.go +++ b/oauth2_grants.go @@ -4,23 +4,11 @@ "context" "database/sql" "fmt" - "time" sq "github.com/Masterminds/squirrel" "hg.code.netlandish.com/~netlandish/gobwebs/database" ) -// Grant ... -type Grant struct { - ID int `db:"id"` - Issued time.Time `db:"issued"` - Expires time.Time `db:"expires"` - Comment time.Time `db:"comment"` - TokenHash string `db:"token_hash"` - UserID int `db:"user_id"` - ClientID int `db:"client_id"` -} - // GetGrants retuns oauth2 grants using the given filters func GetGrants(ctx context.Context, opts *database.FilterOptions) ([]*Grant, error) { if opts == nil { diff --git a/routes.go b/routes.go --- a/routes.go +++ b/routes.go @@ -2,9 +2,11 @@ import ( "fmt" + "net/http" sq "github.com/Masterminds/squirrel" "github.com/labstack/echo/v4" + "hg.code.netlandish.com/~netlandish/gobwebs" "hg.code.netlandish.com/~netlandish/gobwebs/accounts" "hg.code.netlandish.com/~netlandish/gobwebs/database" "hg.code.netlandish.com/~netlandish/gobwebs/server" @@ -12,26 +14,69 @@ // Service is the base accounts service struct type Service struct { - name string - eg *echo.Group + name string + eg *echo.Group + helper Helper } // RegisterRoutes ... func (s *Service) RegisterRoutes() { s.eg.Use(accounts.AuthRequired()) s.eg.GET("/clients", s.ListClients).Name = s.RouteName("list_clients") + s.eg.GET("/clients/add", s.AddClient).Name = s.RouteName("add_client") + s.eg.POST("/clients/add", s.AddClient).Name = s.RouteName("add_client_post") } // ListClients ... func (s *Service) ListClients(c echo.Context) error { gctx := c.(*server.Context) opts := &database.FilterOptions{ - Filter: sq.Eq{"user_id": gctx.User.GetID()}, + Filter: sq.Eq{"owner_id": gctx.User.GetID()}, } clients, err := GetClients(c.Request().Context(), opts) if err != nil { return err } + return gctx.Render(http.StatusOK, "oauth2_clients_list.html", gobwebs.Map{ + "clients": clients, + }) +} + +// AddClient +func (s *Service) AddClient(c echo.Context) error { + gctx := c.(*server.Context) + form := &AddClientForm{} + gmap := gobwebs.Map{ + "form": form, + } + + req := c.Request() + if req.Method == "POST" { + if err := form.Validate(c); err != nil { + gmap["errors"] = err + return gctx.Render(http.StatusOK, "oauth2_add_client.html", gmap) + } + client := &Client{ + OwnerID: int(gctx.User.GetID()), + Name: form.Name, + Description: form.Description, + RedirectURL: form.RedirectURL, + ClientURL: form.ClientURL, + } + client.GenerateKeys() + if err := client.Store(c.Request().Context()); err != nil { + return err + } + if s.helper != nil { + c.Set("client", client) + if err := s.helper.ProcessSuccessfulClientAdd(c); err != nil { + return err + } + } + gmap["client"] = client + return gctx.Render(http.StatusOK, "oauth2_add_client_done.html", gmap) + } + return gctx.Render(http.StatusOK, "oauth2_add_client.html", gmap) } // RouteName ... @@ -40,8 +85,11 @@ } // NewService return service -func NewService(eg *echo.Group) *Service { - service := &Service{name: "oauth2", eg: eg} +func NewService(eg *echo.Group, name string, helper Helper) *Service { + if name == "" { + name = "oauth2" + } + service := &Service{name: name, eg: eg, helper: helper} service.RegisterRoutes() return service } diff --git a/schema.sql b/schema.sql --- a/schema.sql +++ b/schema.sql @@ -14,11 +14,11 @@ CREATE TABLE oauth2_clients ( id serial PRIMARY KEY, owner_id integer NOT NULL REFERENCES users (id) ON DELETE CASCADE NOT NULL, - client_name character varying(256) NOT NULL, - client_description character varying, - client_key character varying NOT NULL UNIQUE - client_secret_hash character varying(128) NOT NULL, - client_secret_partial character varying(8) NOT NULL, + name character varying(256) NOT NULL, + description character varying, + key character varying NOT NULL UNIQUE, + secret_hash character varying(128) NOT NULL, + secret_partial character varying(8) NOT NULL, redirect_url character varying, client_url character varying, revoked boolean DEFAULT false NOT NULL,