barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-02-28 03:42:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: oidc client create command (#672)

Browse Source 
* feat: add oidc client create command

* refactor: use own utility for creating random strings (more flexible
than stdlib)

* feat: validate client name to avoid config errors

* refactor: limit to only alphanumeric characters and hyphens

* refactor: remove the need of the logger in the create oidc client cmd
This commit is contained in:
Stavros
2026-02-26 16:28:58 +01:00
committed by GitHub
parent 5acac0e016
commit 4a1889c20b
9 changed files with 77 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/controller/oidc_controller.go
View File

@@ -1,7 +1,6 @@
package controller
import (
"crypto/rand"
"errors"
"fmt"
"net/http"
@@ -145,7 +144,7 @@ func (controller *OIDCController) Authorize(c *gin.Context) {
// WARNING: Since Tinyauth is stateless, we cannot have a sub that never changes. We will just create a uuid out of the username and client name which remains stable, but if username or client name changes then sub changes too.
sub := utils.GenerateUUID(fmt.Sprintf("%s:%s", userContext.Username, client.ID))
code := rand.Text()
code := utils.GenerateString(32)
// Before storing the code, delete old session
err = controller.oidc.DeleteOldSession(c, sub)

8
internal/service/oidc_service.go
View File

@@ -403,8 +403,8 @@ func (service *OIDCService) GenerateAccessToken(c *gin.Context, client config.OI
return TokenResponse{}, err
}
accessToken := rand.Text()
refreshToken := rand.Text()
accessToken := utils.GenerateString(32)
refreshToken := utils.GenerateString(32)
tokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry) * time.Second).Unix()
@@ -464,8 +464,8 @@ func (service *OIDCService) RefreshAccessToken(c *gin.Context, refreshToken stri
return TokenResponse{}, err
}
accessToken := rand.Text()
newRefreshToken := rand.Text()
accessToken := utils.GenerateString(32)
newRefreshToken := utils.GenerateString(32)
tokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry) * time.Second).Unix()
refrshTokenExpiresAt := time.Now().Add(time.Duration(service.config.SessionExpiry*2) * time.Second).Unix()

7
internal/utils/security_utils.go
View File

@@ -1,6 +1,7 @@
package utils
import (
"crypto/rand"
"encoding/base64"
"errors"
"net"
@@ -105,3 +106,9 @@ func GenerateUUID(str string) string {
uuid := uuid.NewSHA1(uuid.NameSpaceURL, []byte(str))
return uuid.String()
}
func GenerateString(length int) string {
src := make([]byte, length)
rand.Read(src)
return base64.RawURLEncoding.EncodeToString(src)[:length]
}