mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2025-12-18 22:22:30 +00:00
feat: create oauth broker service
This commit is contained in:
Stavros
@@ -5,9 +5,8 @@ import (
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
"tinyauth/internal/auth"
|
||||
"tinyauth/internal/providers"
|
||||
"tinyauth/internal/types"
|
||||
"tinyauth/internal/config"
|
||||
"tinyauth/internal/service"
|
||||
"tinyauth/internal/utils"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
@@ -26,18 +25,18 @@ type OAuthControllerConfig struct {
|
||||
}
|
||||
|
||||
type OAuthController struct {
|
||||
Config OAuthControllerConfig
|
||||
Router *gin.RouterGroup
|
||||
Auth *auth.Auth
|
||||
Providers *providers.Providers
|
||||
Config OAuthControllerConfig
|
||||
Router *gin.RouterGroup
|
||||
Auth *service.AuthService
|
||||
Broker *service.OAuthBrokerService
|
||||
}
|
||||
|
||||
func NewOAuthController(config OAuthControllerConfig, router *gin.RouterGroup, auth *auth.Auth, providers *providers.Providers) *OAuthController {
|
||||
func NewOAuthController(config OAuthControllerConfig, router *gin.RouterGroup, auth *service.AuthService, broker *service.OAuthBrokerService) *OAuthController {
|
||||
return &OAuthController{
|
||||
Config: config,
|
||||
Router: router,
|
||||
Auth: auth,
|
||||
Providers: providers,
|
||||
Config: config,
|
||||
Router: router,
|
||||
Auth: auth,
|
||||
Broker: broker,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -59,9 +58,9 @@ func (controller *OAuthController) oauthURLHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
provider := controller.Providers.GetProvider(req.Provider)
|
||||
service, exists := controller.Broker.GetService(req.Provider)
|
||||
|
||||
if provider == nil {
|
||||
if !exists {
|
||||
c.JSON(404, gin.H{
|
||||
"status": 404,
|
||||
"message": "Not Found",
|
||||
@@ -69,8 +68,8 @@ func (controller *OAuthController) oauthURLHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
state := provider.GenerateState()
|
||||
authURL := provider.GetAuthURL(state)
|
||||
state := service.GenerateState()
|
||||
authURL := service.GetAuthURL(state)
|
||||
c.SetCookie(controller.Config.CSRFCookieName, state, int(time.Hour.Seconds()), "/", "", controller.Config.SecureCookie, true)
|
||||
|
||||
redirectURI := c.Query("redirect_uri")
|
||||
@@ -109,20 +108,20 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
|
||||
c.SetCookie(controller.Config.CSRFCookieName, "", -1, "/", "", controller.Config.SecureCookie, true)
|
||||
|
||||
code := c.Query("code")
|
||||
provider := controller.Providers.GetProvider(req.Provider)
|
||||
service, exists := controller.Broker.GetService(req.Provider)
|
||||
|
||||
if provider == nil {
|
||||
if !exists {
|
||||
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.Config.AppURL))
|
||||
return
|
||||
}
|
||||
|
||||
_, err = provider.ExchangeToken(code)
|
||||
err = service.VerifyCode(code)
|
||||
if err != nil {
|
||||
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.Config.AppURL))
|
||||
return
|
||||
}
|
||||
|
||||
user, err := controller.Providers.GetUser(req.Provider)
|
||||
user, err := controller.Broker.GetUser(req.Provider)
|
||||
|
||||
if err != nil {
|
||||
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.Config.AppURL))
|
||||
@@ -135,7 +134,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
|
||||
}
|
||||
|
||||
if !controller.Auth.EmailWhitelisted(user.Email) {
|
||||
queries, err := query.Values(types.UnauthorizedQuery{
|
||||
queries, err := query.Values(config.UnauthorizedQuery{
|
||||
Username: user.Email,
|
||||
})
|
||||
|
||||
@@ -156,7 +155,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
|
||||
name = fmt.Sprintf("%s (%s)", utils.Capitalize(strings.Split(user.Email, "@")[0]), strings.Split(user.Email, "@")[1])
|
||||
}
|
||||
|
||||
controller.Auth.CreateSessionCookie(c, &types.SessionCookie{
|
||||
controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
|
||||
Username: user.Email,
|
||||
Name: name,
|
||||
Email: user.Email,
|
||||
@@ -171,7 +170,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
queries, err := query.Values(types.RedirectQuery{
|
||||
queries, err := query.Values(config.RedirectQuery{
|
||||
RedirectURI: redirectURI,
|
||||
})
|
||||
|
||||
|
||||
@@ -4,9 +4,8 @@ import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
"tinyauth/internal/auth"
|
||||
"tinyauth/internal/docker"
|
||||
"tinyauth/internal/types"
|
||||
"tinyauth/internal/config"
|
||||
"tinyauth/internal/service"
|
||||
"tinyauth/internal/utils"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
@@ -24,11 +23,11 @@ type ProxyControllerConfig struct {
|
||||
type ProxyController struct {
|
||||
Config ProxyControllerConfig
|
||||
Router *gin.RouterGroup
|
||||
Docker *docker.Docker
|
||||
Auth *auth.Auth
|
||||
Docker *service.DockerService
|
||||
Auth *service.AuthService
|
||||
}
|
||||
|
||||
func NewProxyController(config ProxyControllerConfig, router *gin.RouterGroup, docker *docker.Docker, auth *auth.Auth) *ProxyController {
|
||||
func NewProxyController(config ProxyControllerConfig, router *gin.RouterGroup, docker *service.DockerService, auth *service.AuthService) *ProxyController {
|
||||
return &ProxyController{
|
||||
Config: config,
|
||||
Router: router,
|
||||
@@ -109,7 +108,7 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
queries, err := query.Values(types.UnauthorizedQuery{
|
||||
queries, err := query.Values(config.UnauthorizedQuery{
|
||||
Resource: strings.Split(host, ".")[0],
|
||||
IP: clientIP,
|
||||
})
|
||||
@@ -157,12 +156,12 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
var userContext types.UserContext
|
||||
var userContext config.UserContext
|
||||
|
||||
context, err := utils.GetContext(c)
|
||||
|
||||
if err != nil {
|
||||
userContext = types.UserContext{
|
||||
userContext = config.UserContext{
|
||||
IsLoggedIn: false,
|
||||
}
|
||||
} else {
|
||||
@@ -185,7 +184,7 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
queries, err := query.Values(types.UnauthorizedQuery{
|
||||
queries, err := query.Values(config.UnauthorizedQuery{
|
||||
Resource: strings.Split(host, ".")[0],
|
||||
})
|
||||
|
||||
@@ -216,7 +215,7 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
queries, err := query.Values(types.UnauthorizedQuery{
|
||||
queries, err := query.Values(config.UnauthorizedQuery{
|
||||
Resource: strings.Split(host, ".")[0],
|
||||
GroupErr: true,
|
||||
})
|
||||
@@ -268,7 +267,7 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
queries, err := query.Values(types.RedirectQuery{
|
||||
queries, err := query.Values(config.RedirectQuery{
|
||||
RedirectURI: fmt.Sprintf("%s://%s%s", proto, host, uri),
|
||||
})
|
||||
|
||||
|
||||
@@ -3,8 +3,8 @@ package controller
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
"tinyauth/internal/auth"
|
||||
"tinyauth/internal/types"
|
||||
"tinyauth/internal/config"
|
||||
"tinyauth/internal/service"
|
||||
"tinyauth/internal/utils"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
@@ -27,10 +27,10 @@ type UserControllerConfig struct {
|
||||
type UserController struct {
|
||||
Config UserControllerConfig
|
||||
Router *gin.RouterGroup
|
||||
Auth *auth.Auth
|
||||
Auth *service.AuthService
|
||||
}
|
||||
|
||||
func NewUserController(config UserControllerConfig, router *gin.RouterGroup, auth *auth.Auth) *UserController {
|
||||
func NewUserController(config UserControllerConfig, router *gin.RouterGroup, auth *service.AuthService) *UserController {
|
||||
return &UserController{
|
||||
Config: config,
|
||||
Router: router,
|
||||
@@ -101,7 +101,7 @@ func (controller *UserController) loginHandler(c *gin.Context) {
|
||||
user := controller.Auth.GetLocalUser(userSearch.Username)
|
||||
|
||||
if user.TotpSecret != "" {
|
||||
controller.Auth.CreateSessionCookie(c, &types.SessionCookie{
|
||||
controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
|
||||
Username: user.Username,
|
||||
Name: utils.Capitalize(req.Username),
|
||||
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.Domain),
|
||||
@@ -118,7 +118,7 @@ func (controller *UserController) loginHandler(c *gin.Context) {
|
||||
}
|
||||
}
|
||||
|
||||
controller.Auth.CreateSessionCookie(c, &types.SessionCookie{
|
||||
controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
|
||||
Username: req.Username,
|
||||
Name: utils.Capitalize(req.Username),
|
||||
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.Domain),
|
||||
@@ -202,7 +202,7 @@ func (controller *UserController) totpHandler(c *gin.Context) {
|
||||
|
||||
controller.Auth.RecordLoginAttempt(rateIdentifier, true)
|
||||
|
||||
controller.Auth.CreateSessionCookie(c, &types.SessionCookie{
|
||||
controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
|
||||
Username: user.Username,
|
||||
Name: utils.Capitalize(user.Username),
|
||||
Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), controller.Config.Domain),
|
||||
|
||||
Reference in New Issue
Block a user