PolyculeConnect/polycule-connect
4
0
Fork 0
Code Issues Pull requests 1 Releases Packages Wiki Activity Actions
polycule-connect/polyculeconnect/internal/storage/storage.go

147 lines
4.8 KiB
Go
Raw Normal View History

feat: start replacing dex with zitadel (#48) Start the process of replacing dex with zitadel, this commit is absolutely not prod-ready, basically we just added zitatel, and the necessary elements to make it work to at least getting a client from the DB - replace logrus with zap - start our own storage for the users - instanciate zitaled on start - allow getting client using the ID from the DB
2024-08-15 16:25:15 +00:00
package storage
import (
"context"
Add basic way to get backend from query (#48) Because polyculeconnect is a OIDC proxy, we need to know which auth backend to use. This is provided using a query param or a form, so we need to get it from our own middleware. This commit adds the following elements: - basic DB storage for the backends - support for DB migrations and a first test migration (not definitive) - middleware to get the backend from the request and put it in the context - test that the backend exists in the auth flow
2024-08-16 09:02:44 +00:00
"errors"
feat: start replacing dex with zitadel (#48) Start the process of replacing dex with zitadel, this commit is absolutely not prod-ready, basically we just added zitatel, and the necessary elements to make it work to at least getting a client from the DB - replace logrus with zap - start our own storage for the users - instanciate zitaled on start - allow getting client using the ID from the DB
2024-08-15 16:25:15 +00:00
"fmt"
"time"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db"
"github.com/go-jose/go-jose/v4"
"github.com/zitadel/oidc/v3/pkg/oidc"
"github.com/zitadel/oidc/v3/pkg/op"
)
func ErrNotImplemented(name string) error {
return fmt.Errorf("%s is not implemented", name)
}
// Storage implements the Storage interface from zitadel/oidc/op
type Storage struct {
Add basic way to get backend from query (#48) Because polyculeconnect is a OIDC proxy, we need to know which auth backend to use. This is provided using a query param or a form, so we need to get it from our own middleware. This commit adds the following elements: - basic DB storage for the backends - support for DB migrations and a first test migration (not definitive) - middleware to get the backend from the request and put it in the context - test that the backend exists in the auth flow
2024-08-16 09:02:44 +00:00
LocalStorage db.Storage
feat: start replacing dex with zitadel (#48) Start the process of replacing dex with zitadel, this commit is absolutely not prod-ready, basically we just added zitatel, and the necessary elements to make it work to at least getting a client from the DB - replace logrus with zap - start our own storage for the users - instanciate zitaled on start - allow getting client using the ID from the DB
2024-08-15 16:25:15 +00:00
}
/*
Auth storage interface
*/
func (s *Storage) CreateAuthRequest(ctx context.Context, req *oidc.AuthRequest, userID string) (op.AuthRequest, error) {
Add basic way to get backend from query (#48) Because polyculeconnect is a OIDC proxy, we need to know which auth backend to use. This is provided using a query param or a form, so we need to get it from our own middleware. This commit adds the following elements: - basic DB storage for the backends - support for DB migrations and a first test migration (not definitive) - middleware to get the backend from the request and put it in the context - test that the backend exists in the auth flow
2024-08-16 09:02:44 +00:00
// validate that the connector is correct
backendName, ok := stringFromCtx(ctx, "backendName")
if !ok {
return nil, errors.New("no backend name provided")
}
_, err := s.LocalStorage.BackendStorage().GetBackendByName(ctx, backendName)
if err != nil {
return nil, fmt.Errorf("failed to get backend: %w", err)
}
feat: start replacing dex with zitadel (#48) Start the process of replacing dex with zitadel, this commit is absolutely not prod-ready, basically we just added zitatel, and the necessary elements to make it work to at least getting a client from the DB - replace logrus with zap - start our own storage for the users - instanciate zitaled on start - allow getting client using the ID from the DB
2024-08-15 16:25:15 +00:00
return nil, ErrNotImplemented("CreateAuthRequest")
}
func (s *Storage) AuthRequestByID(ctx context.Context, requestID string) (op.AuthRequest, error) {
return nil, ErrNotImplemented("AuthRequestByID")
}
func (s *Storage) AuthRequestByCode(ctx context.Context, requestCode string) (op.AuthRequest, error) {
return nil, ErrNotImplemented("AuthRequestByCode")
}
func (s *Storage) SaveAuthCode(ctx context.Context, id string, code string) error {
return ErrNotImplemented("SaveAuthCode")
}
func (s *Storage) DeleteAuthRequest(ctx context.Context, id string) error {
return ErrNotImplemented("DeleteAuthRequest")
}
func (s *Storage) CreateAccessToken(ctx context.Context, req op.TokenRequest) (accessTokenID string, expiration time.Time, err error) {
return "", time.Time{}, ErrNotImplemented("CreateAccessToken")
}
func (s *Storage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error) {
return "", "", time.Time{}, ErrNotImplemented("CreateAccessAndRefreshTokens")
}
func (s *Storage) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (op.RefreshTokenRequest, error) {
return nil, ErrNotImplemented("TokenRequestByRefreshToken")
}
func (s *Storage) TerminateSession(ctx context.Context, userID string, clientID string) error {
return ErrNotImplemented("TerminateSession")
}
func (s *Storage) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error {
return nil
}
func (s *Storage) GetRefreshTokenInfo(ctx context.Context, clientID string, stoken string) (string, string, error) {
return "", "", ErrNotImplemented("GetRefreshTokenInfo")
}
func (s *Storage) SigningKey(ctx context.Context) (op.SigningKey, error) {
return nil, ErrNotImplemented("SigningKey")
}
func (s *Storage) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error) {
return nil, ErrNotImplemented("SignatureAlgorithms")
}
func (s *Storage) KeySet(ctx context.Context) ([]op.Key, error) {
return nil, ErrNotImplemented("KeySet")
}
/*
OP storage
*/
func (s *Storage) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error) {
Add basic way to get backend from query (#48) Because polyculeconnect is a OIDC proxy, we need to know which auth backend to use. This is provided using a query param or a form, so we need to get it from our own middleware. This commit adds the following elements: - basic DB storage for the backends - support for DB migrations and a first test migration (not definitive) - middleware to get the backend from the request and put it in the context - test that the backend exists in the auth flow
2024-08-16 09:02:44 +00:00
clt, err := s.LocalStorage.ClientStorage().GetClientByID(ctx, clientID)
feat: start replacing dex with zitadel (#48) Start the process of replacing dex with zitadel, this commit is absolutely not prod-ready, basically we just added zitatel, and the necessary elements to make it work to at least getting a client from the DB - replace logrus with zap - start our own storage for the users - instanciate zitaled on start - allow getting client using the ID from the DB
2024-08-15 16:25:15 +00:00
if err != nil {
return nil, fmt.Errorf("failed to get client from local storage: %w", err)
}
return clt, nil
}
func (s *Storage) AuthorizeClientIDSecret(ctx context.Context, clientID, clientSecret string) error {
return ErrNotImplemented("AuthorizeClientIDSecret")
}
func (s *Storage) SetUserinfoFromScopes(ctx context.Context, userinfo *oidc.UserInfo, userID, clientID string, scopes []string) error {
return ErrNotImplemented("SetUserinfoFromScopes")
}
func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo *oidc.UserInfo, tokenID, subject, origin string) error {
return ErrNotImplemented("SetUserinfoFromToken")
}
func (s *Storage) SetIntrospectionFromToken(ctx context.Context, userinfo *oidc.IntrospectionResponse, tokenID, subject, clientID string) error {
return ErrNotImplemented("SetIntrospectionFromToken")
}
func (s *Storage) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (map[string]interface{}, error) {
return nil, ErrNotImplemented("GetPrivateClaimsFromScopes")
}
func (s *Storage) GetKeyByIDAndClientID(ctx context.Context, keyID, clientID string) (*jose.JSONWebKey, error) {
return nil, ErrNotImplemented("GetKeyByIDAndClientID")
}
func (s *Storage) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error) {
return nil, ErrNotImplemented("ValidateJWTProfileScopes")
}
func (s *Storage) Health(ctx context.Context) error {
return ErrNotImplemented("Health")
}
Add basic way to get backend from query (#48) Because polyculeconnect is a OIDC proxy, we need to know which auth backend to use. This is provided using a query param or a form, so we need to get it from our own middleware. This commit adds the following elements: - basic DB storage for the backends - support for DB migrations and a first test migration (not definitive) - middleware to get the backend from the request and put it in the context - test that the backend exists in the auth flow
2024-08-16 09:02:44 +00:00
func stringFromCtx(ctx context.Context, key string) (string, bool) {
rawVal := ctx.Value(key)
if rawVal == nil {
return "", false
}
val, ok := rawVal.(string)
return val, ok
}
Copy permalink