diff --git a/polyculeconnect/cmd/backend/backend.go b/polyculeconnect/cmd/backend/backend.go index b971f35..b5b01c5 100644 --- a/polyculeconnect/cmd/backend/backend.go +++ b/polyculeconnect/cmd/backend/backend.go @@ -11,9 +11,6 @@ var backendCmd = &cobra.Command{ Use: "backend", Short: "Handle authentication backends", Long: `Add, Remove or Show currently installed authentication backends`, - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("backend called") - }, } func printProperty(key, value string) { diff --git a/polyculeconnect/cmd/serve/serve.go b/polyculeconnect/cmd/serve/serve.go index 1fd4080..63c7415 100644 --- a/polyculeconnect/cmd/serve/serve.go +++ b/polyculeconnect/cmd/serve/serve.go @@ -9,6 +9,7 @@ import ( "git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd/utils" + "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/client" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/middlewares" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/storage" @@ -45,18 +46,6 @@ func serve() { storageType := utils.InitStorage(conf) logger.L.Infof("Initialized storage backend %q", conf.StorageType) - logger.L.Info("Initializing authentication backends") - - // dex_server.ConnectorsConfig[connector.TypeRefuseAll] = func() dex_server.ConnectorConfig { return new(connector.RefuseAllConfig) } - // connectors, err := dexConf.Storage.ListConnectors() - // if err != nil { - // logger.L.Fatalf("Failed to get existing connectors: %s", err.Error()) - // } - // var connectorIDs []string - // for _, conn := range connectors { - // connectorIDs = append(connectorIDs, conn.ID) - // } - userDB, err := db.New(*conf) if err != nil { utils.Failf("failed to init user DB: %s", err.Error()) @@ -71,6 +60,30 @@ func serve() { op.WithLogger(slogger), op.WithHttpInterceptors(middlewares.WithBackendFromRequestMiddleware), } + + logger.L.Info("Initializing authentication backends") + backends := []*client.OIDCClient{} + backendConfs, err := userDB.BackendStorage().GetAllBackends(context.Background()) + if err != nil { + utils.Failf("failed to get backend configs from the DB: %s", err.Error()) + } + + // TODO: check if we need to do it this way or + // - do a try-loop? + // - only init when using them in a request? + for _, c := range backendConfs { + b, err := client.New(context.Background(), c) + if err != nil { + utils.Failf("failed to init backend client: %s", err.Error()) + } + backends = append(backends, b) + } + if len(backends) == 0 { + logger.L.Warn("No auth backend loaded") + } else { + logger.L.Infof("Initialized %d auth backends", len(backends)) + } + provider, err := op.NewProvider(&opConf, &st, op.StaticIssuer(conf.Issuer), options...) if err != nil { utils.Failf("failed to init OIDC provider: %s", err.Error()) diff --git a/polyculeconnect/internal/client/client.go b/polyculeconnect/internal/client/client.go new file mode 100644 index 0000000..0cccef7 --- /dev/null +++ b/polyculeconnect/internal/client/client.go @@ -0,0 +1,23 @@ +package client + +import ( + "context" + "fmt" + + "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/model" + "github.com/zitadel/oidc/v3/pkg/client/rp" +) + +type OIDCClient struct { + Conf *model.Backend + provider rp.RelyingParty +} + +func New(ctx context.Context, conf *model.Backend) (*OIDCClient, error) { + pr, err := rp.NewRelyingPartyOIDC(ctx, conf.OIDCConfig.Issuer, conf.OIDCConfig.ClientID, conf.OIDCConfig.ClientSecret, conf.OIDCConfig.RedirectURI, []string{}) + if err != nil { + return nil, fmt.Errorf("failed to init relying party provider: %w", err) + } + + return &OIDCClient{Conf: conf, provider: pr}, nil +} diff --git a/polyculeconnect/polyculeconnect.db b/polyculeconnect/polyculeconnect.db index 8cfa771..3b23f7a 100644 Binary files a/polyculeconnect/polyculeconnect.db and b/polyculeconnect/polyculeconnect.db differ