From 13f65707e7c7ec7318c83475e811ae70b264952e Mon Sep 17 00:00:00 2001 From: Melora Hugues Date: Sat, 17 Aug 2024 14:23:06 +0200 Subject: [PATCH] Init OIDC client on start with config from DB (#48) --- polyculeconnect/cmd/backend/backend.go | 3 -- polyculeconnect/cmd/serve/serve.go | 37 +++++++++++++++------- polyculeconnect/internal/client/client.go | 23 ++++++++++++++ polyculeconnect/polyculeconnect.db | Bin 118784 -> 118784 bytes 4 files changed, 48 insertions(+), 15 deletions(-) create mode 100644 polyculeconnect/internal/client/client.go diff --git a/polyculeconnect/cmd/backend/backend.go b/polyculeconnect/cmd/backend/backend.go index b971f35..b5b01c5 100644 --- a/polyculeconnect/cmd/backend/backend.go +++ b/polyculeconnect/cmd/backend/backend.go @@ -11,9 +11,6 @@ var backendCmd = &cobra.Command{ Use: "backend", Short: "Handle authentication backends", Long: `Add, Remove or Show currently installed authentication backends`, - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("backend called") - }, } func printProperty(key, value string) { diff --git a/polyculeconnect/cmd/serve/serve.go b/polyculeconnect/cmd/serve/serve.go index 1fd4080..63c7415 100644 --- a/polyculeconnect/cmd/serve/serve.go +++ b/polyculeconnect/cmd/serve/serve.go @@ -9,6 +9,7 @@ import ( "git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd/utils" + "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/client" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/middlewares" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/storage" @@ -45,18 +46,6 @@ func serve() { storageType := utils.InitStorage(conf) logger.L.Infof("Initialized storage backend %q", conf.StorageType) - logger.L.Info("Initializing authentication backends") - - // dex_server.ConnectorsConfig[connector.TypeRefuseAll] = func() dex_server.ConnectorConfig { return new(connector.RefuseAllConfig) } - // connectors, err := dexConf.Storage.ListConnectors() - // if err != nil { - // logger.L.Fatalf("Failed to get existing connectors: %s", err.Error()) - // } - // var connectorIDs []string - // for _, conn := range connectors { - // connectorIDs = append(connectorIDs, conn.ID) - // } - userDB, err := db.New(*conf) if err != nil { utils.Failf("failed to init user DB: %s", err.Error()) @@ -71,6 +60,30 @@ func serve() { op.WithLogger(slogger), op.WithHttpInterceptors(middlewares.WithBackendFromRequestMiddleware), } + + logger.L.Info("Initializing authentication backends") + backends := []*client.OIDCClient{} + backendConfs, err := userDB.BackendStorage().GetAllBackends(context.Background()) + if err != nil { + utils.Failf("failed to get backend configs from the DB: %s", err.Error()) + } + + // TODO: check if we need to do it this way or + // - do a try-loop? + // - only init when using them in a request? + for _, c := range backendConfs { + b, err := client.New(context.Background(), c) + if err != nil { + utils.Failf("failed to init backend client: %s", err.Error()) + } + backends = append(backends, b) + } + if len(backends) == 0 { + logger.L.Warn("No auth backend loaded") + } else { + logger.L.Infof("Initialized %d auth backends", len(backends)) + } + provider, err := op.NewProvider(&opConf, &st, op.StaticIssuer(conf.Issuer), options...) if err != nil { utils.Failf("failed to init OIDC provider: %s", err.Error()) diff --git a/polyculeconnect/internal/client/client.go b/polyculeconnect/internal/client/client.go new file mode 100644 index 0000000..0cccef7 --- /dev/null +++ b/polyculeconnect/internal/client/client.go @@ -0,0 +1,23 @@ +package client + +import ( + "context" + "fmt" + + "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/model" + "github.com/zitadel/oidc/v3/pkg/client/rp" +) + +type OIDCClient struct { + Conf *model.Backend + provider rp.RelyingParty +} + +func New(ctx context.Context, conf *model.Backend) (*OIDCClient, error) { + pr, err := rp.NewRelyingPartyOIDC(ctx, conf.OIDCConfig.Issuer, conf.OIDCConfig.ClientID, conf.OIDCConfig.ClientSecret, conf.OIDCConfig.RedirectURI, []string{}) + if err != nil { + return nil, fmt.Errorf("failed to init relying party provider: %w", err) + } + + return &OIDCClient{Conf: conf, provider: pr}, nil +} diff --git a/polyculeconnect/polyculeconnect.db b/polyculeconnect/polyculeconnect.db index 8cfa771ce82dd4511fe555c0dd4188c2d49c0265..3b23f7a54c5201a4115148b2f9117b487113a872 100644 GIT binary patch delta 266 zcmZozz}~QceS$Qj#zYxsMvcaVtqF`v=Cd*K$20K9Zx&Pt<*#p)V`LB24m8#EG&f5% zu`sqU)U`0RG}1LOOtaKYN=Z)DO*1!2HZnFcNJ%kBDag;MOfJnyP0r8DOHD4xC@Co@ zw$j%}6V^*hOf5>z&(X_GElDjd(M6Lk$;d2@2cpFI;#8L8qSTVsJ`Gtj;wK>u31OS1nQoaBH delta 187 zcmZozz}~QceS$Qj@-7IL(&2Ny&$Q~+cE-LJ4YM5w} zXk=`vYiw#}p=)AhZlG(Knv$ZMWSnT8n4FSmXkwOBl3G0d;d(}4E;DlrLnC7oQ#14F xkJd9PK}@^>H1Qn2g*tO6CozU`F#rL`B|jKsfGp|Ff(|eEIoO#+If2%c000YSF8Kfe