Add login workflow until callback (#48)
Some checks failed
/ docker-build-only (push) Failing after 37s
/ go-test (push) Failing after 1m28s

This commit is contained in:
Melora Hugues 2024-10-06 22:11:58 +02:00
parent 0bfb02f960
commit a0849388a7
20 changed files with 252 additions and 56 deletions

View file

@ -59,7 +59,7 @@ func addNewBackend() {
backendConf := model.Backend{ backendConf := model.Backend{
ID: backendIDUUID, ID: backendIDUUID,
Name: backendName, Name: backendName,
OIDCConfig: model.BackendOIDCConfig{ Config: model.BackendOIDCConfig{
ClientID: backendClientID, ClientID: backendClientID,
ClientSecret: backendClientSecret, ClientSecret: backendClientSecret,
Issuer: backendIssuer, Issuer: backendIssuer,

View file

@ -46,10 +46,10 @@ func showBackend(backendName string, backendService backend.BackendDB) {
fmt.Println("Backend config:") fmt.Println("Backend config:")
printProperty("ID", backendConfig.ID.String()) printProperty("ID", backendConfig.ID.String())
printProperty("Name", backendConfig.Name) printProperty("Name", backendConfig.Name)
printProperty("Issuer", backendConfig.OIDCConfig.Issuer) printProperty("Issuer", backendConfig.Config.Issuer)
printProperty("Client ID", backendConfig.OIDCConfig.ClientID) printProperty("Client ID", backendConfig.Config.ClientID)
printProperty("Client secret", backendConfig.OIDCConfig.ClientSecret) printProperty("Client secret", backendConfig.Config.ClientSecret)
printProperty("Redirect URI", backendConfig.OIDCConfig.RedirectURI) printProperty("Redirect URI", backendConfig.Config.RedirectURI)
} }
func listBackends(backendStorage backend.BackendDB) { func listBackends(backendStorage backend.BackendDB) {
@ -63,7 +63,7 @@ func listBackends(backendStorage backend.BackendDB) {
return return
} }
for _, b := range backends { for _, b := range backends {
fmt.Printf("\t - %s: (%s) - %s\n", b.ID, b.Name, b.OIDCConfig.Issuer) fmt.Printf("\t - %s: (%s) - %s\n", b.ID, b.Name, b.Config.Issuer)
} }
} }

View file

@ -16,6 +16,7 @@ import (
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/server" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/server"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/services" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/services"
"github.com/google/uuid"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"github.com/zitadel/oidc/v3/pkg/op" "github.com/zitadel/oidc/v3/pkg/op"
"go.uber.org/zap/exp/zapslog" "go.uber.org/zap/exp/zapslog"
@ -51,7 +52,9 @@ func serve() {
utils.Failf("failed to init user DB: %s", err.Error()) utils.Failf("failed to init user DB: %s", err.Error())
} }
st := storage.Storage{LocalStorage: userDB} backends := map[uuid.UUID]*client.OIDCClient{}
st := storage.Storage{LocalStorage: userDB, InitializedBackends: backends}
opConf := op.Config{} opConf := op.Config{}
slogger := slog.New(zapslog.NewHandler(logger.L.Desugar().Core(), nil)) slogger := slog.New(zapslog.NewHandler(logger.L.Desugar().Core(), nil))
// slogger := // slogger :=
@ -61,29 +64,28 @@ func serve() {
op.WithHttpInterceptors(middlewares.WithBackendFromRequestMiddleware), op.WithHttpInterceptors(middlewares.WithBackendFromRequestMiddleware),
} }
logger.L.Info("Initializing authentication backends") // logger.L.Info("Initializing authentication backends")
backends := []*client.OIDCClient{} // backendConfs, err := userDB.BackendStorage().GetAllBackends(context.Background())
backendConfs, err := userDB.BackendStorage().GetAllBackends(context.Background()) // if err != nil {
if err != nil { // utils.Failf("failed to get backend configs from the DB: %s", err.Error())
utils.Failf("failed to get backend configs from the DB: %s", err.Error()) // }
}
// TODO: check if we need to do it this way or // TODO: check if we need to do it this way or
// - do a try-loop? // - do a try-loop?
// - only init when using them in a request? // - only init when using them in a request?
for _, c := range backendConfs { // for _, c := range backendConfs {
logger.L.Debugf("Initializing backend %s", c.Name) // logger.L.Debugf("Initializing backend %s", c.Name)
b, err := client.New(context.Background(), c, logger.L) // b, err := client.New(context.Background(), c, logger.L)
if err != nil { // if err != nil {
utils.Failf("failed to init backend client: %s", err.Error()) // utils.Failf("failed to init backend client: %s", err.Error())
} // }
backends = append(backends, b) // backends[c.ID] = b
} // }
if len(backends) == 0 { // if len(backends) == 0 {
logger.L.Warn("No auth backend loaded") // logger.L.Warn("No auth backend loaded")
} else { // } else {
logger.L.Infof("Initialized %d auth backends", len(backends)) // logger.L.Infof("Initialized %d auth backends", len(backends))
} // }
provider, err := op.NewProvider(&opConf, &st, op.StaticIssuer(conf.Issuer), options...) provider, err := op.NewProvider(&opConf, &st, op.StaticIssuer(conf.Issuer), options...)
if err != nil { if err != nil {
@ -95,7 +97,7 @@ func serve() {
} }
logger.L.Info("Initializing server") logger.L.Info("Initializing server")
s, err := server.New(conf, provider, logger.L) s, err := server.New(conf, provider, &st, logger.L)
if err != nil { if err != nil {
logger.L.Fatalf("Failed to initialize server: %s", err.Error()) logger.L.Fatalf("Failed to initialize server: %s", err.Error())
} }

View file

@ -0,0 +1,58 @@
package auth
import (
"net/http"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/helpers"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/storage"
"github.com/google/uuid"
"go.uber.org/zap"
)
const AuthCallbackRoute = "/callback"
type AuthCallbackController struct {
l *zap.SugaredLogger
st *storage.Storage
}
func NewAuthCallbackController(l *zap.SugaredLogger, st *storage.Storage) *AuthCallbackController {
return &AuthCallbackController{
l: l,
st: st,
}
}
func (c *AuthCallbackController) ServeHTTP(w http.ResponseWriter, r *http.Request) {
errMsg := r.URL.Query().Get("error")
if errMsg != "" {
errorDesc := r.URL.Query().Get("error_description")
c.l.Errorf("Failed to perform authentication: %s (%s)", errMsg, errorDesc)
helpers.HandleResponse(w, r, http.StatusInternalServerError, []byte("failed to perform authentication"), c.l)
return
}
code := r.URL.Query().Get("code")
state := r.URL.Query().Get("state")
if code == "" || state == "" {
c.l.Error("Missing code or state in response")
helpers.HandleResponse(w, r, http.StatusInternalServerError, []byte("failed to perform authentication"), c.l)
return
}
requestID, err := uuid.Parse(state)
if err != nil {
c.l.Errorf("Invalid state, should be a request UUID, but got %s: %s", state, err)
helpers.HandleResponse(w, r, http.StatusInternalServerError, []byte("failed to perform authentication"), c.l)
return
}
err = c.st.LocalStorage.AuthRequestStorage().ValidateAuthRequest(r.Context(), requestID)
if err != nil {
c.l.Errorf("Failed to validate auth request from storage: %s", err)
helpers.HandleResponse(w, r, http.StatusInternalServerError, []byte("failed to perform authentication"), c.l)
return
}
http.Redirect(w, r, "/authorize/callback?id="+state, http.StatusFound)
}

View file

@ -0,0 +1,63 @@
package auth
import (
"net/http"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/helpers"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/storage"
"github.com/google/uuid"
"github.com/zitadel/oidc/v3/pkg/client/rp"
"go.uber.org/zap"
)
const AuthRedirectRoute = "/perform_auth"
type AuthRedirectController struct {
l *zap.SugaredLogger
st *storage.Storage
}
func NewAuthRedirectController(l *zap.SugaredLogger, storage *storage.Storage) *AuthRedirectController {
return &AuthRedirectController{
l: l,
st: storage,
}
}
func (c *AuthRedirectController) ServeHTTP(w http.ResponseWriter, r *http.Request) {
requestIDStr := r.URL.Query().Get("request_id")
if requestIDStr == "" {
helpers.HandleResponse(w, r, http.StatusBadRequest, []byte("no request ID in request"), c.l)
return
}
requestID, err := uuid.Parse(requestIDStr)
if err != nil {
c.l.Errorf("Invalid UUID format for request ID: %s", err)
helpers.HandleResponse(w, r, http.StatusBadRequest, []byte("invalid request id"), c.l)
return
}
req, err := c.st.LocalStorage.AuthRequestStorage().GetAuthRequestByID(r.Context(), requestID)
if err != nil {
c.l.Errorf("Failed to get auth request from DB: %s", err)
helpers.HandleResponse(w, r, http.StatusBadRequest, []byte("unknown request id"), c.l)
return
}
backend, err := c.st.LocalStorage.BackendStorage().GetBackendByID(r.Context(), req.BackendID)
if err != nil {
c.l.Errorf("Failed to get backend from DB: %s", err)
helpers.HandleResponse(w, r, http.StatusInternalServerError, []byte("failed to perform auth"), c.l)
return
}
provider, err := rp.NewRelyingPartyOIDC(r.Context(), backend.Config.Issuer, backend.Config.ClientID, backend.Config.ClientSecret, backend.Config.RedirectURI, req.Scopes)
if err != nil {
c.l.Errorf("Failed to init relying party: %s", err)
helpers.HandleResponse(w, r, http.StatusInternalServerError, []byte("failed to perform auth"), c.l)
return
}
rp.AuthURLHandler(func() string { return requestIDStr }, provider).ServeHTTP(w, r)
}

View file

@ -5,35 +5,48 @@ import (
"fmt" "fmt"
"log/slog" "log/slog"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/model"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger"
"github.com/google/uuid"
"github.com/zitadel/oidc/v3/pkg/client/rp" "github.com/zitadel/oidc/v3/pkg/client/rp"
"go.uber.org/zap" "go.uber.org/zap"
"go.uber.org/zap/exp/zapslog" "go.uber.org/zap/exp/zapslog"
) )
type BackendOIDCConfig struct {
Issuer string
ClientID string
ClientSecret string
RedirectURI string
}
type Backend struct {
ID uuid.UUID
Name string
Config BackendOIDCConfig
}
// OIDCClient is an OIDC client which is the client used to access a registered backend
type OIDCClient struct { type OIDCClient struct {
conf *model.Backend backend *Backend
provider rp.RelyingParty provider rp.RelyingParty
ctx context.Context ctx context.Context
st db.Storage
l *zap.SugaredLogger l *zap.SugaredLogger
} }
func New(ctx context.Context, conf *model.Backend, l *zap.SugaredLogger) (*OIDCClient, error) { func New(ctx context.Context, conf *Backend, l *zap.SugaredLogger) (*OIDCClient, error) {
options := []rp.Option{ options := []rp.Option{
rp.WithLogger(slog.New(zapslog.NewHandler(logger.L.Desugar().Core(), nil))), rp.WithLogger(slog.New(zapslog.NewHandler(logger.L.Desugar().Core(), nil))),
} }
pr, err := rp.NewRelyingPartyOIDC(ctx, conf.OIDCConfig.Issuer, conf.OIDCConfig.ClientID, conf.OIDCConfig.ClientSecret, conf.OIDCConfig.RedirectURI, []string{}, options...) pr, err := rp.NewRelyingPartyOIDC(ctx, conf.Config.Issuer, conf.Config.ClientID, conf.Config.ClientSecret, conf.Config.RedirectURI, []string{}, options...)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to init relying party provider: %w", err) return nil, fmt.Errorf("failed to init relying party provider: %w", err)
} }
return &OIDCClient{ctx: ctx, conf: conf, provider: pr, l: l}, nil return &OIDCClient{ctx: ctx, backend: conf, provider: pr, l: l}, nil
} }
func (c *OIDCClient) toto() { func (c *OIDCClient) AuthorizationEndpoint() string {
c.provider.GetDeviceAuthorizationEndpoint() url := rp.AuthURL(uuid.NewString(), c.provider)
return url
} }

View file

@ -14,11 +14,12 @@ import (
var ErrNotFound = errors.New("backend not found") var ErrNotFound = errors.New("backend not found")
const authRequestRows = `"id", "client_id", "backend_id", "scopes", "redirect_uri", "state", "nonce", "response_type", "creation_time"` const authRequestRows = `"id", "client_id", "backend_id", "scopes", "redirect_uri", "state", "nonce", "response_type", "creation_time", "done"`
type AuthRequestDB interface { type AuthRequestDB interface {
GetAuthRequestByID(ctx context.Context, id uuid.UUID) (*model.AuthRequest, error) GetAuthRequestByID(ctx context.Context, id uuid.UUID) (*model.AuthRequest, error)
CreateAuthRequest(ctx context.Context, req model.AuthRequest) error CreateAuthRequest(ctx context.Context, req model.AuthRequest) error
ValidateAuthRequest(ctx context.Context, reqID uuid.UUID) error
} }
type sqlAuthRequestDB struct { type sqlAuthRequestDB struct {
@ -33,7 +34,8 @@ func (db *sqlAuthRequestDB) GetAuthRequestByID(ctx context.Context, id uuid.UUID
var res model.AuthRequest var res model.AuthRequest
var scopesStr []byte var scopesStr []byte
if err := row.Scan(&res.ID, &res.ClientID, &res.BackendID, &scopesStr, &res.RedirectURI, &res.State, &res.Nonce, &res.ResponseType, &res.CreationDate); err != nil { fmt.Println(query)
if err := row.Scan(&res.ID, &res.ClientID, &res.BackendID, &scopesStr, &res.RedirectURI, &res.State, &res.Nonce, &res.ResponseType, &res.CreationDate, &res.DoneVal); err != nil {
return nil, fmt.Errorf("failed to get auth request from DB: %w", err) return nil, fmt.Errorf("failed to get auth request from DB: %w", err)
} }
if err := json.Unmarshal(scopesStr, &res.Scopes); err != nil { if err := json.Unmarshal(scopesStr, &res.Scopes); err != nil {
@ -57,11 +59,11 @@ func (db *sqlAuthRequestDB) CreateAuthRequest(ctx context.Context, req model.Aut
} }
// TODO: when the old table is done, rename into auth_request // TODO: when the old table is done, rename into auth_request
query := fmt.Sprintf(`INSERT INTO "auth_request_2" (%s) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)`, authRequestRows) query := fmt.Sprintf(`INSERT INTO "auth_request_2" (%s) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)`, authRequestRows)
_, err = tx.ExecContext(ctx, query, _, err = tx.ExecContext(ctx, query,
req.ID, req.ClientID, req.BackendID, req.ID, req.ClientID, req.BackendID,
scopesStr, req.RedirectURI, req.State, scopesStr, req.RedirectURI, req.State,
req.Nonce, req.ResponseType, req.CreationDate, req.AuthTime, req.Nonce, req.ResponseType, req.CreationDate, false,
) )
if err != nil { if err != nil {
return fmt.Errorf("failed to insert in DB: %w", err) return fmt.Errorf("failed to insert in DB: %w", err)
@ -74,6 +76,33 @@ func (db *sqlAuthRequestDB) CreateAuthRequest(ctx context.Context, req model.Aut
return nil return nil
} }
func (db *sqlAuthRequestDB) ValidateAuthRequest(ctx context.Context, reqID uuid.UUID) error {
logger.L.Debugf("Validating auth request %s", reqID)
tx, err := db.db.BeginTx(ctx, nil)
if err != nil {
return fmt.Errorf("failed to start transaction: %w", err)
}
defer func() { _ = tx.Rollback() }()
res, err := tx.ExecContext(ctx, `UPDATE "auth_request_2" SET done = true WHERE id = $1`, reqID.String())
if err != nil {
return fmt.Errorf("failed to update in DB: %w", err)
}
affectedRows, err := res.RowsAffected()
if err != nil {
return fmt.Errorf("failed to check number of affected rows: %w", err)
}
if affectedRows != 1 {
return ErrNotFound
}
if err := tx.Commit(); err != nil {
return fmt.Errorf("failed to commit transaction: %w", err)
}
return nil
}
func New(db *sql.DB) *sqlAuthRequestDB { func New(db *sql.DB) *sqlAuthRequestDB {
return &sqlAuthRequestDB{db: db} return &sqlAuthRequestDB{db: db}
} }

View file

@ -37,7 +37,7 @@ type sqlBackendDB struct {
func backendFromRow(row scannable) (*model.Backend, error) { func backendFromRow(row scannable) (*model.Backend, error) {
var res model.Backend var res model.Backend
if err := row.Scan(&res.ID, &res.Name, &res.OIDCConfig.Issuer, &res.OIDCConfig.ClientID, &res.OIDCConfig.ClientSecret, &res.OIDCConfig.RedirectURI); err != nil { if err := row.Scan(&res.ID, &res.Name, &res.Config.Issuer, &res.Config.ClientID, &res.Config.ClientSecret, &res.Config.RedirectURI); err != nil {
if errors.Is(err, sql.ErrNoRows) { if errors.Is(err, sql.ErrNoRows) {
return nil, ErrNotFound return nil, ErrNotFound
} }
@ -89,8 +89,8 @@ func (db *sqlBackendDB) AddBackend(ctx context.Context, newBackend *model.Backen
_, err = tx.ExecContext( _, err = tx.ExecContext(
ctx, query, ctx, query,
newBackend.ID, newBackend.Name, newBackend.ID, newBackend.Name,
newBackend.OIDCConfig.Issuer, newBackend.OIDCConfig.ClientID, newBackend.Config.Issuer, newBackend.Config.ClientID,
newBackend.OIDCConfig.ClientSecret, newBackend.OIDCConfig.RedirectURI, newBackend.Config.ClientSecret, newBackend.Config.RedirectURI,
) )
if err != nil { if err != nil {
return fmt.Errorf("failed to insert in DB: %w", err) return fmt.Errorf("failed to insert in DB: %w", err)

View file

@ -3,7 +3,6 @@ package middlewares
import ( import (
"context" "context"
"net/http" "net/http"
"strings"
) )
const ( const (
@ -16,7 +15,7 @@ type BackendFromRequestMiddleware struct {
} }
func (m *BackendFromRequestMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (m *BackendFromRequestMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if !strings.HasPrefix(r.RequestURI, "/authorize") { if r.URL.Path != "/authorize" {
m.h.ServeHTTP(w, r) m.h.ServeHTTP(w, r)
return return
} }

View file

@ -31,7 +31,8 @@ type AuthRequest struct {
Backend *Backend Backend *Backend
UserID uuid.UUID UserID uuid.UUID
done bool
DoneVal bool
} }
func (a AuthRequest) GetID() string { func (a AuthRequest) GetID() string {
@ -94,7 +95,7 @@ func (a AuthRequest) GetSubject() string {
} }
func (a AuthRequest) Done() bool { func (a AuthRequest) Done() bool {
return a.done return a.DoneVal
} }
func (a *AuthRequest) FromOIDCAuthRequest(req *oidc.AuthRequest, backendID uuid.UUID) { func (a *AuthRequest) FromOIDCAuthRequest(req *oidc.AuthRequest, backendID uuid.UUID) {

View file

@ -10,7 +10,7 @@ type BackendOIDCConfig struct {
} }
type Backend struct { type Backend struct {
ID uuid.UUID ID uuid.UUID
Name string Name string
OIDCConfig BackendOIDCConfig Config BackendOIDCConfig
} }

View file

@ -7,6 +7,7 @@ import (
"github.com/zitadel/oidc/v3/pkg/op" "github.com/zitadel/oidc/v3/pkg/op"
) )
// ClientConfig represents the configuration for a OIDC client app
type ClientConfig struct { type ClientConfig struct {
ID string ID string
Secret string Secret string
@ -16,6 +17,7 @@ type ClientConfig struct {
AuthRequest *AuthRequest AuthRequest *AuthRequest
} }
// Client represents an OIDC client app
type Client struct { type Client struct {
ClientConfig ClientConfig
} }
@ -48,12 +50,14 @@ func (c Client) GrantTypes() []oidc.GrantType {
return []oidc.GrantType{oidc.GrantTypeCode} return []oidc.GrantType{oidc.GrantTypeCode}
} }
// LoginURL returns the login URL for a given client app and auth request.
// This login url should be the authorization URL for the selected OIDC backend
func (c Client) LoginURL(authRequestID string) string { func (c Client) LoginURL(authRequestID string) string {
if c.AuthRequest == nil { if c.AuthRequest == nil {
return "" // we don't have a request, let's return nothing return "" // we don't have a request, let's return nothing
} }
return c.AuthRequest.Backend.OIDCConfig.Issuer return "/perform_auth?request_id=" + authRequestID
} }
func (c Client) AccessTokenType() op.AccessTokenType { func (c Client) AccessTokenType() op.AccessTokenType {

View file

@ -6,6 +6,7 @@ import (
"fmt" "fmt"
"time" "time"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/client"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/model" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/model"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger"
@ -21,7 +22,8 @@ func ErrNotImplemented(name string) error {
// Storage implements the Storage interface from zitadel/oidc/op // Storage implements the Storage interface from zitadel/oidc/op
type Storage struct { type Storage struct {
LocalStorage db.Storage LocalStorage db.Storage
InitializedBackends map[uuid.UUID]*client.OIDCClient
} }
/* /*
@ -56,7 +58,14 @@ func (s *Storage) CreateAuthRequest(ctx context.Context, req *oidc.AuthRequest,
} }
func (s *Storage) AuthRequestByID(ctx context.Context, requestID string) (op.AuthRequest, error) { func (s *Storage) AuthRequestByID(ctx context.Context, requestID string) (op.AuthRequest, error) {
return nil, ErrNotImplemented("AuthRequestByID") logger.L.Debugf("Getting auth request with ID %s", requestID)
id, err := uuid.Parse(requestID)
if err != nil {
return nil, fmt.Errorf("invalid format for uuid: %w", err)
}
return s.LocalStorage.AuthRequestStorage().GetAuthRequestByID(ctx, id)
} }
func (s *Storage) AuthRequestByCode(ctx context.Context, requestCode string) (op.AuthRequest, error) { func (s *Storage) AuthRequestByCode(ctx context.Context, requestCode string) (op.AuthRequest, error) {
@ -64,6 +73,7 @@ func (s *Storage) AuthRequestByCode(ctx context.Context, requestCode string) (op
} }
func (s *Storage) SaveAuthCode(ctx context.Context, id string, code string) error { func (s *Storage) SaveAuthCode(ctx context.Context, id string, code string) error {
logger.L.Debugf("Saving auth code %s for request %s", code, id)
return ErrNotImplemented("SaveAuthCode") return ErrNotImplemented("SaveAuthCode")
} }
@ -127,6 +137,11 @@ func (s *Storage) getClientWithDetails(ctx context.Context, authRequestID uuid.U
return nil, fmt.Errorf("failed to get associated client from local storage: %w", err) return nil, fmt.Errorf("failed to get associated client from local storage: %w", err)
} }
// oidcClient, ok := s.InitializedBackends[backend.ID]
// if !ok {
// return nil, fmt.Errorf("no initialized backend for ID %s", backend.ID)
// }
authRequest.Backend = backend authRequest.Backend = backend
client.AuthRequest = authRequest client.AuthRequest = authRequest

View file

@ -0,0 +1 @@
ALTER TABLE "auth_request_2" DROP COLUMN done;

View file

@ -0,0 +1 @@
ALTER TABLE "auth_request_2" ADD COLUMN done INTEGER NOT NULL DEFAULT 0;

View file

@ -0,0 +1 @@
DROP TABLE "auth_code_2";

View file

@ -0,0 +1,5 @@
CREATE TABLE "auth_code_2" (
id TEXT NOT NULL PRIMARY KEY,
code TEXT NOT NULL,
auth_request_id TEXT NOT NULL
);

BIN
polyculeconnect/polyculeconnect Executable file

Binary file not shown.

Binary file not shown.

View file

@ -9,8 +9,10 @@ import (
"os" "os"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/config" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/config"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/controller/auth"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/controller/ui" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/controller/ui"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/middlewares" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/middlewares"
"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/storage"
"github.com/zitadel/oidc/v3/pkg/op" "github.com/zitadel/oidc/v3/pkg/op"
"go.uber.org/zap" "go.uber.org/zap"
) )
@ -42,7 +44,7 @@ func newUnixListener(sockPath string) (net.Listener, error) {
return sock, nil return sock, nil
} }
func New(appConf *config.AppConfig, oidcHandler *op.Provider, logger *zap.SugaredLogger) (*Server, error) { func New(appConf *config.AppConfig, oidcHandler *op.Provider, st *storage.Storage, logger *zap.SugaredLogger) (*Server, error) {
var listener net.Listener var listener net.Listener
var addr string var addr string
var err error var err error
@ -64,8 +66,10 @@ func New(appConf *config.AppConfig, oidcHandler *op.Provider, logger *zap.Sugare
} }
controllers := map[string]http.Handler{ controllers := map[string]http.Handler{
ui.StaticRoute: middlewares.WithLogger(ui.NewStaticController(appConf.StaticDir), logger), auth.AuthCallbackRoute: middlewares.WithLogger(auth.NewAuthCallbackController(logger, st), logger),
"/": middlewares.WithLogger(ui.NewIndexController(logger, oidcHandler, appConf.StaticDir), logger), auth.AuthRedirectRoute: middlewares.WithLogger(auth.NewAuthRedirectController(logger, st), logger),
ui.StaticRoute: middlewares.WithLogger(ui.NewStaticController(appConf.StaticDir), logger),
"/": middlewares.WithLogger(ui.NewIndexController(logger, oidcHandler, appConf.StaticDir), logger),
} }
m := http.NewServeMux() m := http.NewServeMux()