polyculeconnect/cmd/backend/backend.go

@@ -11,6 +11,9 @@ var backendCmd = &cobra.Command{
 	Use:   "backend",
 	Short: "Handle authentication backends",
 	Long:  `Add, Remove or Show currently installed authentication backends`,
+	Run: func(cmd *cobra.Command, args []string) {
+		fmt.Println("backend called")
+	},
 }
 
 func printProperty(key, value string) {

polyculeconnect/cmd/serve/serve.go

@@ -9,7 +9,6 @@ import (
 
 	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd"
 	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd/utils"
-	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/client"
 	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db"
 	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/middlewares"
 	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/storage"
@@ -46,6 +45,18 @@ func serve() {
 	storageType := utils.InitStorage(conf)
 	logger.L.Infof("Initialized storage backend %q", conf.StorageType)
 
+	logger.L.Info("Initializing authentication backends")
+
+	// dex_server.ConnectorsConfig[connector.TypeRefuseAll] = func() dex_server.ConnectorConfig { return new(connector.RefuseAllConfig) }
+	// connectors, err := dexConf.Storage.ListConnectors()
+	// if err != nil {
+	// 	logger.L.Fatalf("Failed to get existing connectors: %s", err.Error())
+	// }
+	// var connectorIDs []string
+	// for _, conn := range connectors {
+	// 	connectorIDs = append(connectorIDs, conn.ID)
+	// }
+
 	userDB, err := db.New(*conf)
 	if err != nil {
 		utils.Failf("failed to init user DB: %s", err.Error())
@@ -60,30 +71,6 @@ func serve() {
 		op.WithLogger(slogger),
 		op.WithHttpInterceptors(middlewares.WithBackendFromRequestMiddleware),
 	}
-
-	logger.L.Info("Initializing authentication backends")
-	backends := []*client.OIDCClient{}
-	backendConfs, err := userDB.BackendStorage().GetAllBackends(context.Background())
-	if err != nil {
-		utils.Failf("failed to get backend configs from the DB: %s", err.Error())
-	}
-
-	// TODO: check if we need to do it this way or
-	// 	- do a try-loop?
-	//	- only init when using them in a request?
-	for _, c := range backendConfs {
-		b, err := client.New(context.Background(), c)
-		if err != nil {
-			utils.Failf("failed to init backend client: %s", err.Error())
-		}
-		backends = append(backends, b)
-	}
-	if len(backends) == 0 {
-		logger.L.Warn("No auth backend loaded")
-	} else {
-		logger.L.Infof("Initialized %d auth backends", len(backends))
-	}
-
 	provider, err := op.NewProvider(&opConf, &st, op.StaticIssuer(conf.Issuer), options...)
 	if err != nil {
 		utils.Failf("failed to init OIDC provider: %s", err.Error())

polyculeconnect/internal/client/client.go

@@ -1,23 +0,0 @@
-package client
-
-import (
-	"context"
-	"fmt"
-
-	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/model"
-	"github.com/zitadel/oidc/v3/pkg/client/rp"
-)
-
-type OIDCClient struct {
-	Conf     *model.Backend
-	provider rp.RelyingParty
-}
-
-func New(ctx context.Context, conf *model.Backend) (*OIDCClient, error) {
-	pr, err := rp.NewRelyingPartyOIDC(ctx, conf.OIDCConfig.Issuer, conf.OIDCConfig.ClientID, conf.OIDCConfig.ClientSecret, conf.OIDCConfig.RedirectURI, []string{})
-	if err != nil {
-		return nil, fmt.Errorf("failed to init relying party provider: %w", err)
-	}
-
-	return &OIDCClient{Conf: conf, provider: pr}, nil
-}

polyculeconnect/internal/middlewares/test.go

@@ -3,7 +3,6 @@ package middlewares
 import (
 	"context"
 	"net/http"
-	"strings"
 )
 
 const (
@@ -16,11 +15,6 @@ type BackendFromRequestMiddleware struct {
 }
 
 func (m *BackendFromRequestMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if !strings.HasPrefix(r.RequestURI, "/authorize") {
-		m.h.ServeHTTP(w, r)
-		return
-	}
-
 	if err := r.ParseForm(); err != nil {
 		// TODO: handle this better
 		w.WriteHeader(http.StatusBadRequest)

polyculeconnect/internal/model/authrequest.go

@@ -1,116 +0,0 @@
-package model
-
-import (
-	"fmt"
-	"strings"
-	"time"
-
-	"github.com/google/uuid"
-	"github.com/zitadel/oidc/v3/pkg/oidc"
-)
-
-// AuthRequest also implements the op.AuthRequest interface
-type AuthRequest struct {
-	ID          uuid.UUID
-	ClientID    string
-	Scopes      []string
-	RedirectURI string
-	State       string
-	Nonce       string
-
-	ResponseType string
-
-	CreationDate time.Time
-	AuthTime     time.Time
-
-	// TODO mapping to claims to be added I guess
-
-	CodeChallenge       string
-	CodeChallengeMethod string
-
-	BackendID uuid.UUID
-	UserID    uuid.UUID
-	done      bool
-}
-
-func (a AuthRequest) GetID() string {
-	return a.ID.String()
-}
-
-func (a AuthRequest) GetACR() string {
-	return "" // TODO: the hell is ACR???
-}
-
-func (a AuthRequest) GetAMR() []string {
-	return []string{} // TODO: the hell is this???
-}
-
-func (a AuthRequest) GetAudience() []string {
-	return []string{a.ID.String()} // TODO: check if we need to return something else
-}
-
-func (a AuthRequest) GetAuthTime() time.Time {
-	return a.AuthTime
-}
-
-func (a AuthRequest) GetClientID() string {
-	return a.ClientID
-}
-
-func (a AuthRequest) GetCodeChallenge() *oidc.CodeChallenge {
-	return &oidc.CodeChallenge{
-		Challenge: a.CodeChallenge,
-		Method:    oidc.CodeChallengeMethod(a.CodeChallengeMethod),
-	}
-}
-
-func (a AuthRequest) GetNonce() string {
-	return a.Nonce
-}
-
-func (a AuthRequest) GetRedirectURI() string {
-	return a.RedirectURI
-}
-
-func (a AuthRequest) GetResponseType() oidc.ResponseType {
-	return oidc.ResponseType(a.ResponseType)
-}
-
-func (a AuthRequest) GetResponseMode() oidc.ResponseMode {
-	return oidc.ResponseModeQuery // TODO: check if this is good
-}
-
-func (a AuthRequest) GetScopes() []string {
-	return a.Scopes
-}
-
-func (a AuthRequest) GetState() string {
-	return a.State
-}
-
-func (a AuthRequest) GetSubject() string {
-	return a.UserID.String()
-}
-
-func (a AuthRequest) Done() bool {
-	return a.done
-}
-
-func (a *AuthRequest) FromOIDCAuthRequest(req *oidc.AuthRequest, backendID uuid.UUID) {
-	fmt.Println(req)
-
-	a.ID = uuid.New()
-	a.ClientID = req.ClientID
-	a.Scopes = strings.Split(req.Scopes.String(), " ")
-	a.RedirectURI = req.RedirectURI
-	a.State = req.State
-	a.Nonce = req.Nonce
-	a.ResponseType = string(req.ResponseType)
-	a.CreationDate = time.Now().UTC()
-	a.CodeChallenge = req.CodeChallenge
-	a.CodeChallengeMethod = string(req.CodeChallengeMethod)
-	a.BackendID = backendID
-
-	fmt.Println(a)
-
-}

polyculeconnect/internal/model/client.go

@@ -13,7 +13,6 @@ type ClientConfig struct {
 	RedirectURIs []string
 	TrustedPeers []string
 	Name         string
-	AuthRequest  *AuthRequest
 }
 
 type Client struct {
@@ -48,13 +47,8 @@ func (c Client) GrantTypes() []oidc.GrantType {
 	return []oidc.GrantType{oidc.GrantTypeCode}
 }
 
-func (c Client) LoginURL(authRequestID string) string {
+func (c Client) LoginURL(id string) string {
-	// here we have the requestID, meaning we should:
+	return id
-	//	- get the request from its ID
-	//	- get the associated backend
-	//	- build the correct URI to use as a redirection, which is from the backend
-	//	- afterwards would should basically handle it as a OIDC client
-	return authRequestID
 }
 
 func (c Client) AccessTokenType() op.AccessTokenType {

polyculeconnect/internal/storage/storage.go

@@ -7,7 +7,6 @@ import (
 	"time"
 
 	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/db"
-	"git.faercol.me/faercol/polyculeconnect/polyculeconnect/internal/model"
 	"github.com/go-jose/go-jose/v4"
 	"github.com/zitadel/oidc/v3/pkg/oidc"
 	"github.com/zitadel/oidc/v3/pkg/op"
@@ -31,15 +30,12 @@ func (s *Storage) CreateAuthRequest(ctx context.Context, req *oidc.AuthRequest,
 	if !ok {
 		return nil, errors.New("no backend name provided")
 	}
-	selectedBackend, err := s.LocalStorage.BackendStorage().GetBackendByName(ctx, backendName)
+	_, err := s.LocalStorage.BackendStorage().GetBackendByName(ctx, backendName)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get backend: %w", err)
 	}
 
-	var opReq model.AuthRequest
+	return nil, ErrNotImplemented("CreateAuthRequest")
-	opReq.FromOIDCAuthRequest(req, selectedBackend.ID)
-
-	return opReq, nil
 }
 
 func (s *Storage) AuthRequestByID(ctx context.Context, requestID string) (op.AuthRequest, error) {