auth

Paddy 2015-04-11 Parent:de5e09680f6b Child:cf6c1f05eb21

158:3223a8e679db Go to Latest

auth/context.go

Remove concept of usernames. We really have no reason to use usernames, and they're complicating things more than they need to. We're going to keep logins the same, because we want to be able to support OAuth2/OpenID/whatever logins in the future, and keeping a type associated with those logins is probably for the best.

Download raw file
View source Diff to previous Annotate
History
paddy@50 1 package auth
paddy@50 2
paddy@50 3 import (
paddy@50 4 "html/template"
paddy@50 5 "io"
paddy@55 6 "log"
paddy@77 7 "net/url"
paddy@50 8 "time"
paddy@50 9
paddy@107 10 "code.secondbit.org/uuid.hg"
paddy@50 11 )
paddy@50 12
paddy@57 13 // Context wraps the different storage interfaces and should
paddy@57 14 // be used as the main point of interaction for the data storage
paddy@57 15 // layer.
paddy@50 16 type Context struct {
paddy@87 17 template *template.Template
paddy@87 18 loginURI *url.URL
paddy@87 19 clients clientStore
paddy@87 20 authCodes authorizationCodeStore
paddy@87 21 profiles profileStore
paddy@87 22 tokens tokenStore
paddy@87 23 sessions sessionStore
paddy@134 24 scopes scopeStore
paddy@96 25 config Config
paddy@96 26 }
paddy@96 27
paddy@96 28 // NewContext takes a Config instance and uses it to bootstrap a Context
paddy@96 29 // using the information provided in the Config variable.
paddy@96 30 func NewContext(config Config) (Context, error) {
paddy@102 31 if config.iterations == 0 {
paddy@102 32 return Context{}, ErrConfigNotInitialized
paddy@102 33 }
paddy@96 34 context := Context{
paddy@96 35 clients: config.ClientStore,
paddy@96 36 authCodes: config.AuthCodeStore,
paddy@96 37 profiles: config.ProfileStore,
paddy@96 38 tokens: config.TokenStore,
paddy@96 39 sessions: config.SessionStore,
paddy@134 40 scopes: config.ScopeStore,
paddy@96 41 template: config.Template,
paddy@96 42 config: config,
paddy@96 43 }
paddy@96 44 var err error
paddy@96 45 context.loginURI, err = url.Parse(config.LoginURI)
paddy@96 46 if err != nil {
paddy@96 47 log.Println(err)
paddy@96 48 return Context{}, ErrInvalidLoginURI
paddy@96 49 }
paddy@96 50 return context, nil
paddy@50 51 }
paddy@50 52
paddy@57 53 // Render uses the HTML templates associated with the Context to render the
paddy@57 54 // template specified by name to out using data to fill any template variables.
paddy@55 55 func (c Context) Render(out io.Writer, name string, data interface{}) {
paddy@50 56 if c.template == nil {
paddy@57 57 log.Println("No template set on Context, can't render anything!")
paddy@57 58 return
paddy@50 59 }
paddy@55 60 err := c.template.ExecuteTemplate(out, name, data)
paddy@55 61 if err != nil {
paddy@55 62 log.Println("Error executing template", name, ":", err)
paddy@55 63 }
paddy@50 64 }
paddy@50 65
paddy@57 66 // GetClient returns a single Client by its ID from the
paddy@57 67 // clientStore associated with the Context.
paddy@50 68 func (c Context) GetClient(id uuid.ID) (Client, error) {
paddy@50 69 if c.clients == nil {
paddy@50 70 return Client{}, ErrNoClientStore
paddy@50 71 }
paddy@57 72 return c.clients.getClient(id)
paddy@50 73 }
paddy@50 74
paddy@57 75 // SaveClient stores the passed Client in the clientStore
paddy@57 76 // associated with the Context.
paddy@50 77 func (c Context) SaveClient(client Client) error {
paddy@50 78 if c.clients == nil {
paddy@50 79 return ErrNoClientStore
paddy@50 80 }
paddy@57 81 return c.clients.saveClient(client)
paddy@50 82 }
paddy@50 83
paddy@57 84 // UpdateClient applies the specified ClientChange to the Client
paddy@57 85 // with the specified ID in the clientStore associated with the
paddy@57 86 // Context.
paddy@50 87 func (c Context) UpdateClient(id uuid.ID, change ClientChange) error {
paddy@50 88 if c.clients == nil {
paddy@50 89 return ErrNoClientStore
paddy@50 90 }
paddy@57 91 return c.clients.updateClient(id, change)
paddy@50 92 }
paddy@50 93
paddy@57 94 // ListClientsByOwner returns a slice of up to num Clients, starting at offset (inclusive)
paddy@57 95 // that have the specified OwnerID in the clientStore associated with the Context.
paddy@50 96 func (c Context) ListClientsByOwner(ownerID uuid.ID, num, offset int) ([]Client, error) {
paddy@50 97 if c.clients == nil {
paddy@50 98 return []Client{}, ErrNoClientStore
paddy@50 99 }
paddy@57 100 return c.clients.listClientsByOwner(ownerID, num, offset)
paddy@50 101 }
paddy@50 102
paddy@151 103 // AddEndpoints stores the specified Endpoints in the clientStore associated with the Context.
paddy@151 104 func (c Context) AddEndpoints(endpoints []Endpoint) error {
paddy@50 105 if c.clients == nil {
paddy@50 106 return ErrNoClientStore
paddy@50 107 }
paddy@116 108 for pos, endpoint := range endpoints {
paddy@116 109 u, err := normalizeURIString(endpoint.URI)
paddy@116 110 if err != nil {
paddy@116 111 return err
paddy@116 112 }
paddy@116 113 endpoint.NormalizedURI = u
paddy@116 114 endpoints[pos] = endpoint
paddy@116 115 }
paddy@151 116 return c.clients.addEndpoints(endpoints)
paddy@50 117 }
paddy@50 118
paddy@143 119 // GetEndpoint retrieves the Endpoint with the specified ID from the clientStore associated
paddy@143 120 // with the Context, if and only if it belongs to the Client with the specified ID.
paddy@143 121 func (c Context) GetEndpoint(client, endpoint uuid.ID) (Endpoint, error) {
paddy@143 122 if c.clients == nil {
paddy@143 123 return Endpoint{}, ErrNoClientStore
paddy@143 124 }
paddy@143 125 return c.clients.getEndpoint(client, endpoint)
paddy@143 126 }
paddy@143 127
paddy@57 128 // RemoveEndpoint deletes the Endpoint with the specified ID from the clientStore associated
paddy@57 129 // with the Context, and disassociates the Endpoint from the specified Client.
paddy@50 130 func (c Context) RemoveEndpoint(client, endpoint uuid.ID) error {
paddy@50 131 if c.clients == nil {
paddy@50 132 return ErrNoClientStore
paddy@50 133 }
paddy@57 134 return c.clients.removeEndpoint(client, endpoint)
paddy@50 135 }
paddy@50 136
paddy@57 137 // CheckEndpoint finds Endpoints in the clientStore associated with the Context that belong
paddy@58 138 // to the Client specified by the passed ID and match the URI passed. URI matches must be
paddy@58 139 // performed according to RFC 3986 Section 6.
paddy@58 140 func (c Context) CheckEndpoint(client uuid.ID, URI string) (bool, error) {
paddy@50 141 if c.clients == nil {
paddy@50 142 return false, ErrNoClientStore
paddy@50 143 }
paddy@116 144 u, err := normalizeURIString(URI)
paddy@116 145 if err != nil {
paddy@116 146 return false, err
paddy@116 147 }
paddy@116 148 return c.clients.checkEndpoint(client, u)
paddy@50 149 }
paddy@50 150
paddy@57 151 // ListEndpoints finds Endpoints in the clientStore associated with the Context that belong
paddy@57 152 // to the Client specified by the passed ID. It returns up to num endpoints, starting at offset,
paddy@57 153 // exclusive.
paddy@50 154 func (c Context) ListEndpoints(client uuid.ID, num, offset int) ([]Endpoint, error) {
paddy@50 155 if c.clients == nil {
paddy@50 156 return []Endpoint{}, ErrNoClientStore
paddy@50 157 }
paddy@57 158 return c.clients.listEndpoints(client, num, offset)
paddy@50 159 }
paddy@50 160
paddy@57 161 // CountEndpoints returns the number of Endpoints the are associated with the Client specified by the
paddy@57 162 // passed ID in the clientStore associated with the Context.
paddy@55 163 func (c Context) CountEndpoints(client uuid.ID) (int64, error) {
paddy@55 164 if c.clients == nil {
paddy@55 165 return 0, ErrNoClientStore
paddy@55 166 }
paddy@57 167 return c.clients.countEndpoints(client)
paddy@55 168 }
paddy@55 169
paddy@87 170 // GetAuthorizationCode returns the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with the
paddy@57 171 // Context.
paddy@87 172 func (c Context) GetAuthorizationCode(code string) (AuthorizationCode, error) {
paddy@87 173 if c.authCodes == nil {
paddy@87 174 return AuthorizationCode{}, ErrNoAuthorizationCodeStore
paddy@50 175 }
paddy@87 176 return c.authCodes.getAuthorizationCode(code)
paddy@50 177 }
paddy@50 178
paddy@87 179 // SaveAuthorizationCode stores the passed AuthorizationCode in the authorizationCodeStore associated with the Context.
paddy@87 180 func (c Context) SaveAuthorizationCode(authCode AuthorizationCode) error {
paddy@87 181 if c.authCodes == nil {
paddy@87 182 return ErrNoAuthorizationCodeStore
paddy@50 183 }
paddy@87 184 return c.authCodes.saveAuthorizationCode(authCode)
paddy@50 185 }
paddy@50 186
paddy@87 187 // DeleteAuthorizationCode removes the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with
paddy@57 188 // the Context.
paddy@87 189 func (c Context) DeleteAuthorizationCode(code string) error {
paddy@87 190 if c.authCodes == nil {
paddy@87 191 return ErrNoAuthorizationCodeStore
paddy@50 192 }
paddy@87 193 return c.authCodes.deleteAuthorizationCode(code)
paddy@50 194 }
paddy@50 195
paddy@94 196 // UseAuthorizationCode marks the AuthorizationCode specified by the provided code as used in the authorizationCodeStore associated with
paddy@94 197 // the Context. Once an AuthorizationCode is marked as used, its Used property will be set to true when retrieved from the authorizationCodeStore.
paddy@94 198 func (c Context) UseAuthorizationCode(code string) error {
paddy@94 199 if c.authCodes == nil {
paddy@94 200 return ErrNoAuthorizationCodeStore
paddy@94 201 }
paddy@94 202 return c.authCodes.useAuthorizationCode(code)
paddy@94 203 }
paddy@94 204
paddy@57 205 // GetProfileByID returns the Profile specified by the provided ID from the profileStore associated with
paddy@57 206 // the Context.
paddy@50 207 func (c Context) GetProfileByID(id uuid.ID) (Profile, error) {
paddy@50 208 if c.profiles == nil {
paddy@50 209 return Profile{}, ErrNoProfileStore
paddy@50 210 }
paddy@57 211 return c.profiles.getProfileByID(id)
paddy@50 212 }
paddy@50 213
paddy@57 214 // GetProfileByLogin returns the Profile associated with the specified Login from the profileStore associated
paddy@57 215 // with the Context.
paddy@69 216 func (c Context) GetProfileByLogin(value string) (Profile, error) {
paddy@50 217 if c.profiles == nil {
paddy@50 218 return Profile{}, ErrNoProfileStore
paddy@50 219 }
paddy@69 220 return c.profiles.getProfileByLogin(value)
paddy@50 221 }
paddy@50 222
paddy@57 223 // SaveProfile inserts the passed Profile into the profileStore associated with the Context.
paddy@50 224 func (c Context) SaveProfile(profile Profile) error {
paddy@50 225 if c.profiles == nil {
paddy@50 226 return ErrNoProfileStore
paddy@50 227 }
paddy@57 228 return c.profiles.saveProfile(profile)
paddy@50 229 }
paddy@50 230
paddy@57 231 // UpdateProfile applies the supplied ProfileChange to the Profile that matches the specified ID
paddy@57 232 // in the profileStore associated with the Context.
paddy@50 233 func (c Context) UpdateProfile(id uuid.ID, change ProfileChange) error {
paddy@50 234 if c.profiles == nil {
paddy@50 235 return ErrNoProfileStore
paddy@50 236 }
paddy@57 237 return c.profiles.updateProfile(id, change)
paddy@50 238 }
paddy@50 239
paddy@57 240 // UpdateProfiles applies the supplied BulkProfileChange to every Profile that matches one of the
paddy@57 241 // specified IDs in the profileStore associated with the Context.
paddy@50 242 func (c Context) UpdateProfiles(ids []uuid.ID, change BulkProfileChange) error {
paddy@50 243 if c.profiles == nil {
paddy@50 244 return ErrNoProfileStore
paddy@50 245 }
paddy@57 246 return c.profiles.updateProfiles(ids, change)
paddy@50 247 }
paddy@50 248
paddy@57 249 // AddLogin stores the passed Login in the profileStore associated with the Context. It also associates
paddy@57 250 // the newly-created Login with the Orofile in login.ProfileID.
paddy@50 251 func (c Context) AddLogin(login Login) error {
paddy@50 252 if c.profiles == nil {
paddy@50 253 return ErrNoProfileStore
paddy@50 254 }
paddy@57 255 return c.profiles.addLogin(login)
paddy@50 256 }
paddy@50 257
paddy@57 258 // RemoveLogin removes the specified Login from the profileStore associated with the Context, provided
paddy@57 259 // the Login has a ProfileID property that matches the profile ID passed in. It also disassociates the
paddy@57 260 // deleted Login from the Profile in login.ProfileID.
paddy@69 261 func (c Context) RemoveLogin(value string, profile uuid.ID) error {
paddy@50 262 if c.profiles == nil {
paddy@50 263 return ErrNoProfileStore
paddy@50 264 }
paddy@69 265 return c.profiles.removeLogin(value, profile)
paddy@50 266 }
paddy@50 267
paddy@57 268 // RecordLoginUse sets the LastUsed property of the Login specified in the profileStore associated with
paddy@57 269 // the Context to the value passed in as when.
paddy@69 270 func (c Context) RecordLoginUse(value string, when time.Time) error {
paddy@50 271 if c.profiles == nil {
paddy@50 272 return ErrNoProfileStore
paddy@50 273 }
paddy@69 274 return c.profiles.recordLoginUse(value, when)
paddy@50 275 }
paddy@50 276
paddy@57 277 // ListLogins returns a slice of up to num Logins associated with the specified Profile from the profileStore
paddy@57 278 // associated with the Context, skipping offset Profiles.
paddy@50 279 func (c Context) ListLogins(profile uuid.ID, num, offset int) ([]Login, error) {
paddy@50 280 if c.profiles == nil {
paddy@50 281 return []Login{}, ErrNoProfileStore
paddy@50 282 }
paddy@57 283 return c.profiles.listLogins(profile, num, offset)
paddy@50 284 }
paddy@50 285
paddy@57 286 // GetToken returns the Token specified from the tokenStore associated with the Context.
paddy@57 287 // If refresh is true, the token input should be compared against the refresh tokens, not the
paddy@57 288 // access tokens.
paddy@50 289 func (c Context) GetToken(token string, refresh bool) (Token, error) {
paddy@50 290 if c.tokens == nil {
paddy@50 291 return Token{}, ErrNoTokenStore
paddy@50 292 }
paddy@57 293 return c.tokens.getToken(token, refresh)
paddy@50 294 }
paddy@50 295
paddy@57 296 // SaveToken stores the passed Token in the tokenStore associated with the Context.
paddy@50 297 func (c Context) SaveToken(token Token) error {
paddy@50 298 if c.tokens == nil {
paddy@50 299 return ErrNoTokenStore
paddy@50 300 }
paddy@57 301 return c.tokens.saveToken(token)
paddy@50 302 }
paddy@50 303
paddy@93 304 // RevokeToken revokes the Token identfied by the passed token string from the tokenStore associated
paddy@93 305 // with the context. If refresh is true, the token input should be compared against the refresh tokens,
paddy@93 306 // not the access tokens.
paddy@93 307 func (c Context) RevokeToken(token string, refresh bool) error {
paddy@93 308 if c.tokens == nil {
paddy@93 309 return ErrNoTokenStore
paddy@93 310 }
paddy@93 311 return c.tokens.revokeToken(token, refresh)
paddy@93 312 }
paddy@93 313
paddy@57 314 // GetTokensByProfileID returns a slice of up to num Tokens with a ProfileID that matches the specified
paddy@57 315 // profileID from the tokenStore associated with the Context, skipping offset Tokens.
paddy@50 316 func (c Context) GetTokensByProfileID(profileID uuid.ID, num, offset int) ([]Token, error) {
paddy@50 317 if c.tokens == nil {
paddy@50 318 return []Token{}, ErrNoTokenStore
paddy@50 319 }
paddy@57 320 return c.tokens.getTokensByProfileID(profileID, num, offset)
paddy@50 321 }
paddy@69 322
paddy@69 323 // CreateSession stores the passed Session in the sessionStore associated with the Context.
paddy@69 324 func (c Context) CreateSession(session Session) error {
paddy@69 325 if c.sessions == nil {
paddy@69 326 return ErrNoSessionStore
paddy@69 327 }
paddy@69 328 return c.sessions.createSession(session)
paddy@69 329 }
paddy@69 330
paddy@69 331 // GetSession returns the Session specified from the sessionStore associated with the Context.
paddy@69 332 func (c Context) GetSession(id string) (Session, error) {
paddy@69 333 if c.sessions == nil {
paddy@69 334 return Session{}, ErrNoSessionStore
paddy@69 335 }
paddy@69 336 return c.sessions.getSession(id)
paddy@69 337 }
paddy@69 338
paddy@69 339 // RemoveSession removes the Session identified by the passed ID from the sessionStore associated with
paddy@69 340 // the Context.
paddy@69 341 func (c Context) RemoveSession(id string) error {
paddy@69 342 if c.sessions == nil {
paddy@69 343 return ErrNoSessionStore
paddy@69 344 }
paddy@69 345 return c.sessions.removeSession(id)
paddy@69 346 }
paddy@69 347
paddy@69 348 // ListSessions returns a slice of up to num Sessions from the sessionStore associated with the Context,
paddy@69 349 // ordered by the date they were created, descending. If before.IsZero() returns false, only Sessions
paddy@69 350 // that were created before that time will be returned. If profile is not nil, only Sessions belonging to
paddy@69 351 // that Profile will be returned.
paddy@69 352 func (c Context) ListSessions(profile uuid.ID, before time.Time, num int64) ([]Session, error) {
paddy@116 353 if c.sessions == nil {
paddy@69 354 return []Session{}, ErrNoSessionStore
paddy@69 355 }
paddy@69 356 return c.sessions.listSessions(profile, before, num)
paddy@69 357 }
paddy@134 358
paddy@134 359 func (c Context) CreateScopes(scopes []Scope) error {
paddy@134 360 if c.scopes == nil {
paddy@134 361 return ErrNoScopeStore
paddy@134 362 }
paddy@134 363 return c.scopes.createScopes(scopes)
paddy@134 364 }
paddy@134 365
paddy@134 366 func (c Context) GetScopes(ids []string) ([]Scope, error) {
paddy@134 367 if c.scopes == nil {
paddy@134 368 return []Scope{}, ErrNoScopeStore
paddy@134 369 }
paddy@134 370 return c.scopes.getScopes(ids)
paddy@134 371 }
paddy@134 372
paddy@152 373 func (c Context) UpdateScope(id string, change ScopeChange) error {
paddy@134 374 if c.scopes == nil {
paddy@152 375 return ErrNoScopeStore
paddy@134 376 }
paddy@152 377 return c.scopes.updateScope(id, change)
paddy@134 378 }
paddy@134 379
paddy@134 380 func (c Context) RemoveScopes(ids []string) error {
paddy@134 381 if c.scopes == nil {
paddy@134 382 return ErrNoScopeStore
paddy@134 383 }
paddy@134 384 return c.scopes.removeScopes(ids)
paddy@134 385 }
paddy@134 386
paddy@134 387 func (c Context) ListScopes() ([]Scope, error) {
paddy@134 388 if c.scopes == nil {
paddy@134 389 return []Scope{}, ErrNoScopeStore
paddy@134 390 }
paddy@134 391 return c.scopes.listScopes()
paddy@134 392 }