auth

Paddy 2014-12-13 Parent:a22b35677cd5 Child:e57a57a944c4

94:9c50b2e2e03b Go to Latest

auth/context.go

Implement invalidating AuthorizationCodes once used. Add a Used property to AuthorizationCodes, which is set to true in the Invalidate function of the AuthorizationCode GrantType. Implement a useAuthorizationCode function for the memstore. Add useAuthorizzationCode to the authorizationCodeStore interface.

Download raw file
View source Diff to previous Annotate
History
paddy@50 1 package auth
paddy@50 2
paddy@50 3 import (
paddy@50 4 "html/template"
paddy@50 5 "io"
paddy@55 6 "log"
paddy@77 7 "net/url"
paddy@50 8 "time"
paddy@50 9
paddy@50 10 "code.secondbit.org/uuid"
paddy@50 11 )
paddy@50 12
paddy@57 13 // Context wraps the different storage interfaces and should
paddy@57 14 // be used as the main point of interaction for the data storage
paddy@57 15 // layer.
paddy@50 16 type Context struct {
paddy@87 17 template *template.Template
paddy@87 18 loginURI *url.URL
paddy@87 19 clients clientStore
paddy@87 20 authCodes authorizationCodeStore
paddy@87 21 profiles profileStore
paddy@87 22 tokens tokenStore
paddy@87 23 sessions sessionStore
paddy@50 24 }
paddy@50 25
paddy@57 26 // Render uses the HTML templates associated with the Context to render the
paddy@57 27 // template specified by name to out using data to fill any template variables.
paddy@55 28 func (c Context) Render(out io.Writer, name string, data interface{}) {
paddy@50 29 if c.template == nil {
paddy@57 30 log.Println("No template set on Context, can't render anything!")
paddy@57 31 return
paddy@50 32 }
paddy@55 33 err := c.template.ExecuteTemplate(out, name, data)
paddy@55 34 if err != nil {
paddy@55 35 log.Println("Error executing template", name, ":", err)
paddy@55 36 }
paddy@50 37 }
paddy@50 38
paddy@57 39 // GetClient returns a single Client by its ID from the
paddy@57 40 // clientStore associated with the Context.
paddy@50 41 func (c Context) GetClient(id uuid.ID) (Client, error) {
paddy@50 42 if c.clients == nil {
paddy@50 43 return Client{}, ErrNoClientStore
paddy@50 44 }
paddy@57 45 return c.clients.getClient(id)
paddy@50 46 }
paddy@50 47
paddy@57 48 // SaveClient stores the passed Client in the clientStore
paddy@57 49 // associated with the Context.
paddy@50 50 func (c Context) SaveClient(client Client) error {
paddy@50 51 if c.clients == nil {
paddy@50 52 return ErrNoClientStore
paddy@50 53 }
paddy@57 54 return c.clients.saveClient(client)
paddy@50 55 }
paddy@50 56
paddy@57 57 // UpdateClient applies the specified ClientChange to the Client
paddy@57 58 // with the specified ID in the clientStore associated with the
paddy@57 59 // Context.
paddy@50 60 func (c Context) UpdateClient(id uuid.ID, change ClientChange) error {
paddy@50 61 if c.clients == nil {
paddy@50 62 return ErrNoClientStore
paddy@50 63 }
paddy@57 64 return c.clients.updateClient(id, change)
paddy@50 65 }
paddy@50 66
paddy@57 67 // DeleteClient removes the client with the specified ID from the
paddy@57 68 // clientStore associated with the Context.
paddy@50 69 func (c Context) DeleteClient(id uuid.ID) error {
paddy@50 70 if c.clients == nil {
paddy@50 71 return ErrNoClientStore
paddy@50 72 }
paddy@57 73 return c.clients.deleteClient(id)
paddy@50 74 }
paddy@50 75
paddy@57 76 // ListClientsByOwner returns a slice of up to num Clients, starting at offset (inclusive)
paddy@57 77 // that have the specified OwnerID in the clientStore associated with the Context.
paddy@50 78 func (c Context) ListClientsByOwner(ownerID uuid.ID, num, offset int) ([]Client, error) {
paddy@50 79 if c.clients == nil {
paddy@50 80 return []Client{}, ErrNoClientStore
paddy@50 81 }
paddy@57 82 return c.clients.listClientsByOwner(ownerID, num, offset)
paddy@50 83 }
paddy@50 84
paddy@57 85 // AddEndpoint stores the specified Endpoint in the clientStore associated with the Context,
paddy@57 86 // and associates the newly-stored Endpoint with the Client specified by the passed ID.
paddy@50 87 func (c Context) AddEndpoint(client uuid.ID, endpoint Endpoint) error {
paddy@50 88 if c.clients == nil {
paddy@50 89 return ErrNoClientStore
paddy@50 90 }
paddy@57 91 return c.clients.addEndpoint(client, endpoint)
paddy@50 92 }
paddy@50 93
paddy@57 94 // RemoveEndpoint deletes the Endpoint with the specified ID from the clientStore associated
paddy@57 95 // with the Context, and disassociates the Endpoint from the specified Client.
paddy@50 96 func (c Context) RemoveEndpoint(client, endpoint uuid.ID) error {
paddy@50 97 if c.clients == nil {
paddy@50 98 return ErrNoClientStore
paddy@50 99 }
paddy@57 100 return c.clients.removeEndpoint(client, endpoint)
paddy@50 101 }
paddy@50 102
paddy@57 103 // CheckEndpoint finds Endpoints in the clientStore associated with the Context that belong
paddy@58 104 // to the Client specified by the passed ID and match the URI passed. URI matches must be
paddy@58 105 // performed according to RFC 3986 Section 6.
paddy@58 106 func (c Context) CheckEndpoint(client uuid.ID, URI string) (bool, error) {
paddy@50 107 if c.clients == nil {
paddy@50 108 return false, ErrNoClientStore
paddy@50 109 }
paddy@58 110 return c.clients.checkEndpoint(client, URI)
paddy@50 111 }
paddy@50 112
paddy@57 113 // ListEndpoints finds Endpoints in the clientStore associated with the Context that belong
paddy@57 114 // to the Client specified by the passed ID. It returns up to num endpoints, starting at offset,
paddy@57 115 // exclusive.
paddy@50 116 func (c Context) ListEndpoints(client uuid.ID, num, offset int) ([]Endpoint, error) {
paddy@50 117 if c.clients == nil {
paddy@50 118 return []Endpoint{}, ErrNoClientStore
paddy@50 119 }
paddy@57 120 return c.clients.listEndpoints(client, num, offset)
paddy@50 121 }
paddy@50 122
paddy@57 123 // CountEndpoints returns the number of Endpoints the are associated with the Client specified by the
paddy@57 124 // passed ID in the clientStore associated with the Context.
paddy@55 125 func (c Context) CountEndpoints(client uuid.ID) (int64, error) {
paddy@55 126 if c.clients == nil {
paddy@55 127 return 0, ErrNoClientStore
paddy@55 128 }
paddy@57 129 return c.clients.countEndpoints(client)
paddy@55 130 }
paddy@55 131
paddy@87 132 // GetAuthorizationCode returns the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with the
paddy@57 133 // Context.
paddy@87 134 func (c Context) GetAuthorizationCode(code string) (AuthorizationCode, error) {
paddy@87 135 if c.authCodes == nil {
paddy@87 136 return AuthorizationCode{}, ErrNoAuthorizationCodeStore
paddy@50 137 }
paddy@87 138 return c.authCodes.getAuthorizationCode(code)
paddy@50 139 }
paddy@50 140
paddy@87 141 // SaveAuthorizationCode stores the passed AuthorizationCode in the authorizationCodeStore associated with the Context.
paddy@87 142 func (c Context) SaveAuthorizationCode(authCode AuthorizationCode) error {
paddy@87 143 if c.authCodes == nil {
paddy@87 144 return ErrNoAuthorizationCodeStore
paddy@50 145 }
paddy@87 146 return c.authCodes.saveAuthorizationCode(authCode)
paddy@50 147 }
paddy@50 148
paddy@87 149 // DeleteAuthorizationCode removes the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with
paddy@57 150 // the Context.
paddy@87 151 func (c Context) DeleteAuthorizationCode(code string) error {
paddy@87 152 if c.authCodes == nil {
paddy@87 153 return ErrNoAuthorizationCodeStore
paddy@50 154 }
paddy@87 155 return c.authCodes.deleteAuthorizationCode(code)
paddy@50 156 }
paddy@50 157
paddy@94 158 // UseAuthorizationCode marks the AuthorizationCode specified by the provided code as used in the authorizationCodeStore associated with
paddy@94 159 // the Context. Once an AuthorizationCode is marked as used, its Used property will be set to true when retrieved from the authorizationCodeStore.
paddy@94 160 func (c Context) UseAuthorizationCode(code string) error {
paddy@94 161 if c.authCodes == nil {
paddy@94 162 return ErrNoAuthorizationCodeStore
paddy@94 163 }
paddy@94 164 return c.authCodes.useAuthorizationCode(code)
paddy@94 165 }
paddy@94 166
paddy@57 167 // GetProfileByID returns the Profile specified by the provided ID from the profileStore associated with
paddy@57 168 // the Context.
paddy@50 169 func (c Context) GetProfileByID(id uuid.ID) (Profile, error) {
paddy@50 170 if c.profiles == nil {
paddy@50 171 return Profile{}, ErrNoProfileStore
paddy@50 172 }
paddy@57 173 return c.profiles.getProfileByID(id)
paddy@50 174 }
paddy@50 175
paddy@57 176 // GetProfileByLogin returns the Profile associated with the specified Login from the profileStore associated
paddy@57 177 // with the Context.
paddy@69 178 func (c Context) GetProfileByLogin(value string) (Profile, error) {
paddy@50 179 if c.profiles == nil {
paddy@50 180 return Profile{}, ErrNoProfileStore
paddy@50 181 }
paddy@69 182 return c.profiles.getProfileByLogin(value)
paddy@50 183 }
paddy@50 184
paddy@57 185 // SaveProfile inserts the passed Profile into the profileStore associated with the Context.
paddy@50 186 func (c Context) SaveProfile(profile Profile) error {
paddy@50 187 if c.profiles == nil {
paddy@50 188 return ErrNoProfileStore
paddy@50 189 }
paddy@57 190 return c.profiles.saveProfile(profile)
paddy@50 191 }
paddy@50 192
paddy@57 193 // UpdateProfile applies the supplied ProfileChange to the Profile that matches the specified ID
paddy@57 194 // in the profileStore associated with the Context.
paddy@50 195 func (c Context) UpdateProfile(id uuid.ID, change ProfileChange) error {
paddy@50 196 if c.profiles == nil {
paddy@50 197 return ErrNoProfileStore
paddy@50 198 }
paddy@57 199 return c.profiles.updateProfile(id, change)
paddy@50 200 }
paddy@50 201
paddy@57 202 // UpdateProfiles applies the supplied BulkProfileChange to every Profile that matches one of the
paddy@57 203 // specified IDs in the profileStore associated with the Context.
paddy@50 204 func (c Context) UpdateProfiles(ids []uuid.ID, change BulkProfileChange) error {
paddy@50 205 if c.profiles == nil {
paddy@50 206 return ErrNoProfileStore
paddy@50 207 }
paddy@57 208 return c.profiles.updateProfiles(ids, change)
paddy@50 209 }
paddy@50 210
paddy@57 211 // DeleteProfile removes the Profile specified by the passed ID from the profileStore associated
paddy@57 212 // with the Context.
paddy@50 213 func (c Context) DeleteProfile(id uuid.ID) error {
paddy@50 214 if c.profiles == nil {
paddy@50 215 return ErrNoProfileStore
paddy@50 216 }
paddy@57 217 return c.profiles.deleteProfile(id)
paddy@50 218 }
paddy@50 219
paddy@57 220 // AddLogin stores the passed Login in the profileStore associated with the Context. It also associates
paddy@57 221 // the newly-created Login with the Orofile in login.ProfileID.
paddy@50 222 func (c Context) AddLogin(login Login) error {
paddy@50 223 if c.profiles == nil {
paddy@50 224 return ErrNoProfileStore
paddy@50 225 }
paddy@57 226 return c.profiles.addLogin(login)
paddy@50 227 }
paddy@50 228
paddy@57 229 // RemoveLogin removes the specified Login from the profileStore associated with the Context, provided
paddy@57 230 // the Login has a ProfileID property that matches the profile ID passed in. It also disassociates the
paddy@57 231 // deleted Login from the Profile in login.ProfileID.
paddy@69 232 func (c Context) RemoveLogin(value string, profile uuid.ID) error {
paddy@50 233 if c.profiles == nil {
paddy@50 234 return ErrNoProfileStore
paddy@50 235 }
paddy@69 236 return c.profiles.removeLogin(value, profile)
paddy@50 237 }
paddy@50 238
paddy@57 239 // RecordLoginUse sets the LastUsed property of the Login specified in the profileStore associated with
paddy@57 240 // the Context to the value passed in as when.
paddy@69 241 func (c Context) RecordLoginUse(value string, when time.Time) error {
paddy@50 242 if c.profiles == nil {
paddy@50 243 return ErrNoProfileStore
paddy@50 244 }
paddy@69 245 return c.profiles.recordLoginUse(value, when)
paddy@50 246 }
paddy@50 247
paddy@57 248 // ListLogins returns a slice of up to num Logins associated with the specified Profile from the profileStore
paddy@57 249 // associated with the Context, skipping offset Profiles.
paddy@50 250 func (c Context) ListLogins(profile uuid.ID, num, offset int) ([]Login, error) {
paddy@50 251 if c.profiles == nil {
paddy@50 252 return []Login{}, ErrNoProfileStore
paddy@50 253 }
paddy@57 254 return c.profiles.listLogins(profile, num, offset)
paddy@50 255 }
paddy@50 256
paddy@57 257 // GetToken returns the Token specified from the tokenStore associated with the Context.
paddy@57 258 // If refresh is true, the token input should be compared against the refresh tokens, not the
paddy@57 259 // access tokens.
paddy@50 260 func (c Context) GetToken(token string, refresh bool) (Token, error) {
paddy@50 261 if c.tokens == nil {
paddy@50 262 return Token{}, ErrNoTokenStore
paddy@50 263 }
paddy@57 264 return c.tokens.getToken(token, refresh)
paddy@50 265 }
paddy@50 266
paddy@57 267 // SaveToken stores the passed Token in the tokenStore associated with the Context.
paddy@50 268 func (c Context) SaveToken(token Token) error {
paddy@50 269 if c.tokens == nil {
paddy@50 270 return ErrNoTokenStore
paddy@50 271 }
paddy@57 272 return c.tokens.saveToken(token)
paddy@50 273 }
paddy@50 274
paddy@57 275 // RemoveToken removes the Token identified by the passed token string from the tokenStore associated
paddy@57 276 // with the Context.
paddy@50 277 func (c Context) RemoveToken(token string) error {
paddy@50 278 if c.tokens == nil {
paddy@50 279 return ErrNoTokenStore
paddy@50 280 }
paddy@57 281 return c.tokens.removeToken(token)
paddy@50 282 }
paddy@50 283
paddy@93 284 // RevokeToken revokes the Token identfied by the passed token string from the tokenStore associated
paddy@93 285 // with the context. If refresh is true, the token input should be compared against the refresh tokens,
paddy@93 286 // not the access tokens.
paddy@93 287 func (c Context) RevokeToken(token string, refresh bool) error {
paddy@93 288 if c.tokens == nil {
paddy@93 289 return ErrNoTokenStore
paddy@93 290 }
paddy@93 291 return c.tokens.revokeToken(token, refresh)
paddy@93 292 }
paddy@93 293
paddy@57 294 // GetTokensByProfileID returns a slice of up to num Tokens with a ProfileID that matches the specified
paddy@57 295 // profileID from the tokenStore associated with the Context, skipping offset Tokens.
paddy@50 296 func (c Context) GetTokensByProfileID(profileID uuid.ID, num, offset int) ([]Token, error) {
paddy@50 297 if c.tokens == nil {
paddy@50 298 return []Token{}, ErrNoTokenStore
paddy@50 299 }
paddy@57 300 return c.tokens.getTokensByProfileID(profileID, num, offset)
paddy@50 301 }
paddy@69 302
paddy@69 303 // CreateSession stores the passed Session in the sessionStore associated with the Context.
paddy@69 304 func (c Context) CreateSession(session Session) error {
paddy@69 305 if c.sessions == nil {
paddy@69 306 return ErrNoSessionStore
paddy@69 307 }
paddy@69 308 return c.sessions.createSession(session)
paddy@69 309 }
paddy@69 310
paddy@69 311 // GetSession returns the Session specified from the sessionStore associated with the Context.
paddy@69 312 func (c Context) GetSession(id string) (Session, error) {
paddy@69 313 if c.sessions == nil {
paddy@69 314 return Session{}, ErrNoSessionStore
paddy@69 315 }
paddy@69 316 return c.sessions.getSession(id)
paddy@69 317 }
paddy@69 318
paddy@69 319 // RemoveSession removes the Session identified by the passed ID from the sessionStore associated with
paddy@69 320 // the Context.
paddy@69 321 func (c Context) RemoveSession(id string) error {
paddy@69 322 if c.sessions == nil {
paddy@69 323 return ErrNoSessionStore
paddy@69 324 }
paddy@69 325 return c.sessions.removeSession(id)
paddy@69 326 }
paddy@69 327
paddy@69 328 // ListSessions returns a slice of up to num Sessions from the sessionStore associated with the Context,
paddy@69 329 // ordered by the date they were created, descending. If before.IsZero() returns false, only Sessions
paddy@69 330 // that were created before that time will be returned. If profile is not nil, only Sessions belonging to
paddy@69 331 // that Profile will be returned.
paddy@69 332 func (c Context) ListSessions(profile uuid.ID, before time.Time, num int64) ([]Session, error) {
paddy@69 333 if c.sessions != nil {
paddy@69 334 return []Session{}, ErrNoSessionStore
paddy@69 335 }
paddy@69 336 return c.sessions.listSessions(profile, before, num)
paddy@69 337 }