auth

Paddy 2015-03-05 Parent:d103a598548c Child:3aeadd2201e9

auth/context.go

Add a handler to add endpoints to a client. Add a handler that enables adding endpoints to a client through the API.

paddy@50	1 package auth
paddy@50	2
paddy@50	3 import (
paddy@50	4 "html/template"
paddy@50	5 "io"
paddy@55	6 "log"
paddy@77	7 "net/url"
paddy@50	8 "time"
paddy@50	9
paddy@107	10 "code.secondbit.org/uuid.hg"
paddy@50	11 )
paddy@50	12
paddy@57	13 // Context wraps the different storage interfaces and should
paddy@57	14 // be used as the main point of interaction for the data storage
paddy@57	15 // layer.
paddy@50	16 type Context struct {
paddy@87	17 template *template.Template
paddy@87	18 loginURI *url.URL
paddy@87	19 clients clientStore
paddy@87	20 authCodes authorizationCodeStore
paddy@87	21 profiles profileStore
paddy@87	22 tokens tokenStore
paddy@87	23 sessions sessionStore
paddy@134	24 scopes scopeStore
paddy@96	25 config Config
paddy@96	26 }
paddy@96	27
paddy@96	28 // NewContext takes a Config instance and uses it to bootstrap a Context
paddy@96	29 // using the information provided in the Config variable.
paddy@96	30 func NewContext(config Config) (Context, error) {
paddy@102	31 if config.iterations == 0 {
paddy@102	32 return Context{}, ErrConfigNotInitialized
paddy@102	33 }
paddy@96	34 context := Context{
paddy@96	35 clients: config.ClientStore,
paddy@96	36 authCodes: config.AuthCodeStore,
paddy@96	37 profiles: config.ProfileStore,
paddy@96	38 tokens: config.TokenStore,
paddy@96	39 sessions: config.SessionStore,
paddy@134	40 scopes: config.ScopeStore,
paddy@96	41 template: config.Template,
paddy@96	42 config: config,
paddy@96	43 }
paddy@96	44 var err error
paddy@96	45 context.loginURI, err = url.Parse(config.LoginURI)
paddy@96	46 if err != nil {
paddy@96	47 log.Println(err)
paddy@96	48 return Context{}, ErrInvalidLoginURI
paddy@96	49 }
paddy@96	50 return context, nil
paddy@50	51 }
paddy@50	52
paddy@57	53 // Render uses the HTML templates associated with the Context to render the
paddy@57	54 // template specified by name to out using data to fill any template variables.
paddy@55	55 func (c Context) Render(out io.Writer, name string, data interface{}) {
paddy@50	56 if c.template == nil {
paddy@57	57 log.Println("No template set on Context, can't render anything!")
paddy@57	58 return
paddy@50	59 }
paddy@55	60 err := c.template.ExecuteTemplate(out, name, data)
paddy@55	61 if err != nil {
paddy@55	62 log.Println("Error executing template", name, ":", err)
paddy@55	63 }
paddy@50	64 }
paddy@50	65
paddy@57	66 // GetClient returns a single Client by its ID from the
paddy@57	67 // clientStore associated with the Context.
paddy@50	68 func (c Context) GetClient(id uuid.ID) (Client, error) {
paddy@50	69 if c.clients == nil {
paddy@50	70 return Client{}, ErrNoClientStore
paddy@50	71 }
paddy@57	72 return c.clients.getClient(id)
paddy@50	73 }
paddy@50	74
paddy@57	75 // SaveClient stores the passed Client in the clientStore
paddy@57	76 // associated with the Context.
paddy@50	77 func (c Context) SaveClient(client Client) error {
paddy@50	78 if c.clients == nil {
paddy@50	79 return ErrNoClientStore
paddy@50	80 }
paddy@57	81 return c.clients.saveClient(client)
paddy@50	82 }
paddy@50	83
paddy@57	84 // UpdateClient applies the specified ClientChange to the Client
paddy@57	85 // with the specified ID in the clientStore associated with the
paddy@57	86 // Context.
paddy@50	87 func (c Context) UpdateClient(id uuid.ID, change ClientChange) error {
paddy@50	88 if c.clients == nil {
paddy@50	89 return ErrNoClientStore
paddy@50	90 }
paddy@57	91 return c.clients.updateClient(id, change)
paddy@50	92 }
paddy@50	93
paddy@57	94 // DeleteClient removes the client with the specified ID from the
paddy@57	95 // clientStore associated with the Context.
paddy@50	96 func (c Context) DeleteClient(id uuid.ID) error {
paddy@50	97 if c.clients == nil {
paddy@50	98 return ErrNoClientStore
paddy@50	99 }
paddy@57	100 return c.clients.deleteClient(id)
paddy@50	101 }
paddy@50	102
paddy@57	103 // ListClientsByOwner returns a slice of up to num Clients, starting at offset (inclusive)
paddy@57	104 // that have the specified OwnerID in the clientStore associated with the Context.
paddy@50	105 func (c Context) ListClientsByOwner(ownerID uuid.ID, num, offset int) ([]Client, error) {
paddy@50	106 if c.clients == nil {
paddy@50	107 return []Client{}, ErrNoClientStore
paddy@50	108 }
paddy@57	109 return c.clients.listClientsByOwner(ownerID, num, offset)
paddy@50	110 }
paddy@50	111
paddy@115	112 // AddEndpoints stores the specified Endpoints in the clientStore associated with the Context,
paddy@115	113 // and associates the newly-stored Endpoints with the Client specified by the passed ID.
paddy@115	114 func (c Context) AddEndpoints(client uuid.ID, endpoints []Endpoint) error {
paddy@50	115 if c.clients == nil {
paddy@50	116 return ErrNoClientStore
paddy@50	117 }
paddy@116	118 for pos, endpoint := range endpoints {
paddy@116	119 u, err := normalizeURIString(endpoint.URI)
paddy@116	120 if err != nil {
paddy@116	121 return err
paddy@116	122 }
paddy@116	123 endpoint.NormalizedURI = u
paddy@116	124 endpoints[pos] = endpoint
paddy@116	125 }
paddy@115	126 return c.clients.addEndpoints(client, endpoints)
paddy@50	127 }
paddy@50	128
paddy@57	129 // RemoveEndpoint deletes the Endpoint with the specified ID from the clientStore associated
paddy@57	130 // with the Context, and disassociates the Endpoint from the specified Client.
paddy@50	131 func (c Context) RemoveEndpoint(client, endpoint uuid.ID) error {
paddy@50	132 if c.clients == nil {
paddy@50	133 return ErrNoClientStore
paddy@50	134 }
paddy@57	135 return c.clients.removeEndpoint(client, endpoint)
paddy@50	136 }
paddy@50	137
paddy@57	138 // CheckEndpoint finds Endpoints in the clientStore associated with the Context that belong
paddy@58	139 // to the Client specified by the passed ID and match the URI passed. URI matches must be
paddy@58	140 // performed according to RFC 3986 Section 6.
paddy@58	141 func (c Context) CheckEndpoint(client uuid.ID, URI string) (bool, error) {
paddy@50	142 if c.clients == nil {
paddy@50	143 return false, ErrNoClientStore
paddy@50	144 }
paddy@116	145 u, err := normalizeURIString(URI)
paddy@116	146 if err != nil {
paddy@116	147 return false, err
paddy@116	148 }
paddy@116	149 return c.clients.checkEndpoint(client, u)
paddy@50	150 }
paddy@50	151
paddy@57	152 // ListEndpoints finds Endpoints in the clientStore associated with the Context that belong
paddy@57	153 // to the Client specified by the passed ID. It returns up to num endpoints, starting at offset,
paddy@57	154 // exclusive.
paddy@50	155 func (c Context) ListEndpoints(client uuid.ID, num, offset int) ([]Endpoint, error) {
paddy@50	156 if c.clients == nil {
paddy@50	157 return []Endpoint{}, ErrNoClientStore
paddy@50	158 }
paddy@57	159 return c.clients.listEndpoints(client, num, offset)
paddy@50	160 }
paddy@50	161
paddy@57	162 // CountEndpoints returns the number of Endpoints the are associated with the Client specified by the
paddy@57	163 // passed ID in the clientStore associated with the Context.
paddy@55	164 func (c Context) CountEndpoints(client uuid.ID) (int64, error) {
paddy@55	165 if c.clients == nil {
paddy@55	166 return 0, ErrNoClientStore
paddy@55	167 }
paddy@57	168 return c.clients.countEndpoints(client)
paddy@55	169 }
paddy@55	170
paddy@87	171 // GetAuthorizationCode returns the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with the
paddy@57	172 // Context.
paddy@87	173 func (c Context) GetAuthorizationCode(code string) (AuthorizationCode, error) {
paddy@87	174 if c.authCodes == nil {
paddy@87	175 return AuthorizationCode{}, ErrNoAuthorizationCodeStore
paddy@50	176 }
paddy@87	177 return c.authCodes.getAuthorizationCode(code)
paddy@50	178 }
paddy@50	179
paddy@87	180 // SaveAuthorizationCode stores the passed AuthorizationCode in the authorizationCodeStore associated with the Context.
paddy@87	181 func (c Context) SaveAuthorizationCode(authCode AuthorizationCode) error {
paddy@87	182 if c.authCodes == nil {
paddy@87	183 return ErrNoAuthorizationCodeStore
paddy@50	184 }
paddy@87	185 return c.authCodes.saveAuthorizationCode(authCode)
paddy@50	186 }
paddy@50	187
paddy@87	188 // DeleteAuthorizationCode removes the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with
paddy@57	189 // the Context.
paddy@87	190 func (c Context) DeleteAuthorizationCode(code string) error {
paddy@87	191 if c.authCodes == nil {
paddy@87	192 return ErrNoAuthorizationCodeStore
paddy@50	193 }
paddy@87	194 return c.authCodes.deleteAuthorizationCode(code)
paddy@50	195 }
paddy@50	196
paddy@94	197 // UseAuthorizationCode marks the AuthorizationCode specified by the provided code as used in the authorizationCodeStore associated with
paddy@94	198 // the Context. Once an AuthorizationCode is marked as used, its Used property will be set to true when retrieved from the authorizationCodeStore.
paddy@94	199 func (c Context) UseAuthorizationCode(code string) error {
paddy@94	200 if c.authCodes == nil {
paddy@94	201 return ErrNoAuthorizationCodeStore
paddy@94	202 }
paddy@94	203 return c.authCodes.useAuthorizationCode(code)
paddy@94	204 }
paddy@94	205
paddy@57	206 // GetProfileByID returns the Profile specified by the provided ID from the profileStore associated with
paddy@57	207 // the Context.
paddy@50	208 func (c Context) GetProfileByID(id uuid.ID) (Profile, error) {
paddy@50	209 if c.profiles == nil {
paddy@50	210 return Profile{}, ErrNoProfileStore
paddy@50	211 }
paddy@57	212 return c.profiles.getProfileByID(id)
paddy@50	213 }
paddy@50	214
paddy@57	215 // GetProfileByLogin returns the Profile associated with the specified Login from the profileStore associated
paddy@57	216 // with the Context.
paddy@69	217 func (c Context) GetProfileByLogin(value string) (Profile, error) {
paddy@50	218 if c.profiles == nil {
paddy@50	219 return Profile{}, ErrNoProfileStore
paddy@50	220 }
paddy@69	221 return c.profiles.getProfileByLogin(value)
paddy@50	222 }
paddy@50	223
paddy@57	224 // SaveProfile inserts the passed Profile into the profileStore associated with the Context.
paddy@50	225 func (c Context) SaveProfile(profile Profile) error {
paddy@50	226 if c.profiles == nil {
paddy@50	227 return ErrNoProfileStore
paddy@50	228 }
paddy@57	229 return c.profiles.saveProfile(profile)
paddy@50	230 }
paddy@50	231
paddy@57	232 // UpdateProfile applies the supplied ProfileChange to the Profile that matches the specified ID
paddy@57	233 // in the profileStore associated with the Context.
paddy@50	234 func (c Context) UpdateProfile(id uuid.ID, change ProfileChange) error {
paddy@50	235 if c.profiles == nil {
paddy@50	236 return ErrNoProfileStore
paddy@50	237 }
paddy@57	238 return c.profiles.updateProfile(id, change)
paddy@50	239 }
paddy@50	240
paddy@57	241 // UpdateProfiles applies the supplied BulkProfileChange to every Profile that matches one of the
paddy@57	242 // specified IDs in the profileStore associated with the Context.
paddy@50	243 func (c Context) UpdateProfiles(ids []uuid.ID, change BulkProfileChange) error {
paddy@50	244 if c.profiles == nil {
paddy@50	245 return ErrNoProfileStore
paddy@50	246 }
paddy@57	247 return c.profiles.updateProfiles(ids, change)
paddy@50	248 }
paddy@50	249
paddy@57	250 // DeleteProfile removes the Profile specified by the passed ID from the profileStore associated
paddy@57	251 // with the Context.
paddy@50	252 func (c Context) DeleteProfile(id uuid.ID) error {
paddy@50	253 if c.profiles == nil {
paddy@50	254 return ErrNoProfileStore
paddy@50	255 }
paddy@57	256 return c.profiles.deleteProfile(id)
paddy@50	257 }
paddy@50	258
paddy@57	259 // AddLogin stores the passed Login in the profileStore associated with the Context. It also associates
paddy@57	260 // the newly-created Login with the Orofile in login.ProfileID.
paddy@50	261 func (c Context) AddLogin(login Login) error {
paddy@50	262 if c.profiles == nil {
paddy@50	263 return ErrNoProfileStore
paddy@50	264 }
paddy@57	265 return c.profiles.addLogin(login)
paddy@50	266 }
paddy@50	267
paddy@57	268 // RemoveLogin removes the specified Login from the profileStore associated with the Context, provided
paddy@57	269 // the Login has a ProfileID property that matches the profile ID passed in. It also disassociates the
paddy@57	270 // deleted Login from the Profile in login.ProfileID.
paddy@69	271 func (c Context) RemoveLogin(value string, profile uuid.ID) error {
paddy@50	272 if c.profiles == nil {
paddy@50	273 return ErrNoProfileStore
paddy@50	274 }
paddy@69	275 return c.profiles.removeLogin(value, profile)
paddy@50	276 }
paddy@50	277
paddy@57	278 // RecordLoginUse sets the LastUsed property of the Login specified in the profileStore associated with
paddy@57	279 // the Context to the value passed in as when.
paddy@69	280 func (c Context) RecordLoginUse(value string, when time.Time) error {
paddy@50	281 if c.profiles == nil {
paddy@50	282 return ErrNoProfileStore
paddy@50	283 }
paddy@69	284 return c.profiles.recordLoginUse(value, when)
paddy@50	285 }
paddy@50	286
paddy@57	287 // ListLogins returns a slice of up to num Logins associated with the specified Profile from the profileStore
paddy@57	288 // associated with the Context, skipping offset Profiles.
paddy@50	289 func (c Context) ListLogins(profile uuid.ID, num, offset int) ([]Login, error) {
paddy@50	290 if c.profiles == nil {
paddy@50	291 return []Login{}, ErrNoProfileStore
paddy@50	292 }
paddy@57	293 return c.profiles.listLogins(profile, num, offset)
paddy@50	294 }
paddy@50	295
paddy@57	296 // GetToken returns the Token specified from the tokenStore associated with the Context.
paddy@57	297 // If refresh is true, the token input should be compared against the refresh tokens, not the
paddy@57	298 // access tokens.
paddy@50	299 func (c Context) GetToken(token string, refresh bool) (Token, error) {
paddy@50	300 if c.tokens == nil {
paddy@50	301 return Token{}, ErrNoTokenStore
paddy@50	302 }
paddy@57	303 return c.tokens.getToken(token, refresh)
paddy@50	304 }
paddy@50	305
paddy@57	306 // SaveToken stores the passed Token in the tokenStore associated with the Context.
paddy@50	307 func (c Context) SaveToken(token Token) error {
paddy@50	308 if c.tokens == nil {
paddy@50	309 return ErrNoTokenStore
paddy@50	310 }
paddy@57	311 return c.tokens.saveToken(token)
paddy@50	312 }
paddy@50	313
paddy@93	314 // RevokeToken revokes the Token identfied by the passed token string from the tokenStore associated
paddy@93	315 // with the context. If refresh is true, the token input should be compared against the refresh tokens,
paddy@93	316 // not the access tokens.
paddy@93	317 func (c Context) RevokeToken(token string, refresh bool) error {
paddy@93	318 if c.tokens == nil {
paddy@93	319 return ErrNoTokenStore
paddy@93	320 }
paddy@93	321 return c.tokens.revokeToken(token, refresh)
paddy@93	322 }
paddy@93	323
paddy@57	324 // GetTokensByProfileID returns a slice of up to num Tokens with a ProfileID that matches the specified
paddy@57	325 // profileID from the tokenStore associated with the Context, skipping offset Tokens.
paddy@50	326 func (c Context) GetTokensByProfileID(profileID uuid.ID, num, offset int) ([]Token, error) {
paddy@50	327 if c.tokens == nil {
paddy@50	328 return []Token{}, ErrNoTokenStore
paddy@50	329 }
paddy@57	330 return c.tokens.getTokensByProfileID(profileID, num, offset)
paddy@50	331 }
paddy@69	332
paddy@69	333 // CreateSession stores the passed Session in the sessionStore associated with the Context.
paddy@69	334 func (c Context) CreateSession(session Session) error {
paddy@69	335 if c.sessions == nil {
paddy@69	336 return ErrNoSessionStore
paddy@69	337 }
paddy@69	338 return c.sessions.createSession(session)
paddy@69	339 }
paddy@69	340
paddy@69	341 // GetSession returns the Session specified from the sessionStore associated with the Context.
paddy@69	342 func (c Context) GetSession(id string) (Session, error) {
paddy@69	343 if c.sessions == nil {
paddy@69	344 return Session{}, ErrNoSessionStore
paddy@69	345 }
paddy@69	346 return c.sessions.getSession(id)
paddy@69	347 }
paddy@69	348
paddy@69	349 // RemoveSession removes the Session identified by the passed ID from the sessionStore associated with
paddy@69	350 // the Context.
paddy@69	351 func (c Context) RemoveSession(id string) error {
paddy@69	352 if c.sessions == nil {
paddy@69	353 return ErrNoSessionStore
paddy@69	354 }
paddy@69	355 return c.sessions.removeSession(id)
paddy@69	356 }
paddy@69	357
paddy@69	358 // ListSessions returns a slice of up to num Sessions from the sessionStore associated with the Context,
paddy@69	359 // ordered by the date they were created, descending. If before.IsZero() returns false, only Sessions
paddy@69	360 // that were created before that time will be returned. If profile is not nil, only Sessions belonging to
paddy@69	361 // that Profile will be returned.
paddy@69	362 func (c Context) ListSessions(profile uuid.ID, before time.Time, num int64) ([]Session, error) {
paddy@116	363 if c.sessions == nil {
paddy@69	364 return []Session{}, ErrNoSessionStore
paddy@69	365 }
paddy@69	366 return c.sessions.listSessions(profile, before, num)
paddy@69	367 }
paddy@134	368
paddy@134	369 func (c Context) CreateScopes(scopes []Scope) error {
paddy@134	370 if c.scopes == nil {
paddy@134	371 return ErrNoScopeStore
paddy@134	372 }
paddy@134	373 return c.scopes.createScopes(scopes)
paddy@134	374 }
paddy@134	375
paddy@134	376 func (c Context) GetScopes(ids []string) ([]Scope, error) {
paddy@134	377 if c.scopes == nil {
paddy@134	378 return []Scope{}, ErrNoScopeStore
paddy@134	379 }
paddy@134	380 return c.scopes.getScopes(ids)
paddy@134	381 }
paddy@134	382
paddy@134	383 func (c Context) UpdateScopes(changes []ScopeChange) ([]Scope, error) {
paddy@134	384 if c.scopes == nil {
paddy@134	385 return []Scope{}, ErrNoScopeStore
paddy@134	386 }
paddy@134	387 return c.scopes.updateScopes(changes)
paddy@134	388 }
paddy@134	389
paddy@134	390 func (c Context) RemoveScopes(ids []string) error {
paddy@134	391 if c.scopes == nil {
paddy@134	392 return ErrNoScopeStore
paddy@134	393 }
paddy@134	394 return c.scopes.removeScopes(ids)
paddy@134	395 }
paddy@134	396
paddy@134	397 func (c Context) ListScopes() ([]Scope, error) {
paddy@134	398 if c.scopes == nil {
paddy@134	399 return []Scope{}, ErrNoScopeStore
paddy@134	400 }
paddy@134	401 return c.scopes.listScopes()
paddy@134	402 }