auth

Paddy 2015-05-11 Parent:cf1aef6eb81f Child:581c60f8dd23

165:04c8edf89e3b Go to Latest

auth/token_postgres.go

Support CORS. Add support for the OPTIONS method on certain endpoints. Automatically add headers (and respond to) OPTIONS requests. Note that these headers are full of deceit and mendacity, and we should switch to trout soon so we can actually be honest about what methods we support.

Download raw file

View source Diff to previous Annotate

1 package auth

3 import (

4 "code.secondbit.org/uuid.hg"

6 "github.com/lib/pq"

7 "github.com/secondbit/pan"

10 func (t Token) GetSQLTableName() string {

11 return "tokens"

14 func (p *postgres) getTokenSQL(token string, refresh bool) *pan.Query {

15 var t Token

16 fields, _ := pan.GetFields(t)

17 query := pan.New(pan.POSTGRES, "SELECT "+pan.QueryList(fields)+" FROM "+pan.GetTableName(t))

18 query.IncludeWhere()

19 if !refresh {

20 query.Include(pan.GetUnquotedColumn(t, "AccessToken")+" = ?", token)

21 } else {

22 query.Include(pan.GetUnquotedColumn(t, "RefreshToken")+" = ?", token)

24 return query.FlushExpressions(" ")

27 func (p *postgres) getToken(token string, refresh bool) (Token, error) {

28 query := p.getTokenSQL(token, refresh)

29 rows, err := p.db.Query(query.String(), query.Args...)

30 if err != nil {

31 return Token{}, err

33 var t Token

34 var found bool

35 for rows.Next() {

36 err := pan.Unmarshal(rows, &t)

37 if err != nil {

38 return t, err

40 found = true

42 if err = rows.Err(); err != nil {

43 return t, err

45 if !found {

46 return t, ErrTokenNotFound

48 return t, nil

51 func (p *postgres) saveTokenSQL(token Token) *pan.Query {

52 fields, values := pan.GetFields(token)

53 query := pan.New(pan.POSTGRES, "INSERT INTO "+pan.GetTableName(token))

54 query.Include("(" + pan.QueryList(fields) + ")")

55 query.Include("VALUES")

56 query.Include("("+pan.VariableList(len(values))+")", values...)

57 return query.FlushExpressions(" ")

60 func (p *postgres) saveToken(token Token) error {

61 query := p.saveTokenSQL(token)

62 _, err := p.db.Exec(query.String(), query.Args...)

63 if e, ok := err.(*pq.Error); ok && e.Constraint == "tokens_pkey" {

64 err = ErrTokenAlreadyExists

66 if err != nil || len(token.Scopes) < 1 {

67 return err

69 return err

72 func (p *postgres) revokeTokenSQL(token string, refresh bool) *pan.Query {

73 var t Token

74 query := pan.New(pan.POSTGRES, "UPDATE "+pan.GetTableName(t)+" SET ")

75 query.Include(pan.GetUnquotedColumn(t, "Revoked")+" = ?", true)

76 query.IncludeWhere()

77 if !refresh {

78 query.Include(pan.GetUnquotedColumn(t, "AccessToken")+" = ?", token)

79 } else {

80 query.Include(pan.GetUnquotedColumn(t, "RefreshToken")+" = ?", token)

82 return query.FlushExpressions(" ")

85 func (p *postgres) revokeToken(token string, refresh bool) error {

86 query := p.revokeTokenSQL(token, refresh)

87 res, err := p.db.Exec(query.String(), query.Args...)

88 if err != nil {

89 return err

91 rows, err := res.RowsAffected()

92 if err != nil {

93 return err

95 if rows == 0 {

96 return ErrTokenNotFound

98 return nil

101 func (p *postgres) revokeTokensByProfileIDSQL(profileID uuid.ID) *pan.Query {

102 var t Token

103 query := pan.New(pan.POSTGRES, "UPDATE "+pan.GetTableName(t)+" SET ")

104 query.Include(pan.GetUnquotedColumn(t, "Revoked")+" = ?", true)

105 query.IncludeWhere()

106 query.Include(pan.GetUnquotedColumn(t, "ProfileID")+" = ?", profileID)

107 return query.FlushExpressions(" ")

110 func (p *postgres) revokeTokensByProfileID(profileID uuid.ID) error {

111 query := p.revokeTokensByProfileIDSQL(profileID)

112 res, err := p.db.Exec(query.String(), query.Args...)

113 if err != nil {

114 return err

116 rows, err := res.RowsAffected()

117 if err != nil {

118 return err

120 if rows == 0 {

121 return ErrProfileNotFound

123 return nil

126 func (p *postgres) revokeTokensByClientIDSQL(clientID uuid.ID) *pan.Query {

127 var t Token

128 query := pan.New(pan.POSTGRES, "UPDATE "+pan.GetTableName(t)+" SET ")

129 query.Include(pan.GetUnquotedColumn(t, "Revoked")+" = ?", true)

130 query.IncludeWhere()

131 query.Include(pan.GetUnquotedColumn(t, "ClientID")+" = ?", clientID)

132 return query.FlushExpressions(" ")

135 func (p *postgres) revokeTokensByClientID(clientID uuid.ID) error {

136 query := p.revokeTokensByClientIDSQL(clientID)

137 res, err := p.db.Exec(query.String(), query.Args...)

138 if err != nil {

139 return err

141 rows, err := res.RowsAffected()

142 if err != nil {

143 return err

145 if rows == 0 {

146 return ErrClientNotFound

148 return nil

151 func (p *postgres) getTokensByProfileIDSQL(profileID uuid.ID, num, offset int) *pan.Query {

152 var token Token

153 fields, _ := pan.GetFields(token)

154 query := pan.New(pan.POSTGRES, "SELECT "+pan.QueryList(fields)+" FROM "+pan.GetTableName(token))

155 query.IncludeWhere()

156 query.Include(pan.GetUnquotedColumn(token, "ProfileID")+" = ?", profileID)

157 query.IncludeLimit(int64(num))

158 query.IncludeOffset(int64(offset))

159 return query.FlushExpressions(" ")

162 func (p *postgres) getTokensByProfileID(profileID uuid.ID, num, offset int) ([]Token, error) {

163 query := p.getTokensByProfileIDSQL(profileID, num, offset)

164 rows, err := p.db.Query(query.String(), query.Args...)

165 if err != nil {

166 return []Token{}, err

168 var tokens []Token

169 var tokenIDs []string

170 for rows.Next() {

171 var token Token

172 err = pan.Unmarshal(rows, &token)

173 if err != nil {

174 return tokens, err

176 tokens = append(tokens, token)

177 tokenIDs = append(tokenIDs, token.AccessToken)

179 if err = rows.Err(); err != nil {

180 return tokens, err

182 return tokens, nil