auth
auth/context.go
Break client verification out, break token returns out. Break client verification out into a helper function to avoid rewriting it for pretty much every grant. Break token returns out into a new function as part of the GrantType, so that implicit grants can redirect with the token value. Split returning the token as JSON into its own exported function, which can be used in multiple grants. Return more relevant information to the template when a user is deciding whether or not to authorize a grant.
1 package auth
3 import (
4 "html/template"
5 "io"
6 "log"
7 "net/url"
8 "time"
10 "code.secondbit.org/uuid"
11 )
13 // Context wraps the different storage interfaces and should
14 // be used as the main point of interaction for the data storage
15 // layer.
16 type Context struct {
17 template *template.Template
18 loginURI *url.URL
19 clients clientStore
20 grants grantStore
21 profiles profileStore
22 tokens tokenStore
23 sessions sessionStore
24 }
26 // Render uses the HTML templates associated with the Context to render the
27 // template specified by name to out using data to fill any template variables.
28 func (c Context) Render(out io.Writer, name string, data interface{}) {
29 if c.template == nil {
30 log.Println("No template set on Context, can't render anything!")
31 return
32 }
33 err := c.template.ExecuteTemplate(out, name, data)
34 if err != nil {
35 log.Println("Error executing template", name, ":", err)
36 }
37 }
39 // GetClient returns a single Client by its ID from the
40 // clientStore associated with the Context.
41 func (c Context) GetClient(id uuid.ID) (Client, error) {
42 if c.clients == nil {
43 return Client{}, ErrNoClientStore
44 }
45 return c.clients.getClient(id)
46 }
48 // SaveClient stores the passed Client in the clientStore
49 // associated with the Context.
50 func (c Context) SaveClient(client Client) error {
51 if c.clients == nil {
52 return ErrNoClientStore
53 }
54 return c.clients.saveClient(client)
55 }
57 // UpdateClient applies the specified ClientChange to the Client
58 // with the specified ID in the clientStore associated with the
59 // Context.
60 func (c Context) UpdateClient(id uuid.ID, change ClientChange) error {
61 if c.clients == nil {
62 return ErrNoClientStore
63 }
64 return c.clients.updateClient(id, change)
65 }
67 // DeleteClient removes the client with the specified ID from the
68 // clientStore associated with the Context.
69 func (c Context) DeleteClient(id uuid.ID) error {
70 if c.clients == nil {
71 return ErrNoClientStore
72 }
73 return c.clients.deleteClient(id)
74 }
76 // ListClientsByOwner returns a slice of up to num Clients, starting at offset (inclusive)
77 // that have the specified OwnerID in the clientStore associated with the Context.
78 func (c Context) ListClientsByOwner(ownerID uuid.ID, num, offset int) ([]Client, error) {
79 if c.clients == nil {
80 return []Client{}, ErrNoClientStore
81 }
82 return c.clients.listClientsByOwner(ownerID, num, offset)
83 }
85 // AddEndpoint stores the specified Endpoint in the clientStore associated with the Context,
86 // and associates the newly-stored Endpoint with the Client specified by the passed ID.
87 func (c Context) AddEndpoint(client uuid.ID, endpoint Endpoint) error {
88 if c.clients == nil {
89 return ErrNoClientStore
90 }
91 return c.clients.addEndpoint(client, endpoint)
92 }
94 // RemoveEndpoint deletes the Endpoint with the specified ID from the clientStore associated
95 // with the Context, and disassociates the Endpoint from the specified Client.
96 func (c Context) RemoveEndpoint(client, endpoint uuid.ID) error {
97 if c.clients == nil {
98 return ErrNoClientStore
99 }
100 return c.clients.removeEndpoint(client, endpoint)
101 }
103 // CheckEndpoint finds Endpoints in the clientStore associated with the Context that belong
104 // to the Client specified by the passed ID and match the URI passed. URI matches must be
105 // performed according to RFC 3986 Section 6.
106 func (c Context) CheckEndpoint(client uuid.ID, URI string) (bool, error) {
107 if c.clients == nil {
108 return false, ErrNoClientStore
109 }
110 return c.clients.checkEndpoint(client, URI)
111 }
113 // ListEndpoints finds Endpoints in the clientStore associated with the Context that belong
114 // to the Client specified by the passed ID. It returns up to num endpoints, starting at offset,
115 // exclusive.
116 func (c Context) ListEndpoints(client uuid.ID, num, offset int) ([]Endpoint, error) {
117 if c.clients == nil {
118 return []Endpoint{}, ErrNoClientStore
119 }
120 return c.clients.listEndpoints(client, num, offset)
121 }
123 // CountEndpoints returns the number of Endpoints the are associated with the Client specified by the
124 // passed ID in the clientStore associated with the Context.
125 func (c Context) CountEndpoints(client uuid.ID) (int64, error) {
126 if c.clients == nil {
127 return 0, ErrNoClientStore
128 }
129 return c.clients.countEndpoints(client)
130 }
132 // GetGrant returns the Grant specified by the provided code from the grantStore associated with the
133 // Context.
134 func (c Context) GetGrant(code string) (Grant, error) {
135 if c.grants == nil {
136 return Grant{}, ErrNoGrantStore
137 }
138 return c.grants.getGrant(code)
139 }
141 // SaveGrant stores the passed Grant in the grantStore associated with the Context.
142 func (c Context) SaveGrant(grant Grant) error {
143 if c.grants == nil {
144 return ErrNoGrantStore
145 }
146 return c.grants.saveGrant(grant)
147 }
149 // DeleteGrant removes the Grant specified by the provided code from the grantStore associated with
150 // the Context.
151 func (c Context) DeleteGrant(code string) error {
152 if c.grants == nil {
153 return ErrNoGrantStore
154 }
155 return c.grants.deleteGrant(code)
156 }
158 // GetProfileByID returns the Profile specified by the provided ID from the profileStore associated with
159 // the Context.
160 func (c Context) GetProfileByID(id uuid.ID) (Profile, error) {
161 if c.profiles == nil {
162 return Profile{}, ErrNoProfileStore
163 }
164 return c.profiles.getProfileByID(id)
165 }
167 // GetProfileByLogin returns the Profile associated with the specified Login from the profileStore associated
168 // with the Context.
169 func (c Context) GetProfileByLogin(value string) (Profile, error) {
170 if c.profiles == nil {
171 return Profile{}, ErrNoProfileStore
172 }
173 return c.profiles.getProfileByLogin(value)
174 }
176 // SaveProfile inserts the passed Profile into the profileStore associated with the Context.
177 func (c Context) SaveProfile(profile Profile) error {
178 if c.profiles == nil {
179 return ErrNoProfileStore
180 }
181 return c.profiles.saveProfile(profile)
182 }
184 // UpdateProfile applies the supplied ProfileChange to the Profile that matches the specified ID
185 // in the profileStore associated with the Context.
186 func (c Context) UpdateProfile(id uuid.ID, change ProfileChange) error {
187 if c.profiles == nil {
188 return ErrNoProfileStore
189 }
190 return c.profiles.updateProfile(id, change)
191 }
193 // UpdateProfiles applies the supplied BulkProfileChange to every Profile that matches one of the
194 // specified IDs in the profileStore associated with the Context.
195 func (c Context) UpdateProfiles(ids []uuid.ID, change BulkProfileChange) error {
196 if c.profiles == nil {
197 return ErrNoProfileStore
198 }
199 return c.profiles.updateProfiles(ids, change)
200 }
202 // DeleteProfile removes the Profile specified by the passed ID from the profileStore associated
203 // with the Context.
204 func (c Context) DeleteProfile(id uuid.ID) error {
205 if c.profiles == nil {
206 return ErrNoProfileStore
207 }
208 return c.profiles.deleteProfile(id)
209 }
211 // AddLogin stores the passed Login in the profileStore associated with the Context. It also associates
212 // the newly-created Login with the Orofile in login.ProfileID.
213 func (c Context) AddLogin(login Login) error {
214 if c.profiles == nil {
215 return ErrNoProfileStore
216 }
217 return c.profiles.addLogin(login)
218 }
220 // RemoveLogin removes the specified Login from the profileStore associated with the Context, provided
221 // the Login has a ProfileID property that matches the profile ID passed in. It also disassociates the
222 // deleted Login from the Profile in login.ProfileID.
223 func (c Context) RemoveLogin(value string, profile uuid.ID) error {
224 if c.profiles == nil {
225 return ErrNoProfileStore
226 }
227 return c.profiles.removeLogin(value, profile)
228 }
230 // RecordLoginUse sets the LastUsed property of the Login specified in the profileStore associated with
231 // the Context to the value passed in as when.
232 func (c Context) RecordLoginUse(value string, when time.Time) error {
233 if c.profiles == nil {
234 return ErrNoProfileStore
235 }
236 return c.profiles.recordLoginUse(value, when)
237 }
239 // ListLogins returns a slice of up to num Logins associated with the specified Profile from the profileStore
240 // associated with the Context, skipping offset Profiles.
241 func (c Context) ListLogins(profile uuid.ID, num, offset int) ([]Login, error) {
242 if c.profiles == nil {
243 return []Login{}, ErrNoProfileStore
244 }
245 return c.profiles.listLogins(profile, num, offset)
246 }
248 // GetToken returns the Token specified from the tokenStore associated with the Context.
249 // If refresh is true, the token input should be compared against the refresh tokens, not the
250 // access tokens.
251 func (c Context) GetToken(token string, refresh bool) (Token, error) {
252 if c.tokens == nil {
253 return Token{}, ErrNoTokenStore
254 }
255 return c.tokens.getToken(token, refresh)
256 }
258 // SaveToken stores the passed Token in the tokenStore associated with the Context.
259 func (c Context) SaveToken(token Token) error {
260 if c.tokens == nil {
261 return ErrNoTokenStore
262 }
263 return c.tokens.saveToken(token)
264 }
266 // RemoveToken removes the Token identified by the passed token string from the tokenStore associated
267 // with the Context.
268 func (c Context) RemoveToken(token string) error {
269 if c.tokens == nil {
270 return ErrNoTokenStore
271 }
272 return c.tokens.removeToken(token)
273 }
275 // GetTokensByProfileID returns a slice of up to num Tokens with a ProfileID that matches the specified
276 // profileID from the tokenStore associated with the Context, skipping offset Tokens.
277 func (c Context) GetTokensByProfileID(profileID uuid.ID, num, offset int) ([]Token, error) {
278 if c.tokens == nil {
279 return []Token{}, ErrNoTokenStore
280 }
281 return c.tokens.getTokensByProfileID(profileID, num, offset)
282 }
284 // CreateSession stores the passed Session in the sessionStore associated with the Context.
285 func (c Context) CreateSession(session Session) error {
286 if c.sessions == nil {
287 return ErrNoSessionStore
288 }
289 return c.sessions.createSession(session)
290 }
292 // GetSession returns the Session specified from the sessionStore associated with the Context.
293 func (c Context) GetSession(id string) (Session, error) {
294 if c.sessions == nil {
295 return Session{}, ErrNoSessionStore
296 }
297 return c.sessions.getSession(id)
298 }
300 // RemoveSession removes the Session identified by the passed ID from the sessionStore associated with
301 // the Context.
302 func (c Context) RemoveSession(id string) error {
303 if c.sessions == nil {
304 return ErrNoSessionStore
305 }
306 return c.sessions.removeSession(id)
307 }
309 // ListSessions returns a slice of up to num Sessions from the sessionStore associated with the Context,
310 // ordered by the date they were created, descending. If before.IsZero() returns false, only Sessions
311 // that were created before that time will be returned. If profile is not nil, only Sessions belonging to
312 // that Profile will be returned.
313 func (c Context) ListSessions(profile uuid.ID, before time.Time, num int64) ([]Session, error) {
314 if c.sessions != nil {
315 return []Session{}, ErrNoSessionStore
316 }
317 return c.sessions.listSessions(profile, before, num)
318 }