auth

Paddy 2015-04-11 Parent:2809016184f6 Child:73e12d5a1124

162:6f473576c6ae Go to Latest

auth/authcode_postgres.go

Clean up sessions and tokens after Profile is deleted. Add a terminateSessionsByProfile method to our sessionStore to mark Sessions associated with a Profile as inactive. Implement memstore and postgres implementations of the terminateSessionsByProfile method. Add a TerminateSessionsByProfile wrapper method to Context. Add a revokeTokensByProfileID method to our tokenStore to mark Tokens associated with a Profile as revoked. Implement memstore and postgres implementation of the revokeTokensByProfileID method. Add a RevokeTokensByProfileID wrapper method to Context. Call our RevokeTokensByProfileID and TerminateSessionsByProfile methods after a Profile is deleted, to clean up the Tokens and Sessions associated with it.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "github.com/lib/pq"
5 "github.com/secondbit/pan"
6 )
7
8 type authCodeScope struct {
9 Code string
10 Scope string
11 }
12
13 func (acs authCodeScope) GetSQLTableName() string {
14 return "authorization_codes_scopes"
15 }
16
17 func (ac AuthorizationCode) GetSQLTableName() string {
18 return "authorization_codes"
19 }
20
21 func (p *postgres) getAuthorizationCodeSQL(code string) *pan.Query {
22 var ac AuthorizationCode
23 fields, _ := pan.GetFields(ac)
24 query := pan.New(pan.POSTGRES, "SELECT "+pan.QueryList(fields)+" FROM "+pan.GetTableName(ac))
25 query.IncludeWhere()
26 query.Include(pan.GetUnquotedColumn(ac, "Code")+" = ?", code)
27 return query.FlushExpressions(" ")
28 }
29
30 func (p *postgres) getAuthorizationCodeScopesSQL(codes []string) *pan.Query {
31 var acs authCodeScope
32 fields, _ := pan.GetFields(acs)
33 codesI := make([]interface{}, len(codes))
34 for pos, code := range codes {
35 codesI[pos] = code
36 }
37 query := pan.New(pan.POSTGRES, "SELECT "+pan.QueryList(fields)+" FROM "+pan.GetTableName(acs))
38 query.IncludeWhere()
39 query.Include(pan.GetUnquotedColumn(acs, "Code")+" IN ("+pan.VariableList(len(codesI))+")", codesI...)
40 return query.FlushExpressions(" ")
41 }
42
43 func (p *postgres) getAuthorizationCode(code string) (AuthorizationCode, error) {
44 query := p.getAuthorizationCodeSQL(code)
45 rows, err := p.db.Query(query.String(), query.Args...)
46 if err != nil {
47 return AuthorizationCode{}, err
48 }
49 var ac AuthorizationCode
50 var found bool
51 for rows.Next() {
52 err := pan.Unmarshal(rows, &ac)
53 if err != nil {
54 return ac, err
55 }
56 found = true
57 }
58 if err = rows.Err(); err != nil {
59 return ac, err
60 }
61 if !found {
62 return ac, ErrAuthorizationCodeNotFound
63 }
64 query = p.getAuthorizationCodeScopesSQL([]string{code})
65 rows, err = p.db.Query(query.String(), query.Args...)
66 if err != nil {
67 return ac, err
68 }
69 for rows.Next() {
70 var acs authCodeScope
71 err = pan.Unmarshal(rows, &acs)
72 if err != nil {
73 return ac, err
74 }
75 ac.Scopes = append(ac.Scopes, acs.Scope)
76 }
77 if err = rows.Err(); err != nil {
78 return ac, err
79 }
80 return ac, nil
81 }
82
83 func (p *postgres) saveAuthorizationCodeSQL(authCode AuthorizationCode) *pan.Query {
84 fields, values := pan.GetFields(authCode)
85 query := pan.New(pan.POSTGRES, "INSERT INTO "+pan.GetTableName(authCode))
86 query.Include("(" + pan.QueryList(fields) + ")")
87 query.Include("VALUES")
88 query.Include("("+pan.VariableList(len(values))+")", values...)
89 return query.FlushExpressions(" ")
90 }
91
92 func (p *postgres) saveAuthorizationCodeScopesSQL(authCodeScopes []authCodeScope) *pan.Query {
93 fields, _ := pan.GetFields(authCodeScopes[0])
94 query := pan.New(pan.POSTGRES, "INSERT INTO "+pan.GetTableName(authCodeScopes[0]))
95 query.Include("(" + pan.QueryList(fields) + ")")
96 query.Include("VALUES")
97 query.FlushExpressions(" ")
98 for _, acs := range authCodeScopes {
99 _, values := pan.GetFields(acs)
100 query.Include("("+pan.VariableList(len(values))+")", values...)
101 }
102 return query.FlushExpressions(", ")
103 }
104
105 func (p *postgres) saveAuthorizationCode(authCode AuthorizationCode) error {
106 query := p.saveAuthorizationCodeSQL(authCode)
107 _, err := p.db.Exec(query.String(), query.Args...)
108 if e, ok := err.(*pq.Error); ok && e.Constraint == "authorization_codes_pkey" {
109 err = ErrAuthorizationCodeAlreadyExists
110 }
111 if err != nil || len(authCode.Scopes) < 1 {
112 return err
113 }
114 var acs []authCodeScope
115 for _, scope := range authCode.Scopes {
116 acs = append(acs, authCodeScope{Code: authCode.Code, Scope: scope})
117 }
118 query = p.saveAuthorizationCodeScopesSQL(acs)
119 _, err = p.db.Exec(query.String(), query.Args...)
120 return err
121 }
122
123 func (p *postgres) deleteAuthorizationCodeSQL(code string) *pan.Query {
124 var authCode AuthorizationCode
125 query := pan.New(pan.POSTGRES, "DELETE FROM "+pan.GetTableName(authCode))
126 query.IncludeWhere()
127 query.Include(pan.GetUnquotedColumn(authCode, "Code")+" = ?", code)
128 return query.FlushExpressions(" ")
129 }
130
131 func (p *postgres) deleteAuthorizationCodeScopesSQL(code string) *pan.Query {
132 var acs authCodeScope
133 query := pan.New(pan.POSTGRES, "DELETE FROM "+pan.GetTableName(acs))
134 query.IncludeWhere()
135 query.Include(pan.GetUnquotedColumn(acs, "Code")+" = ?", code)
136 return query.FlushExpressions(" ")
137 }
138
139 func (p *postgres) deleteAuthorizationCode(code string) error {
140 query := p.deleteAuthorizationCodeSQL(code)
141 res, err := p.db.Exec(query.String(), query.Args...)
142 if err != nil {
143 return err
144 }
145 rows, err := res.RowsAffected()
146 if err != nil {
147 return err
148 }
149 if rows == 0 {
150 return ErrAuthorizationCodeNotFound
151 }
152 query = p.deleteAuthorizationCodeScopesSQL(code)
153 _, err = p.db.Exec(query.String(), query.Args...)
154 return err
155 }
156
157 func (p *postgres) useAuthorizationCodeSQL(code string) *pan.Query {
158 var authCode AuthorizationCode
159 query := pan.New(pan.POSTGRES, "UPDATE "+pan.GetTableName(authCode)+" SET ")
160 query.Include(pan.GetUnquotedColumn(authCode, "Used")+" = ?", true)
161 query.IncludeWhere()
162 query.Include(pan.GetUnquotedColumn(authCode, "Code")+" = ?", code)
163 return query.FlushExpressions(" ")
164 }
165
166 func (p *postgres) useAuthorizationCode(code string) error {
167 query := p.useAuthorizationCodeSQL(code)
168 res, err := p.db.Exec(query.String(), query.Args...)
169 if err != nil {
170 return err
171 }
172 rows, err := res.RowsAffected()
173 if err != nil {
174 return err
175 }
176 if rows == 0 {
177 return ErrAuthorizationCodeNotFound
178 }
179 return nil
180 }