auth
auth/config.go
Randomly generate codes. We've been using our IDs for auth codes. But our IDs may at some point be non-random, for the purpose of optimising database performance, or some other perfectly valid reason. Auth codes we always want to be random, and have no relation to IDs, so why conflate them? Instead, we pull 16 random bytes out of crypto/rand.Reader and hex encode them.
1 package auth
3 import (
4 "errors"
5 "html/template"
6 "log"
7 )
9 var (
10 // ErrInvalidLoginURI is returned when a Context is instantiated with a Config object that specifies a LoginURI that can't be parsed as a URL.
11 ErrInvalidLoginURI = errors.New("invalid login URI")
12 // ErrConfigNotInitialized is returned when a Context is instantiated with a Config object that hasn't had its Init function called.
13 ErrConfigNotInitialized = errors.New("config not initialized")
14 )
16 // Config holds the configuration values necessary to run a server. A Config
17 // instance is the only way to instantiate a Context variable.
18 type Config struct {
19 ClientStore clientStore
20 AuthCodeStore authorizationCodeStore
21 ProfileStore profileStore
22 TokenStore tokenStore
23 SessionStore sessionStore
24 ScopeStore scopeStore
25 Template *template.Template
26 LoginURI string
27 iterations int
28 secureCookie bool
29 }
31 // Init is a function that preps the Config object to be used for Context creation, setting variables
32 // that are determined at the beginning of program execution.
33 func (c *Config) Init() error {
34 scheme, ok := passphraseSchemes[CurPassphraseScheme]
35 if !ok {
36 return ErrInvalidPassphraseScheme
37 }
38 var err error
39 c.iterations, err = scheme.calculateIterations()
40 if err != nil {
41 return err
42 }
43 log.Printf("Generating passphrases with %d iterations...\n", c.iterations)
44 return nil
45 }