auth

Paddy 2015-03-18 Parent:3aeadd2201e9 Child:06fb735031bb

146:b5432f50f057 Go to Latest

auth/context.go

Fix tests. It made no sense to have the Profile's Passphrase length check in the Validate call of the ProfileChange type, because the ProfileChange had that property being applied as the _hashed_ passphrase. And We want to validate the _cleartext_ passphrase. So we removed that in e660a38fa936. But we forgot to update the tests. So I'm updating now.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "html/template"
5 "io"
6 "log"
7 "net/url"
8 "time"
9
10 "code.secondbit.org/uuid.hg"
11 )
12
13 // Context wraps the different storage interfaces and should
14 // be used as the main point of interaction for the data storage
15 // layer.
16 type Context struct {
17 template *template.Template
18 loginURI *url.URL
19 clients clientStore
20 authCodes authorizationCodeStore
21 profiles profileStore
22 tokens tokenStore
23 sessions sessionStore
24 scopes scopeStore
25 config Config
26 }
27
28 // NewContext takes a Config instance and uses it to bootstrap a Context
29 // using the information provided in the Config variable.
30 func NewContext(config Config) (Context, error) {
31 if config.iterations == 0 {
32 return Context{}, ErrConfigNotInitialized
33 }
34 context := Context{
35 clients: config.ClientStore,
36 authCodes: config.AuthCodeStore,
37 profiles: config.ProfileStore,
38 tokens: config.TokenStore,
39 sessions: config.SessionStore,
40 scopes: config.ScopeStore,
41 template: config.Template,
42 config: config,
43 }
44 var err error
45 context.loginURI, err = url.Parse(config.LoginURI)
46 if err != nil {
47 log.Println(err)
48 return Context{}, ErrInvalidLoginURI
49 }
50 return context, nil
51 }
52
53 // Render uses the HTML templates associated with the Context to render the
54 // template specified by name to out using data to fill any template variables.
55 func (c Context) Render(out io.Writer, name string, data interface{}) {
56 if c.template == nil {
57 log.Println("No template set on Context, can't render anything!")
58 return
59 }
60 err := c.template.ExecuteTemplate(out, name, data)
61 if err != nil {
62 log.Println("Error executing template", name, ":", err)
63 }
64 }
65
66 // GetClient returns a single Client by its ID from the
67 // clientStore associated with the Context.
68 func (c Context) GetClient(id uuid.ID) (Client, error) {
69 if c.clients == nil {
70 return Client{}, ErrNoClientStore
71 }
72 return c.clients.getClient(id)
73 }
74
75 // SaveClient stores the passed Client in the clientStore
76 // associated with the Context.
77 func (c Context) SaveClient(client Client) error {
78 if c.clients == nil {
79 return ErrNoClientStore
80 }
81 return c.clients.saveClient(client)
82 }
83
84 // UpdateClient applies the specified ClientChange to the Client
85 // with the specified ID in the clientStore associated with the
86 // Context.
87 func (c Context) UpdateClient(id uuid.ID, change ClientChange) error {
88 if c.clients == nil {
89 return ErrNoClientStore
90 }
91 return c.clients.updateClient(id, change)
92 }
93
94 // DeleteClient removes the client with the specified ID from the
95 // clientStore associated with the Context.
96 func (c Context) DeleteClient(id uuid.ID) error {
97 if c.clients == nil {
98 return ErrNoClientStore
99 }
100 return c.clients.deleteClient(id)
101 }
102
103 // ListClientsByOwner returns a slice of up to num Clients, starting at offset (inclusive)
104 // that have the specified OwnerID in the clientStore associated with the Context.
105 func (c Context) ListClientsByOwner(ownerID uuid.ID, num, offset int) ([]Client, error) {
106 if c.clients == nil {
107 return []Client{}, ErrNoClientStore
108 }
109 return c.clients.listClientsByOwner(ownerID, num, offset)
110 }
111
112 // AddEndpoints stores the specified Endpoints in the clientStore associated with the Context,
113 // and associates the newly-stored Endpoints with the Client specified by the passed ID.
114 func (c Context) AddEndpoints(client uuid.ID, endpoints []Endpoint) error {
115 if c.clients == nil {
116 return ErrNoClientStore
117 }
118 for pos, endpoint := range endpoints {
119 u, err := normalizeURIString(endpoint.URI)
120 if err != nil {
121 return err
122 }
123 endpoint.NormalizedURI = u
124 endpoints[pos] = endpoint
125 }
126 return c.clients.addEndpoints(client, endpoints)
127 }
128
129 // GetEndpoint retrieves the Endpoint with the specified ID from the clientStore associated
130 // with the Context, if and only if it belongs to the Client with the specified ID.
131 func (c Context) GetEndpoint(client, endpoint uuid.ID) (Endpoint, error) {
132 if c.clients == nil {
133 return Endpoint{}, ErrNoClientStore
134 }
135 return c.clients.getEndpoint(client, endpoint)
136 }
137
138 // RemoveEndpoint deletes the Endpoint with the specified ID from the clientStore associated
139 // with the Context, and disassociates the Endpoint from the specified Client.
140 func (c Context) RemoveEndpoint(client, endpoint uuid.ID) error {
141 if c.clients == nil {
142 return ErrNoClientStore
143 }
144 return c.clients.removeEndpoint(client, endpoint)
145 }
146
147 // CheckEndpoint finds Endpoints in the clientStore associated with the Context that belong
148 // to the Client specified by the passed ID and match the URI passed. URI matches must be
149 // performed according to RFC 3986 Section 6.
150 func (c Context) CheckEndpoint(client uuid.ID, URI string) (bool, error) {
151 if c.clients == nil {
152 return false, ErrNoClientStore
153 }
154 u, err := normalizeURIString(URI)
155 if err != nil {
156 return false, err
157 }
158 return c.clients.checkEndpoint(client, u)
159 }
160
161 // ListEndpoints finds Endpoints in the clientStore associated with the Context that belong
162 // to the Client specified by the passed ID. It returns up to num endpoints, starting at offset,
163 // exclusive.
164 func (c Context) ListEndpoints(client uuid.ID, num, offset int) ([]Endpoint, error) {
165 if c.clients == nil {
166 return []Endpoint{}, ErrNoClientStore
167 }
168 return c.clients.listEndpoints(client, num, offset)
169 }
170
171 // CountEndpoints returns the number of Endpoints the are associated with the Client specified by the
172 // passed ID in the clientStore associated with the Context.
173 func (c Context) CountEndpoints(client uuid.ID) (int64, error) {
174 if c.clients == nil {
175 return 0, ErrNoClientStore
176 }
177 return c.clients.countEndpoints(client)
178 }
179
180 // GetAuthorizationCode returns the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with the
181 // Context.
182 func (c Context) GetAuthorizationCode(code string) (AuthorizationCode, error) {
183 if c.authCodes == nil {
184 return AuthorizationCode{}, ErrNoAuthorizationCodeStore
185 }
186 return c.authCodes.getAuthorizationCode(code)
187 }
188
189 // SaveAuthorizationCode stores the passed AuthorizationCode in the authorizationCodeStore associated with the Context.
190 func (c Context) SaveAuthorizationCode(authCode AuthorizationCode) error {
191 if c.authCodes == nil {
192 return ErrNoAuthorizationCodeStore
193 }
194 return c.authCodes.saveAuthorizationCode(authCode)
195 }
196
197 // DeleteAuthorizationCode removes the AuthorizationCode specified by the provided code from the authorizationCodeStore associated with
198 // the Context.
199 func (c Context) DeleteAuthorizationCode(code string) error {
200 if c.authCodes == nil {
201 return ErrNoAuthorizationCodeStore
202 }
203 return c.authCodes.deleteAuthorizationCode(code)
204 }
205
206 // UseAuthorizationCode marks the AuthorizationCode specified by the provided code as used in the authorizationCodeStore associated with
207 // the Context. Once an AuthorizationCode is marked as used, its Used property will be set to true when retrieved from the authorizationCodeStore.
208 func (c Context) UseAuthorizationCode(code string) error {
209 if c.authCodes == nil {
210 return ErrNoAuthorizationCodeStore
211 }
212 return c.authCodes.useAuthorizationCode(code)
213 }
214
215 // GetProfileByID returns the Profile specified by the provided ID from the profileStore associated with
216 // the Context.
217 func (c Context) GetProfileByID(id uuid.ID) (Profile, error) {
218 if c.profiles == nil {
219 return Profile{}, ErrNoProfileStore
220 }
221 return c.profiles.getProfileByID(id)
222 }
223
224 // GetProfileByLogin returns the Profile associated with the specified Login from the profileStore associated
225 // with the Context.
226 func (c Context) GetProfileByLogin(value string) (Profile, error) {
227 if c.profiles == nil {
228 return Profile{}, ErrNoProfileStore
229 }
230 return c.profiles.getProfileByLogin(value)
231 }
232
233 // SaveProfile inserts the passed Profile into the profileStore associated with the Context.
234 func (c Context) SaveProfile(profile Profile) error {
235 if c.profiles == nil {
236 return ErrNoProfileStore
237 }
238 return c.profiles.saveProfile(profile)
239 }
240
241 // UpdateProfile applies the supplied ProfileChange to the Profile that matches the specified ID
242 // in the profileStore associated with the Context.
243 func (c Context) UpdateProfile(id uuid.ID, change ProfileChange) error {
244 if c.profiles == nil {
245 return ErrNoProfileStore
246 }
247 return c.profiles.updateProfile(id, change)
248 }
249
250 // UpdateProfiles applies the supplied BulkProfileChange to every Profile that matches one of the
251 // specified IDs in the profileStore associated with the Context.
252 func (c Context) UpdateProfiles(ids []uuid.ID, change BulkProfileChange) error {
253 if c.profiles == nil {
254 return ErrNoProfileStore
255 }
256 return c.profiles.updateProfiles(ids, change)
257 }
258
259 // DeleteProfile removes the Profile specified by the passed ID from the profileStore associated
260 // with the Context.
261 func (c Context) DeleteProfile(id uuid.ID) error {
262 if c.profiles == nil {
263 return ErrNoProfileStore
264 }
265 return c.profiles.deleteProfile(id)
266 }
267
268 // AddLogin stores the passed Login in the profileStore associated with the Context. It also associates
269 // the newly-created Login with the Orofile in login.ProfileID.
270 func (c Context) AddLogin(login Login) error {
271 if c.profiles == nil {
272 return ErrNoProfileStore
273 }
274 return c.profiles.addLogin(login)
275 }
276
277 // RemoveLogin removes the specified Login from the profileStore associated with the Context, provided
278 // the Login has a ProfileID property that matches the profile ID passed in. It also disassociates the
279 // deleted Login from the Profile in login.ProfileID.
280 func (c Context) RemoveLogin(value string, profile uuid.ID) error {
281 if c.profiles == nil {
282 return ErrNoProfileStore
283 }
284 return c.profiles.removeLogin(value, profile)
285 }
286
287 // RecordLoginUse sets the LastUsed property of the Login specified in the profileStore associated with
288 // the Context to the value passed in as when.
289 func (c Context) RecordLoginUse(value string, when time.Time) error {
290 if c.profiles == nil {
291 return ErrNoProfileStore
292 }
293 return c.profiles.recordLoginUse(value, when)
294 }
295
296 // ListLogins returns a slice of up to num Logins associated with the specified Profile from the profileStore
297 // associated with the Context, skipping offset Profiles.
298 func (c Context) ListLogins(profile uuid.ID, num, offset int) ([]Login, error) {
299 if c.profiles == nil {
300 return []Login{}, ErrNoProfileStore
301 }
302 return c.profiles.listLogins(profile, num, offset)
303 }
304
305 // GetToken returns the Token specified from the tokenStore associated with the Context.
306 // If refresh is true, the token input should be compared against the refresh tokens, not the
307 // access tokens.
308 func (c Context) GetToken(token string, refresh bool) (Token, error) {
309 if c.tokens == nil {
310 return Token{}, ErrNoTokenStore
311 }
312 return c.tokens.getToken(token, refresh)
313 }
314
315 // SaveToken stores the passed Token in the tokenStore associated with the Context.
316 func (c Context) SaveToken(token Token) error {
317 if c.tokens == nil {
318 return ErrNoTokenStore
319 }
320 return c.tokens.saveToken(token)
321 }
322
323 // RevokeToken revokes the Token identfied by the passed token string from the tokenStore associated
324 // with the context. If refresh is true, the token input should be compared against the refresh tokens,
325 // not the access tokens.
326 func (c Context) RevokeToken(token string, refresh bool) error {
327 if c.tokens == nil {
328 return ErrNoTokenStore
329 }
330 return c.tokens.revokeToken(token, refresh)
331 }
332
333 // GetTokensByProfileID returns a slice of up to num Tokens with a ProfileID that matches the specified
334 // profileID from the tokenStore associated with the Context, skipping offset Tokens.
335 func (c Context) GetTokensByProfileID(profileID uuid.ID, num, offset int) ([]Token, error) {
336 if c.tokens == nil {
337 return []Token{}, ErrNoTokenStore
338 }
339 return c.tokens.getTokensByProfileID(profileID, num, offset)
340 }
341
342 // CreateSession stores the passed Session in the sessionStore associated with the Context.
343 func (c Context) CreateSession(session Session) error {
344 if c.sessions == nil {
345 return ErrNoSessionStore
346 }
347 return c.sessions.createSession(session)
348 }
349
350 // GetSession returns the Session specified from the sessionStore associated with the Context.
351 func (c Context) GetSession(id string) (Session, error) {
352 if c.sessions == nil {
353 return Session{}, ErrNoSessionStore
354 }
355 return c.sessions.getSession(id)
356 }
357
358 // RemoveSession removes the Session identified by the passed ID from the sessionStore associated with
359 // the Context.
360 func (c Context) RemoveSession(id string) error {
361 if c.sessions == nil {
362 return ErrNoSessionStore
363 }
364 return c.sessions.removeSession(id)
365 }
366
367 // ListSessions returns a slice of up to num Sessions from the sessionStore associated with the Context,
368 // ordered by the date they were created, descending. If before.IsZero() returns false, only Sessions
369 // that were created before that time will be returned. If profile is not nil, only Sessions belonging to
370 // that Profile will be returned.
371 func (c Context) ListSessions(profile uuid.ID, before time.Time, num int64) ([]Session, error) {
372 if c.sessions == nil {
373 return []Session{}, ErrNoSessionStore
374 }
375 return c.sessions.listSessions(profile, before, num)
376 }
377
378 func (c Context) CreateScopes(scopes []Scope) error {
379 if c.scopes == nil {
380 return ErrNoScopeStore
381 }
382 return c.scopes.createScopes(scopes)
383 }
384
385 func (c Context) GetScopes(ids []string) ([]Scope, error) {
386 if c.scopes == nil {
387 return []Scope{}, ErrNoScopeStore
388 }
389 return c.scopes.getScopes(ids)
390 }
391
392 func (c Context) UpdateScopes(changes []ScopeChange) ([]Scope, error) {
393 if c.scopes == nil {
394 return []Scope{}, ErrNoScopeStore
395 }
396 return c.scopes.updateScopes(changes)
397 }
398
399 func (c Context) RemoveScopes(ids []string) error {
400 if c.scopes == nil {
401 return ErrNoScopeStore
402 }
403 return c.scopes.removeScopes(ids)
404 }
405
406 func (c Context) ListScopes() ([]Scope, error) {
407 if c.scopes == nil {
408 return []Scope{}, ErrNoScopeStore
409 }
410 return c.scopes.listScopes()
411 }