auth
178:0a2c3d677161 Browse Files
Update to use a generic event emitter. Rather can creating a purpose-built event emitter for each and every event we need to emit (I'm looking at you, login verification event) which is _downright silly_, we're now using a generic event publisher that's based on saying "HEY A MODEL UPDATED". This means we need to change all our setup code in authd to use events.NewNSQPublisher or events.NewStdoutPublisher instead of our homegrown solutions. Which also means updating our config to take an events.Publisher instead of our LoginVerificationNotifier (blergh). Our Context also now uses an events.Publisher instead of a LoginVerificationNotifier. Party all around! We also replaced our SendLoginVerification helper method on Context with a SendModelEvent helper method on Context, which is just a light wrapper around events.PublishModelEvent. Of course, all this means we need to update our email_verification listener to listen to the correct channel (based on the model we want updates about) and filter down to a Created action or our new custom action for "the customer wants their verification resent", which I'm OK making a special case and not generic, because c'mon. But we had a subtle change to all our constants, some of which are unofficial constants now. I'm unsure how I feel about this. We also updated our email_verification listener so that we're unmarshalling to a custom loginEvent, which is just an events.Event that overwrites the Data property to be an auth.Login instance. This is to make sure we don't need to wrangle a map[string]interface{}, which is no fun. I'm also OK with special-casing like this, because it's 1) a tiny amount of code, 2) properly utilising composition, and 3) the only way I can think of to cleanly accomplish what I want. I also added a note about GetLogin's deficient handling of logins, namely that it doesn't recognise admins and return Verification codes to them, which would be a useful property for internal tools to take advantage of. Ah well. I updated the Profile and Login implementations so they're now event.Model instances, mainly by just exporting some strings from them through getters that will let us automatically build an Event from them. This lets us use the PublishModelEvent helper. I updated our CreateProfileHandler to properly mangle the login Verification property, and to fire off the ActionCreated events for the new Login and the new Profile. I updated our GetLoginHandler and UpdateLoginHandler to properly mangle the loginVerification property. God that's annoying. :-/ You'll note I didn't start publishing the events.ActionUpdated or events.ActionDeleted events for Profiles or Logins yet, and didn't bother publishing any events for literally any other type. That's because I'm a lazy piece of crap and will end up publishing them when I absolutely have to. Part of that is because if a channel isn't created/being read for a topic, the messages will just stack up in NSQ, and I don't want that. But mostly I'm lazy. Finally, I got to delete the entire profile_verification.go file, because we're no longer special-casing that. Hooray!
authd/server.go config.go context.go listeners/email_verification/listener.go profile.go profile_verification.go
1.1 --- a/authd/server.go Mon Jul 13 23:49:25 2015 -0400 1.2 +++ b/authd/server.go Wed Jul 15 00:13:59 2015 -0400 1.3 @@ -8,6 +8,7 @@ 1.4 "os" 1.5 1.6 "code.secondbit.org/auth.hg" 1.7 + "code.secondbit.org/events.hg" 1.8 "github.com/gorilla/mux" 1.9 ) 1.10 1.11 @@ -53,13 +54,13 @@ 1.12 config.Template = template.Must(template.New("base").ParseGlob("./templates/*.gotmpl")) 1.13 config.LoginURI = "/login" 1.14 if os.Getenv("AUTH_NSQD_ADDR") != "" { 1.15 - n, err := auth.NewNSQNotifier(os.Getenv("AUTH_NSQD_ADDR")) 1.16 + publisher, err := events.NewNSQPublisher("code.secondbit.org/auth/authd-"+auth.Version, os.Getenv("AUTH_NSQD_ADDR")) 1.17 if err != nil { 1.18 log.Fatal(err) 1.19 } 1.20 - config.LoginVerificationNotifier = n 1.21 + config.EventsPublisher = publisher 1.22 } else { 1.23 - config.LoginVerificationNotifier = auth.NewStdoutNotifier() 1.24 + config.EventsPublisher = events.NewStdoutPublisher() 1.25 } 1.26 err = config.Init() 1.27 if err != nil {
2.1 --- a/config.go Mon Jul 13 23:49:25 2015 -0400 2.2 +++ b/config.go Wed Jul 15 00:13:59 2015 -0400 2.3 @@ -4,6 +4,8 @@ 2.4 "errors" 2.5 "html/template" 2.6 "log" 2.7 + 2.8 + "code.secondbit.org/events.hg" 2.9 ) 2.10 2.11 var ( 2.12 @@ -19,18 +21,18 @@ 2.13 // Config holds the configuration values necessary to run a server. A Config 2.14 // instance is the only way to instantiate a Context variable. 2.15 type Config struct { 2.16 - ClientStore clientStore 2.17 - AuthCodeStore authorizationCodeStore 2.18 - ProfileStore profileStore 2.19 - TokenStore tokenStore 2.20 - SessionStore sessionStore 2.21 - ScopeStore scopeStore 2.22 - LoginVerificationNotifier loginVerificationNotifier 2.23 - Template *template.Template 2.24 - LoginURI string 2.25 - JWTPrivateKey []byte 2.26 - iterations int 2.27 - secureCookie bool 2.28 + ClientStore clientStore 2.29 + AuthCodeStore authorizationCodeStore 2.30 + ProfileStore profileStore 2.31 + TokenStore tokenStore 2.32 + SessionStore sessionStore 2.33 + ScopeStore scopeStore 2.34 + EventsPublisher events.Publisher 2.35 + Template *template.Template 2.36 + LoginURI string 2.37 + JWTPrivateKey []byte 2.38 + iterations int 2.39 + secureCookie bool 2.40 } 2.41 2.42 // Init is a function that preps the Config object to be used for Context creation, setting variables
3.1 --- a/context.go Mon Jul 13 23:49:25 2015 -0400 3.2 +++ b/context.go Wed Jul 15 00:13:59 2015 -0400 3.3 @@ -7,6 +7,7 @@ 3.4 "net/url" 3.5 "time" 3.6 3.7 + "code.secondbit.org/events.hg" 3.8 "code.secondbit.org/uuid.hg" 3.9 ) 3.10 3.11 @@ -14,16 +15,16 @@ 3.12 // be used as the main point of interaction for the data storage 3.13 // layer. 3.14 type Context struct { 3.15 - template *template.Template 3.16 - loginURI *url.URL 3.17 - clients clientStore 3.18 - authCodes authorizationCodeStore 3.19 - profiles profileStore 3.20 - tokens tokenStore 3.21 - sessions sessionStore 3.22 - scopes scopeStore 3.23 - loginVerificationNotifier loginVerificationNotifier 3.24 - config Config 3.25 + template *template.Template 3.26 + loginURI *url.URL 3.27 + clients clientStore 3.28 + authCodes authorizationCodeStore 3.29 + profiles profileStore 3.30 + tokens tokenStore 3.31 + sessions sessionStore 3.32 + scopes scopeStore 3.33 + eventsPublisher events.Publisher 3.34 + config Config 3.35 } 3.36 3.37 // NewContext takes a Config instance and uses it to bootstrap a Context 3.38 @@ -33,15 +34,15 @@ 3.39 return Context{}, ErrConfigNotInitialized 3.40 } 3.41 context := Context{ 3.42 - clients: config.ClientStore, 3.43 - authCodes: config.AuthCodeStore, 3.44 - profiles: config.ProfileStore, 3.45 - tokens: config.TokenStore, 3.46 - sessions: config.SessionStore, 3.47 - scopes: config.ScopeStore, 3.48 - loginVerificationNotifier: config.LoginVerificationNotifier, 3.49 - template: config.Template, 3.50 - config: config, 3.51 + clients: config.ClientStore, 3.52 + authCodes: config.AuthCodeStore, 3.53 + profiles: config.ProfileStore, 3.54 + tokens: config.TokenStore, 3.55 + sessions: config.SessionStore, 3.56 + scopes: config.ScopeStore, 3.57 + eventsPublisher: config.EventsPublisher, 3.58 + template: config.Template, 3.59 + config: config, 3.60 } 3.61 var err error 3.62 context.loginURI, err = url.Parse(config.LoginURI) 3.63 @@ -491,9 +492,9 @@ 3.64 return c.scopes.listScopes() 3.65 } 3.66 3.67 -func (c Context) SendLoginVerification(login Login) { 3.68 - if c.loginVerificationNotifier == nil { 3.69 - log.Println("Login verification notifier not set!") 3.70 +func (c Context) SendModelEvent(m events.Model, action string) error { 3.71 + if c.eventsPublisher == nil { 3.72 + log.Println("Event publisher not set!") 3.73 } 3.74 - c.loginVerificationNotifier.SendLoginVerification(login) 3.75 + return events.PublishModelEvent(c.eventsPublisher, m, action) 3.76 }
4.1 --- a/listeners/email_verification/listener.go Mon Jul 13 23:49:25 2015 -0400 4.2 +++ b/listeners/email_verification/listener.go Wed Jul 15 00:13:59 2015 -0400 4.3 @@ -71,51 +71,53 @@ 4.4 mgClient = mailgun.NewMailgun(mgDomain, mgAPIKey, "") 4.5 emailHTMLTemplate = htmltmpl.Must(htmltmpl.ParseGlob(mgHTMLTemplateFile)) 4.6 emailTextTemplate = texttmpl.Must(texttmpl.ParseGlob(mgTextTemplateFile)) 4.7 - sub, err := events.NewNSQSubscriber(lookupds, nsq.HandlerFunc(messageHandler), auth.EventTopicLoginVerification, channel, "email_verification/"+auth.Version) 4.8 + sub, err := events.NewNSQSubscriber(lookupds, nsq.HandlerFunc(messageHandler), "logins", channel, "code.secondbit.org/auth/listeners/email_verification-"+auth.Version) 4.9 if err != nil { 4.10 log.Fatalf("Error creating subscriber: %+v\n", err) 4.11 } 4.12 sub.Block() 4.13 } 4.14 4.15 +type loginEvent struct { 4.16 + events.Event 4.17 + Data auth.Login `json:"data,omitempty"` 4.18 +} 4.19 + 4.20 func messageHandler(msg *nsq.Message) error { 4.21 - var event events.Event 4.22 + var event loginEvent 4.23 err := json.Unmarshal(msg.Body, &event) 4.24 if err != nil { 4.25 log.Printf("Error decoding event (%s), discarding: %+v\n", err) 4.26 return nil 4.27 } 4.28 - if event.System != auth.EventSystem { 4.29 + if event.System != "code.secondbit.org/auth" { 4.30 log.Printf("Ignoring event originating from %s\n", event.System) 4.31 return nil 4.32 } 4.33 - if event.Model != auth.EventModelLogin { 4.34 + if event.Model != "logins" { 4.35 log.Printf("Ignoring event for model %s\n", event.Model) 4.36 return nil 4.37 } 4.38 - if event.Action != auth.EventActionSendVerification { 4.39 + if event.Action != events.ActionCreated && event.Action != auth.ActionResendVerification { 4.40 log.Printf("Ignoring event caused by %s\n", event.Action) 4.41 return nil 4.42 } 4.43 - if event.Data == nil { 4.44 - log.Printf("Ignoring event with data not set.\n") 4.45 + if event.Data.Value == "" { 4.46 + log.Printf("Ignoring event with data not set: %s\n", msg.Body) 4.47 return nil 4.48 } 4.49 - data, ok := event.Data.(map[string]interface{}) 4.50 - if !ok { 4.51 - log.Printf("Ignoring event with data not map[string]string.\n") 4.52 - return nil 4.53 - } 4.54 - if _, ok := data["verification"]; !ok { 4.55 + login := event.Data 4.56 + if login.Verification == "" { 4.57 log.Printf("Ignoring event with no verification included.\n") 4.58 return nil 4.59 } 4.60 - verification, ok := data["verification"].(string) 4.61 - if !ok { 4.62 - log.Printf("Ignoring event with non-string verification.\n") 4.63 - return nil 4.64 - } 4.65 - login, err := authClient.GetLogin(event.ID) 4.66 + // GetLogin won't return the verification code, to prevent it leaking outside the system 4.67 + // eventually, we need to claim the admin scope for logins, and have the API respect that and output the verification 4.68 + // this leaves us vulnerable to someone injecting an incorrect value into NSQ, but at that point, we're probably owned anyways 4.69 + // but on principle, we shouldn't be using information that we didn't pull from our API. 4.70 + // this can have weird race conditions if they somehow manage to reset their email verification to a new value. 4.71 + verification := login.Verification 4.72 + login, err = authClient.GetLogin(login.Value) 4.73 if err != nil { 4.74 log.Printf("Error retrieving login %s: %+v", event.ID, err) 4.75 return err // requeue the message for later processing
5.1 --- a/profile.go Mon Jul 13 23:49:25 2015 -0400 5.2 +++ b/profile.go Wed Jul 15 00:13:59 2015 -0400 5.3 @@ -9,7 +9,9 @@ 5.4 "strings" 5.5 "time" 5.6 5.7 + "code.secondbit.org/events.hg" 5.8 "code.secondbit.org/uuid.hg" 5.9 + 5.10 "github.com/gorilla/mux" 5.11 ) 5.12 5.13 @@ -24,6 +26,9 @@ 5.14 MaxNameLength = 64 5.15 // MaxEmailLength is the maximum length, in bytes, of an email address, exclusive. 5.16 MaxEmailLength = 64 5.17 + 5.18 + // ActionResendVerification is the action property of the event sent when the user wants to resend their login verification code. 5.19 + ActionResendVerification = "resend_verification" 5.20 ) 5.21 5.22 var ( 5.23 @@ -85,6 +90,18 @@ 5.24 LastSeen time.Time `json:"last_seen,omitempty"` 5.25 } 5.26 5.27 +func (p Profile) GetModelName() string { 5.28 + return "profiles" 5.29 +} 5.30 + 5.31 +func (p Profile) GetID() string { 5.32 + return p.ID.String() 5.33 +} 5.34 + 5.35 +func (p Profile) GetSystem() string { 5.36 + return "code.secondbit.org/auth" 5.37 +} 5.38 + 5.39 // ApplyChange applies the properties of the passed ProfileChange 5.40 // to the Profile it is called on. 5.41 func (p *Profile) ApplyChange(change ProfileChange) { 5.42 @@ -203,10 +220,22 @@ 5.43 ProfileID uuid.ID `json:"profile_id,omitempty"` 5.44 Created time.Time `json:"created,omitempty"` 5.45 LastUsed time.Time `json:"last_used,omitempty"` 5.46 - Verification string `json:"-"` 5.47 + Verification string `json:"verification,omitempty"` 5.48 Verified bool `json:"verified"` 5.49 } 5.50 5.51 +func (l Login) GetModelName() string { 5.52 + return "logins" 5.53 +} 5.54 + 5.55 +func (l Login) GetID() string { 5.56 + return l.Value 5.57 +} 5.58 + 5.59 +func (l Login) GetSystem() string { 5.60 + return "code.secondbit.org/auth" 5.61 +} 5.62 + 5.63 type LoginChange struct { 5.64 Verification *string `json:"verification,omitempty"` 5.65 ResendVerification *bool `json:"resend_verification,omitempty"` 5.66 @@ -626,15 +655,17 @@ 5.67 encode(w, r, http.StatusInternalServerError, actOfGodResponse) 5.68 return 5.69 } 5.70 + verification := login.Verification 5.71 + login.Verification = "" // clear verification so it's not exposed 5.72 logins = append(logins, login) 5.73 resp := Response{ 5.74 Logins: logins, 5.75 Profiles: []Profile{profile}, 5.76 } 5.77 encode(w, r, http.StatusCreated, resp) 5.78 - go context.SendLoginVerification(login) // this should key off that model event, instead 5.79 - //BUG(paddy): Need to trigger a ModelEvent saying the profile was created 5.80 - // go context.SendModelEvent(profile, events.ActionCreated) 5.81 + login.Verification = verification // restore verification so it's included in the event 5.82 + go context.SendModelEvent(login, events.ActionCreated) 5.83 + go context.SendModelEvent(profile, events.ActionCreated) 5.84 } 5.85 5.86 func UpdateProfileHandler(w http.ResponseWriter, r *http.Request, context Context) { 5.87 @@ -819,6 +850,9 @@ 5.88 encode(w, r, http.StatusInternalServerError, actOfGodResponse) 5.89 return 5.90 } 5.91 + // clear verification code so it's not exposed 5.92 + // BUG(paddy): We hsould only hide the verification code if it's not an admin request, but auth isn't set up properly for scopes yet 5.93 + login.Verification = "" 5.94 encode(w, r, http.StatusOK, Response{Logins: []Login{login}}) 5.95 } 5.96 5.97 @@ -872,11 +906,13 @@ 5.98 encode(w, r, http.StatusBadRequest, Response{Errors: errors}) 5.99 return 5.100 } 5.101 - context.SendLoginVerification(login) 5.102 + go context.SendModelEvent(login, ActionResendVerification) 5.103 } else { 5.104 errors = append(errors, RequestError{Slug: RequestErrMissing, Field: "/"}) 5.105 encode(w, r, http.StatusBadRequest, Response{Errors: errors}) 5.106 return 5.107 } 5.108 + // clear the Verification code so it's not exposed 5.109 + login.Verification = "" 5.110 encode(w, r, http.StatusOK, Response{Logins: []Login{login}}) 5.111 }
6.1 --- a/profile_verification.go Mon Jul 13 23:49:25 2015 -0400 6.2 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 6.3 @@ -1,55 +0,0 @@ 6.4 -package auth 6.5 - 6.6 -import ( 6.7 - "log" 6.8 - "time" 6.9 - 6.10 - "code.secondbit.org/events.hg" 6.11 -) 6.12 - 6.13 -const ( 6.14 - EventSystem = "authd" 6.15 - EventModelLogin = "login" 6.16 - EventActionSendVerification = "send_verification" 6.17 - EventTopicLoginVerification = "login_verification" 6.18 -) 6.19 - 6.20 -type loginVerificationNotifier interface { 6.21 - SendLoginVerification(login Login) 6.22 -} 6.23 - 6.24 -type stdoutNotifier struct{} 6.25 - 6.26 -func NewStdoutNotifier() stdoutNotifier { 6.27 - return stdoutNotifier{} 6.28 -} 6.29 - 6.30 -func (s stdoutNotifier) SendLoginVerification(login Login) { 6.31 - log.Printf("Use \"%s\" as the verification code for \"%s\"\n", login.Verification, login.Value) 6.32 -} 6.33 - 6.34 -type nsqNotifier struct { 6.35 - *events.NSQPublisher 6.36 -} 6.37 - 6.38 -func NewNSQNotifier(address string) (*nsqNotifier, error) { 6.39 - p, err := events.NewNSQPublisher(EventSystem+"/"+Version, address) 6.40 - return &nsqNotifier{p}, err 6.41 -} 6.42 - 6.43 -func (n *nsqNotifier) SendLoginVerification(login Login) { 6.44 - evt := events.Event{ 6.45 - System: EventSystem, 6.46 - Model: EventModelLogin, 6.47 - ID: login.Value, 6.48 - Action: EventActionSendVerification, 6.49 - Timestamp: time.Now(), 6.50 - Data: map[string]string{ 6.51 - "verification": login.Verification, 6.52 - }, 6.53 - } 6.54 - err := n.Publish(EventTopicLoginVerification, evt) 6.55 - if err != nil { 6.56 - log.Printf("Error sending event: %#+v\n", err) 6.57 - } 6.58 -}