Added CLI and more functionality

2025-12-20 03:27:02 -07:00 · 2024-02-21 17:51:59 -07:00 · 2024-02-21 17:51:59 -07:00 · 053095c412
commit 053095c412
parent c04107cf3d
12 changed files with 199 additions and 92 deletions
--- a/cmd/config.go
+++ b/cmd/config.go
@ -0,0 +1,18 @@
 package cmd
 import "github.com/spf13/cobra"
 var configCmd = &cobra.Command{
 	Use:   "config",
 	Short: "Create a new default config file",
 	Run: func(cmd *cobra.Command, args []string) {
 		// create a new config at all args (paths)
 		for _, path := range args {
 			_ = path
 		}
 	},
 }
 func init() {
 	rootCmd.AddCommand(configCmd)
 }
--- a/cmd/login
+++ b/cmd/login
@ -0,0 +1,62 @@
 package cmd
 import "github.com/spf13/cobra"
 var (
 	host string
 	port int
 	redirectUri  = []string{""}
 	state        = ""
 	responseType = "code"
 	scope        = []string{"email", "profile", "openid"}
 	client oauth.Client
 )
 var loginCmd = &cobra.Command{
 	Use: "login",
 	Short: "Start the login flow"
 	Run: func(cmd *cobra.Command, args []string) {
 		oidcProvider := oidc.NewOIDCProvider()
 		var authorizationUrl = util.BuildAuthorizationUrl(
 			oidcProvider.GetAuthorizeUrl(),
 			client.Id,
 			redirectUri,
 			util.RandomString(20),
 			responseType,
 			[]string{"email", "profile", "openid"},
 		)
 		// print the authorization URL for the user to log in
 		fmt.Printf("Login with identity provider: %s\n", authorizationUrl)
 		// start a HTTP server to listen for callback responses
 		fmt.Printf("Waiting for response from OIDC provider...\n")
 		err := server.Start(host, port)
 		if errors.Is(err, http.ErrServerClosed) {
 			fmt.Printf("server closed\n")
 		} else if err != nil {
 			fmt.Printf("error starting server: %s\n", err)
 			os.Exit(1)
 		}
 		// extract code from response and exchange for bearer token
 		// extract ID token and save user info
 		// create a new identity with Ory Kratos
 		// use ID token/user info to get access token from Ory Hydra
 	},
 }
 func init(){
 	loginCmd.Flags().StringVar(&client.Id, "client.id", "", "set the client ID")
 	loginCmd.Flags().StringVar(&redirectUri, "redirect-uri", "", "set the redirect URI")
 	loginCmd.Flags().StringVar(&responseType, "response-type", "code", "set the response-type")
 	loginCmd.Flags().StringSliceVar(&scope, "scope", []string{"openid", "email"}, "set the scopes")
 	loginCmd.Flags().String(&state, "state", util.RandomString(), "set the state")
 	loginCmd.Flags().StringVar(host, "host", "127.0.0.1", "set the listening host")
 	loginCmd.Flags().IntVar(&port, "port", 3333, "set the listening port")
 	rootCmd.AddCommand(loginCmd)
 }
--- a/cmd/root.go
+++ b/cmd/root.go
@ -0,0 +1,28 @@
 package cmd
 import (
 	"fmt"
 	"os"
 	"github.com/spf13/cobra"
 )
 var configPath = ""
 var rootCmd = &cobra.Command{
 	Use:   "oidc",
 	Short: "An experimental OIDC helper tool for handling logins",
 	Run: func(cmd *cobra.Command, args []string) {
 	},
 }
 func Execute() {
 	if err := rootCmd.Execute(); err != nil {
 		fmt.Fprintf(os.Stderr, "Whoops. There was an error while executing your CLI '%s'", err)
 		os.Exit(1)
 	}
 }
 func init() {
 	rootCmd.Flags().StringVar(&configPath, "config", "", "set the config path")
 }
--- a/go.mod
+++ b/go.mod
@ -1,13 +1,10 @@
-module davidallendj/ochami-auth
+module davidallendj/oidc-auth
-go 1.21.5
+go 1.22.0
-require github.com/ory/client-go v1.6.1
+require github.com/spf13/cobra v1.8.0
 require (
-	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
-	golang.org/x/net v0.20.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
 	golang.org/x/oauth2 v0.16.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,26 +1,10 @@
-github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
-github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
-github.com/ory/client-go v1.6.1 h1:nVb1ZRtBQS9oLJQR7VK7t9cxNHXKdZ2CtpoDmmHOhAQ=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
-github.com/ory/client-go v1.6.1/go.mod h1:6dx0Ir6q8O9mUvl3sqrlyR+0LalXLwwKedVDDmSPNQs=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
 golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
 golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ=
 golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
 google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
 google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
--- a/handler.go
+++ b/handler.go
@ -1,28 +0,0 @@
 package main
 import (
 	"encoding/json"
 	"html/template"
 	"net/http"
 )
 func (app *App) dashboardHandler() http.HandlerFunc {
 	return func(writer http.ResponseWriter, request *http.Request) {
 		tmpl, err := template.New("index.html").ParseFiles("index.html")
 		if err != nil {
 			http.Error(writer, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		session, err := json.Marshal(getSession(request.Context()))
 		if err != nil {
 			http.Error(writer, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		err = tmpl.ExecuteTemplate(writer, "index.html", string(session))
 		if err != nil {
 			http.Error(writer, err.Error(), http.StatusInternalServerError)
 			return
 		}
 	}
 }
--- a/internal/oauth/oauth.go
+++ b/internal/oauth/oauth.go
@ -0,0 +1,15 @@
 package oauth
 type Client struct {
 	Id     string
 	Secret string
 	Issuer string
 }
 func NewClient() *Client {
 	return &Client{
 		Id:     "",
 		Secret: "",
 		Issuer: "",
 	}
 }
--- a/internal/oidc/oidc-auth
+++ b/internal/oidc/oidc-auth
--- a/internal/oidc/oidc.go
+++ b/internal/oidc/oidc.go
@ -7,7 +7,7 @@ type OpenIDConnectProvider struct {
 	ConfigEndpoint    string
 }
-func NewOpenIDConnect() *OpenIDConnectProvider {
+func NewOIDCProvider() *OpenIDConnectProvider {
 	return &OpenIDConnectProvider{
 		Host:              "https://gitlab.newmexicoconsortium.org",
 		AuthorizeEndpoint: "/oauth/authorize",
@ -15,11 +15,11 @@ func NewOpenIDConnect() *OpenIDConnectProvider {
 	}
 }
-func (oidc *OpenIDConnectProvider) AuthorizeUrl() string {
+func (oidc *OpenIDConnectProvider) GetAuthorizeUrl() string {
 	return oidc.Host + oidc.AuthorizeEndpoint
 }
-func (oidc *OpenIDConnectProvider) TokenUrl() string {
+func (oidc *OpenIDConnectProvider) GetTokenUrl() string {
 	return oidc.Host + oidc.TokenEndpoint
 }
--- a/internal/server/server.go
+++ b/internal/server/server.go
@ -0,0 +1,16 @@
 package server
 import (
 	"fmt"
 	"net/http"
 )
 func Start(host string, port int) error {
 	http.HandleFunc("/oauth/callback", getAuthorizationCode)
 	err := http.ListenAndServe(host+":"+fmt.Sprintf("%d", port), nil)
 	return err
 }
 func getAuthorizationCode(w http.ResponseWriter, r *http.Request) {
 	fmt.Printf("response from OIDC provider: %v\n", r)
 }
--- a/internal/util/util.go
+++ b/internal/util/util.go
@ -0,0 +1,39 @@
 package util
 import (
 	"math/rand"
 	"strings"
 )
 const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
 const (
 	letterIdxBits = 6                    // 6 bits to represent a letter index
 	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
 	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
 )
 func RandomString(n int) string {
 	b := make([]byte, n)
 	// A rand.Int63() generates 63 random bits, enough for letterIdxMax letters!
 	for i, cache, remain := n-1, rand.Int63(), letterIdxMax; i >= 0; {
 		if remain == 0 {
 			cache, remain = rand.Int63(), letterIdxMax
 		}
 		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
 			b[i] = letterBytes[idx]
 			i--
 		}
 		cache >>= letterIdxBits
 		remain--
 	}
 	return string(b)
 }
 func BuildAuthorizationUrl(authEndpoint string, clientId string, redirectUri []string, state string, responseType string, scope []string) string {
 	return authEndpoint + "?" + "cilent_id=" + clientId +
 		"&redirect_url=" + strings.Join(redirectUri, ",") +
 		"&response_type=" + responseType +
 		"&state=" + state +
 		"&scope=" + strings.Join(scope, "+")
 }
--- a/main.go
+++ b/main.go
@ -1,35 +1,11 @@
 package main
-import (
+import "davidallendj/oidc-auth/cmd"
 	"davidallendj/ochami-auth/oidc"
 	"strings"
 )
 var (
-	clientId      = ""
+	userDB = ""
 	redirectUri   = ""
 	state         = ""
 	response_type = "code"
 	userDB        = ""
 )
 func buildAuthorizationUrl(authEndpoint string, clientId string, redirectUri []string, state string, responseType string, scope []string) string {
 	return authEndpoint + "?" + "cilent_id=" + clientId +
 		"&redirect_url=" + strings.Join(redirectUri, ",") +
 		"&response_type=" + responseType +
 		"&state=" + state +
 		"&scope=" + strings.Join(scope, "+")
 }
 func main() {
-	client := oidc.NewOpenIDConnect()
+	cmd.Execute()
 	var authorizationUrl = buildAuthorizationUrl(
 		client.
 	)
 	var tokenUrl = loginHost + tokenEndpoint
 	// start a HTTP server to listen for callback responses
 	// extract code from response and exchange for bearer token
 	// extract ID token and save user info
 	// use ID token/user info to get access token from Hydra
 }