towk/opaal
1
0
Fork 0
mirror of https://github.com/davidallendj/opaal.git synced 2025-12-20 03:27:02 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Implemented IDP registered clients and callbacks

Browse source
This commit is contained in:
David J. Allen 2024-04-30 14:44:57 -06:00
parent cbb3e6f851
commit 7022801fe9
No known key found for this signature in database
GPG key ID: 717C593FF60A2ACC
2 changed files with 24 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

42
internal/server/idp.go
View file

@ -3,7 +3,6 @@ package server
import ( import (
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"davidallendj/opaal/internal/oauth"
"davidallendj/opaal/internal/oidc" "davidallendj/opaal/internal/oidc"
"encoding/json" "encoding/json"
"fmt" "fmt"
@ -22,6 +21,22 @@ import (
"github.com/lestrrat-go/jwx/v2/jwt" "github.com/lestrrat-go/jwx/v2/jwt"
) )
// TODO: make this a completely separate server
type IdentityProviderServer struct {
Host string `yaml:"host"`
Port int `yaml:"port"`
Endpoints oidc.Endpoints `yaml:"endpoints"`
Clients []RegisteredClient `yaml:"clients"`
}
// NOTE: could we use a oauth.Client here instead??
type RegisteredClient struct {
Id string `yaml:"id"`
Secret string `yaml:"secret"`
Name string `yaml:"name"`
RedirectUris []string `yaml:"redirect-uris"`
}
func (s *Server) StartIdentityProvider() error { func (s *Server) StartIdentityProvider() error {
// NOTE: this example does NOT implement CSRF tokens nor use them // NOTE: this example does NOT implement CSRF tokens nor use them
@ -29,15 +44,9 @@ func (s *Server) StartIdentityProvider() error {
var ( var (
r = chi.NewRouter() r = chi.NewRouter()
// clients = []oauth.Client{} // clients = []oauth.Client{}
callback = ""
activeCodes = []string{} activeCodes = []string{}
) )
// check if callback is set
if s.Callback == "" {
callback = "/oidc/callback"
}
// update endpoints that have values set // update endpoints that have values set
defaultEps := oidc.Endpoints{ defaultEps := oidc.Endpoints{
Authorization: "http://" + s.Addr + "/oauth/authorize", Authorization: "http://" + s.Addr + "/oauth/authorize",
@ -138,21 +147,18 @@ func (s *Server) StartIdentityProvider() error {
username := r.Form.Get("username") username := r.Form.Get("username")
password := r.Form.Get("password") password := r.Form.Get("password")
// example username and password so do simplified authorization code flow if len(s.Issuer.Clients) <= 0 {
if username == "ochami" && password == "ochami" { fmt.Printf("no registered clients found with identity provider (add them in config)\n")
client := oauth.Client{ return
Id: "ochami",
Secret: "ochami",
Name: "ochami",
Provider: oidc.IdentityProvider{
Issuer: "http://127.0.0.1:3333",
},
RedirectUris: []string{fmt.Sprintf("http://%s:%d%s", s.Host, s.Port, callback)},
} }
// example username and password so do simplified authorization code flow
if username == "openchami" && password == "openchami" {
client := s.Issuer.Clients[0]
// check if there are any redirect URIs supplied // check if there are any redirect URIs supplied
if len(client.RedirectUris) <= 0 { if len(client.RedirectUris) <= 0 {
fmt.Printf("no redirect URIs found") fmt.Printf("no redirect URIs found for client %s (ID: %s)\n", client.Name, client.Id)
return return
} }
for _, url := range client.RedirectUris { for _, url := range client.RedirectUris {

6
internal/server/server.go
View file

@ -25,12 +25,6 @@ type Server struct {
Issuer IdentityProviderServer `yaml:"issuer"` Issuer IdentityProviderServer `yaml:"issuer"`
} }
type IdentityProviderServer struct {
Host string `yaml:"host"`
Port int `yaml:"port"`
Endpoints oidc.Endpoints `yaml:"endpoints"`
}
type ServerParams struct { type ServerParams struct {
AuthProvider *oidc.IdentityProvider AuthProvider *oidc.IdentityProvider
Verbose bool Verbose bool