towk/opaal
1
0
Fork 0
mirror of https://github.com/davidallendj/opaal.git synced 2025-12-20 03:27:02 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added cache files

Browse source
This commit is contained in:
David Allen 2024-03-10 20:15:19 -06:00
parent 8b5d9ab6dd
commit fa090dbf5b
No known key found for this signature in database
GPG key ID: 1D2A29322FBB6FCB
3 changed files with 417 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

154
internal/cache/sqlite/clients.go vendored Normal file
View file

@ -0,0 +1,154 @@
package cache
import (
"davidallendj/opaal/internal/oauth"
"fmt"
"github.com/jmoiron/sqlx"
)
func CreateOAuthClientsIfNotExists(path string) (*sqlx.DB, error) {
schema := `
CREATE TABLE IF NOT EXISTS oauth_clients (
id TEXT NOT NULL,
secret TEXT NOT NULL,
name TEXT,
description TEXT,
issuer TEXT,
registration_access_token TEXT,
redirect_uris TEXT,
scope TEXT
PRIMARY KEY (id)
);
`
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
db.MustExec(schema)
return db, nil
}
func InsertOAuthClients(path string, clients *[]oauth.Client) error {
if clients == nil {
return fmt.Errorf("states == nil")
}
// create database if it doesn't already exist
db, err := CreateOAuthClientsIfNotExists(path)
if err != nil {
return err
}
// insert all probe states into db
tx := db.MustBegin()
for _, state := range *clients {
sql := `INSERT OR REPLACE INTO oauth_clients
(
id,
secret,
name,
description,
issuer,
registration_access_token,
redirect_uris,
scope
)
VALUES
(
:id,
:secret,
:name,
:description,
:issuer,
:registration_access_token,
:redirect_uris,
:scope
);`
_, err := tx.NamedExec(sql, &state)
if err != nil {
fmt.Printf("could not execute transaction: %v\n", err)
}
}
err = tx.Commit()
if err != nil {
return fmt.Errorf("could not commit transaction: %v", err)
}
return nil
}
func GetOAuthClient(path string, id string) (*oauth.Client, error) {
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
results := &oauth.Client{}
err = db.Select(&results, "SELECT * FROM oauth_clients ORDER BY host ASC, port ASC LIMIT 1;")
if err != nil {
return nil, fmt.Errorf("could not retrieve probes: %v", err)
}
return results, nil
}
func GetOAuthClients(path string) ([]oauth.Client, error) {
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
results := []oauth.Client{}
err = db.Select(&results, "SELECT * FROM oauth_clients;")
if err != nil {
return nil, fmt.Errorf("could not retrieve probes: %v", err)
}
return results, nil
}
func UpdateOAuthClient(path string, clients *[]oauth.Client) error {
if clients == nil {
return fmt.Errorf("clients is nil")
}
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return fmt.Errorf("could not open database: %v", err)
}
tx := db.MustBegin()
for _, state := range *clients {
sql := `UPDATE FROM identity_providers WHERE client_id = :client_id;`
_, err := tx.NamedExec(sql, &state)
if err != nil {
fmt.Printf("could not execute transaction: %v\n", err)
}
}
err = tx.Commit()
if err != nil {
return fmt.Errorf("could not commit transaction: %v", err)
}
return nil
}
func DeleteOAuthClients(path string, clientIds []string) error {
if clientIds == nil {
return fmt.Errorf("no probe results found")
}
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return fmt.Errorf("could not open database: %v", err)
}
tx := db.MustBegin()
for _, state := range clientIds {
sql := `DELETE FROM identity_providers WHERE client_id = :client_id;`
_, err := tx.NamedExec(sql, &state)
if err != nil {
fmt.Printf("could not execute transaction: %v\n", err)
}
}
err = tx.Commit()
if err != nil {
return fmt.Errorf("could not commit transaction: %v", err)
}
return nil
}

156
internal/cache/sqlite/providers.go vendored Normal file
View file

@ -0,0 +1,156 @@
package cache
import (
"davidallendj/opaal/internal/oidc"
"fmt"
"github.com/jmoiron/sqlx"
_ "github.com/mattn/go-sqlite3"
)
func CreateIdentityProvidersIfNotExists(path string) (*sqlx.DB, error) {
schema := `
CREATE TABLE IF NOT EXISTS identity_providers (
issuer TEXT NOT NULL,
authorization_endpoint TEXT,
token_endpoint TEXT,
revocation_endpoint TEXT,
introspection_endpoint TEXT,
userinfo_endpoint TEXT,
jwks_uri TEXT,
response_types_supported TEXT,
response_modes_supported TEXT,
grant_types_supported TEXT,
token_endpoint_auth_methods_supported TEXT,
subject_types_supported TEXT,
id_token_signing_alg_values_supported TEXT,
claim_types_supported TEXT,
claims_supported TEXT,
jwks TEXT,
PRIMARY KEY (issuer)
);
`
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
db.MustExec(schema)
return db, nil
}
func InsertIdentityProviders(path string, providers *[]oidc.IdentityProvider) error {
if providers == nil {
return fmt.Errorf("states == nil")
}
// create database if it doesn't already exist
db, err := CreateIdentityProvidersIfNotExists(path)
if err != nil {
return err
}
// insert all probe states into db
tx := db.MustBegin()
for _, state := range *providers {
sql := `INSERT OR REPLACE INTO identity_providers
(
issuer,
authorization_endpoint,
token_endpoint,
revocation_endpoint,
introspection_endpoint,
userinfo_endpoint,
jwks_uri,
response_types_supported,
response_modes_supported,
grant_types_supported,
token_endpoint_auth_methods_supported,
subject_types_supported,
id_token_signing_alg_values_supported,
claim_types_supported,
claims_supported,
jwks
)
VALUES
(
:issuer,
:authorization_endpoint,
:token_endpoint,
:revocation_endpoint,
:introspection_endpoint,
:userinfo_endpoint,
:jwks_uri,
:response_types_supported,
:response_modes_supported,
:grant_types_supported,
:token_endpoint_auth_methods_supported,
:subject_types_supported,
:id_token_signing_alg_values_supported,
:claim_types_supported,
:claims_supported,
:jwks
);`
_, err := tx.NamedExec(sql, &state)
if err != nil {
fmt.Printf("could not execute transaction: %v\n", err)
}
}
err = tx.Commit()
if err != nil {
return fmt.Errorf("could not commit transaction: %v", err)
}
return nil
}
func GetIdentityProvider(path string, issuer string) (*oidc.IdentityProvider, error) {
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
results := &oidc.IdentityProvider{}
err = db.Select(&results, "SELECT * FROM magellan_scanned_ports ORDER BY host ASC, port ASC LIMIT 1;")
if err != nil {
return nil, fmt.Errorf("could not retrieve probes: %v", err)
}
return results, nil
}
func GetIdentityProviders(path string) ([]oidc.IdentityProvider, error) {
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
results := []oidc.IdentityProvider{}
err = db.Select(&results, "SELECT * FROM magellan_scanned_ports ORDER BY host ASC, port ASC;")
if err != nil {
return nil, fmt.Errorf("could not retrieve probes: %v", err)
}
return results, nil
}
func DeleteIdentityProviders(path string, results *[]oidc.IdentityProvider) error {
if results == nil {
return fmt.Errorf("no probe results found")
}
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return fmt.Errorf("could not open database: %v", err)
}
tx := db.MustBegin()
for _, state := range *results {
sql := `DELETE FROM identity_providers WHERE host = :issuer;`
_, err := tx.NamedExec(sql, &state)
if err != nil {
fmt.Printf("could not execute transaction: %v\n", err)
}
}
err = tx.Commit()
if err != nil {
return fmt.Errorf("could not commit transaction: %v", err)
}
return nil
}

107
internal/cache/sqlite/trusted.go vendored Normal file
View file

@ -0,0 +1,107 @@
package cache
import (
"davidallendj/opaal/internal/oauth"
"fmt"
"github.com/jmoiron/sqlx"
)
func CreateTrustedIfNotExists(path string) (*sqlx.DB, error) {
schema := `
CREATE TABLE IF NOT EXISTS trusted_issuers (
id TEXT NOT NULL,
allow_any_subject NUMBER,
expires_at NUMBER,
issuer TEXT,
public_key NUMBER,
scope TEXT,
subject TEXT,
PRIMARY KEY (id)
);
`
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
db.MustExec(schema)
return db, nil
}
func InsertTrustedIssuer(path string, issuer *oauth.TrustedIssuer) error {
// create database if it doesn't already exist
db, err := CreateOAuthClientsIfNotExists(path)
if err != nil {
return err
}
// insert all probe states into db
tx := db.MustBegin()
sql := `INSERT OR REPLACE INTO trusted_issuers
(
id,
allow_any_subject
expires_at,
issuer,
public_key,
scope,
subject
)
VALUES
(
:id,
:allow_any_subject,
:expires_at,
:issuer,
:public_key,
:scope,
:subject
);`
_, err = tx.NamedExec(sql, &issuer)
if err != nil {
fmt.Printf("could not execute transaction: %v\n", err)
}
err = tx.Commit()
if err != nil {
return fmt.Errorf("could not commit transaction: %v", err)
}
return nil
}
func GetTrustedIssuer(path string, issuer string) (*oauth.TrustedIssuer, error) {
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return nil, fmt.Errorf("could not open database: %v", err)
}
results := &oauth.TrustedIssuer{}
err = db.Select(&results, "SELECT * FROM trusted_issuers ORDER BY host ASC, port ASC LIMIT 1;")
if err != nil {
return nil, fmt.Errorf("could not retrieve probes: %v", err)
}
return results, nil
}
func DeleteTrustedIssuer(path string, ids []string) error {
if ids == nil {
return fmt.Errorf("no probe results found")
}
db, err := sqlx.Open("sqlite3", path)
if err != nil {
return fmt.Errorf("could not open database: %v", err)
}
tx := db.MustBegin()
for _, state := range ids {
sql := `DELETE FROM identity_providers WHERE id = :id;`
_, err := tx.NamedExec(sql, &state)
if err != nil {
fmt.Printf("could not execute transaction: %v\n", err)
}
}
err = tx.Commit()
if err != nil {
return fmt.Errorf("could not commit transaction: %v", err)
}
return nil
}