func Authorize(db *database.Database, state, respEncoded string) ( data *UserData, tokn *Token, err error) { tokn = &Token{} coll := db.Tokens() err = coll.FindOne(&bson.M{ "_id": state, "type": "saml", }, tokn) if err != nil { err = database.ParseError(err) return } sml := &Saml{ SsoUrl: tokn.SsoUrl, IssuerUrl: tokn.IssuerUrl, Cert: tokn.Cert, } err = sml.Init() if err != nil { return } data, err = sml.Authorize(state, respEncoded) if err != nil { return } return }
func (o *Oauth2) Authorize(db *database.Database, state, code string) ( acct *account.Account, tokn *Token, err error) { coll := db.Tokens() tokn = &Token{} err = coll.FindOneId(state, tokn) if err != nil { err = database.ParseError(err) return } accessTokn, err := o.conf.Exchange(oauth2.NoContext, code) if err != nil { err = &errortypes.UnknownError{ errors.Wrap(err, "oauth.oauth2: Unknown api error"), } return } acct = &account.Account{ Type: o.Type, Oauth2AccTokn: accessTokn.AccessToken, Oauth2RefTokn: accessTokn.RefreshToken, Oauth2Exp: accessTokn.Expiry, } return }
func (o *Oauth2) Request(db *database.Database, remoteState, remoteSecret, remoteCallback string, version int) (url string, err error) { coll := db.Tokens() state := utils.RandStr(64) url = o.conf.AuthCodeURL(state, oauth2.AccessTypeOffline, oauth2.ApprovalForce) if err != nil { err = &errortypes.UnknownError{ errors.Wrap(err, "oauth.oauth2: Unknown api error"), } return } tokn := &Token{ Id: state, RemoteCallback: remoteCallback, RemoteState: remoteState, RemoteSecret: remoteSecret, Type: o.Type, Version: version, } err = coll.Insert(tokn) if err != nil { err = database.ParseError(err) return } return }
func (c *Oauth2Client) Refresh(db *database.Database) (err error) { refreshed, err := c.Check() if err != nil { return } if !refreshed { return } coll := db.Accounts() c.Account.Oauth2AccTokn = c.AccessToken c.Account.Oauth2RefTokn = c.RefreshToken c.Account.Oauth2Exp = c.Expiry if c.Account.Id == "" { return } fields := set.NewSet("oauth2_acc_tokn", "oauth2_ref_tokn", "oauth2_exp") err = coll.CommitFields(c.Account.Id, c.Account, fields) if err != nil { err = database.ParseError(err) return } return }
func Authorize(db *database.Database, state string, code string) (acct *account.Account, tokn *oauth.Token, err error) { coll := db.Accounts() acct, tokn, err = conf.Authorize(db, state, code) if err != nil { return } client := &GoogleClient{ acct: acct, } err = client.Update(db) if err != nil { return } _, err = coll.Upsert(&bson.M{ "_id": acct.Id, }, acct) if err != nil { err = database.ParseError(err) return } return }
func Update(db *database.Database, user string) (err error) { coll := db.Accounts() acct := &account.Account{} err = coll.FindOneId(user, acct) if err != nil { return } client := &GoogleClient{ acct: acct, } err = client.Update(db) if err != nil { return } _, err = coll.Upsert(&bson.M{ "_id": acct.Id, }, acct) if err != nil { err = database.ParseError(err) return } return }
func (s *Saml) Request(db *database.Database, remoteState, remoteSecret, remoteCallback string) (resp *bytes.Buffer, err error) { coll := db.Tokens() state := utils.RandStr(64) req := s.provider.GetAuthnRequest() encodedReq, err := req.EncodedSignedString(s.provider.PrivateKeyPath) if err != nil { err = &SamlError{ errors.Wrap(err, "saml: Encode error"), } return } data := struct { SsoUrl string SAMLRequest string RelayState string }{ SsoUrl: s.provider.IDPSSOURL, SAMLRequest: encodedReq, RelayState: state, } respTemplate := template.New("saml") respTemplate, err = respTemplate.Parse(bindTemplate) if err != nil { err = &SamlError{ errors.Wrap(err, "saml: Template parse error"), } return } tokn := &Token{ Id: state, RemoteCallback: remoteCallback, RemoteState: remoteState, RemoteSecret: remoteSecret, SsoUrl: s.SsoUrl, IssuerUrl: s.IssuerUrl, Cert: s.Cert, Type: "saml", } err = coll.Insert(tokn) if err != nil { err = database.ParseError(err) return } resp = &bytes.Buffer{} err = respTemplate.Execute(resp, data) if err != nil { err = &SamlError{ errors.Wrap(err, "saml: Template execute error"), } return } return }