Esempio n. 1
0
func (c oauthConnector) GetAccessToken(rawUser, rawClient interface{}, req *http.Request) (interface{}, error) {
	removeExpiredTokens()

	user := rawUser.(*users.User)
	client := rawClient.(*Client)

	ua := req.UserAgent()

	// Get IP client address
	var ip string
	if os.Getenv("TRUST_PROXY") == "true" {
		xForwardedFor := req.Header["X-Forwarded-For"]
		if len(xForwardedFor) > 0 {
			ip = xForwardedFor[0]
		}
	}

	if len(ip) == 0 {
		addr := req.RemoteAddr
		i := strings.LastIndex(addr, ":")
		ip = addr[0:i]
	}

	id := uuid.NewV4().String()
	token := utils.RandomString(25)

	rows, err := db.Query(
		`INSERT INTO oauth_access_tokens
		(id, token, oauth_client_id, user_id,
		 created_at, user_agent, ip, expires_at)
		VALUES
		($1::varchar, $2::varchar, $3::integer, $4::varchar,
		 NOW(), $5::varchar, $6::varchar, NOW() + interval '1 day')`,
		id, token, client.Id, user.Id,
		ua, ip,
	)

	if err != nil {
		return nil, err
	}

	rows.Close()

	accessToken := AccessToken{
		Token:     token,
		Type:      "Bearer",
		ExpiresIn: 60 * 60 * 24,
	}
	return accessToken, nil
}
Esempio n. 2
0
func Post(c *echo.Context) error {
	u := users.User{}

	err := utils.ParseJSONBody(c, &u)
	if err != nil {
		return err
	}

	if u.Email == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "email is missing",
				},
			},
		})
	}

	if u.FirstName == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "first-name is missing",
				},
			},
		})
	}

	if u.LastName == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "last-name is missing",
				},
			},
		})
	}

	if u.Password == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "password is missing",
				},
			},
		})
	}

	newUser, err := users.CreateUser(
		true,
		u.Email,
		u.FirstName,
		u.LastName,
		u.Password,
		false,
	)
	switch err {
	case users.UserDuplicated:
		return c.JSON(http.StatusConflict, hash{
			"error": [1]hash{
				hash{
					"detail": err.Error(),
				},
			},
		})
	case users.UserNotCreated:
		return err
	}

	winpass := utils.RandomString(8) + "s4D+"
	sam, err := ldap.AddUser(newUser.Id, winpass)
	if err != nil {
		return err
	}

	err = users.UpdateUserAd(newUser.Id, sam, winpass, "intra.localdomain.com")
	if err != nil {
		return err
	}

	return utils.JSON(c, http.StatusCreated, newUser)
}
Esempio n. 3
0
func Post(c *echo.Context) error {
	var attr hash

	err := utils.ParseJSONBody(c, &attr)
	if err != nil {
		return err
	}

	data, ok := attr["data"].(map[string]interface{})
	if ok == false {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "data is missing",
				},
			},
		})
	}

	attributes, ok := data["attributes"].(map[string]interface{})
	if ok == false {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "attributes is missing",
				},
			},
		})
	}

	email, ok := attributes["email"].(string)
	if ok == false || email == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "email is missing",
				},
			},
		})
	}

	firstName, ok := attributes["first_name"].(string)
	if ok == false || firstName == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "first_name is missing",
				},
			},
		})
	}

	lastName, ok := attributes["last_name"].(string)
	if ok == false || lastName == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "last_name is missing",
				},
			},
		})
	}

	password, ok := attributes["password"].(string)
	if ok == false || password == "" {
		return c.JSON(http.StatusBadRequest, hash{
			"error": [1]hash{
				hash{
					"detail": "password is missing",
				},
			},
		})
	}

	newUser, err := users.CreateUser(
		true,
		email,
		firstName,
		lastName,
		password,
		false,
	)
	switch err {
	case users.UserDuplicated:
		return c.JSON(http.StatusConflict, hash{
			"error": [1]hash{
				hash{
					"detail": err.Error(),
				},
			},
		})
	case users.UserNotCreated:
		return err
	}

	winpass := utils.RandomString(8) + "s4D+"
	sam, err := ldap.AddUser(newUser.Id, winpass)
	if err != nil {
		return err
	}

	err = users.UpdateUserAd(newUser.Id, sam, winpass)
	if err != nil {
		return err
	}

	return c.JSON(http.StatusCreated, hash{
		"data": hash{
			"id": newUser.Id,
		},
	})
}