예제 #1
0
func Authorize(db *database.Database, state, respEncoded string) (
	data *UserData, tokn *Token, err error) {

	tokn = &Token{}
	coll := db.Tokens()
	err = coll.FindOne(&bson.M{
		"_id":  state,
		"type": "saml",
	}, tokn)
	if err != nil {
		err = database.ParseError(err)
		return
	}

	sml := &Saml{
		SsoUrl:    tokn.SsoUrl,
		IssuerUrl: tokn.IssuerUrl,
		Cert:      tokn.Cert,
	}
	err = sml.Init()
	if err != nil {
		return
	}

	data, err = sml.Authorize(state, respEncoded)
	if err != nil {
		return
	}

	return
}
예제 #2
0
func (o *Oauth2) Authorize(db *database.Database, state, code string) (
	acct *account.Account, tokn *Token, err error) {

	coll := db.Tokens()
	tokn = &Token{}

	err = coll.FindOneId(state, tokn)
	if err != nil {
		err = database.ParseError(err)
		return
	}

	accessTokn, err := o.conf.Exchange(oauth2.NoContext, code)
	if err != nil {
		err = &errortypes.UnknownError{
			errors.Wrap(err, "oauth.oauth2: Unknown api error"),
		}
		return
	}

	acct = &account.Account{
		Type:          o.Type,
		Oauth2AccTokn: accessTokn.AccessToken,
		Oauth2RefTokn: accessTokn.RefreshToken,
		Oauth2Exp:     accessTokn.Expiry,
	}

	return
}
예제 #3
0
func (o *Oauth2) Request(db *database.Database, remoteState, remoteSecret,
	remoteCallback string, version int) (url string, err error) {

	coll := db.Tokens()
	state := utils.RandStr(64)

	url = o.conf.AuthCodeURL(state, oauth2.AccessTypeOffline,
		oauth2.ApprovalForce)
	if err != nil {
		err = &errortypes.UnknownError{
			errors.Wrap(err, "oauth.oauth2: Unknown api error"),
		}
		return
	}

	tokn := &Token{
		Id:             state,
		RemoteCallback: remoteCallback,
		RemoteState:    remoteState,
		RemoteSecret:   remoteSecret,
		Type:           o.Type,
		Version:        version,
	}
	err = coll.Insert(tokn)
	if err != nil {
		err = database.ParseError(err)
		return
	}

	return
}
예제 #4
0
func (c *Oauth2Client) Refresh(db *database.Database) (err error) {
	refreshed, err := c.Check()
	if err != nil {
		return
	}

	if !refreshed {
		return
	}

	coll := db.Accounts()

	c.Account.Oauth2AccTokn = c.AccessToken
	c.Account.Oauth2RefTokn = c.RefreshToken
	c.Account.Oauth2Exp = c.Expiry

	if c.Account.Id == "" {
		return
	}

	fields := set.NewSet("oauth2_acc_tokn", "oauth2_ref_tokn", "oauth2_exp")

	err = coll.CommitFields(c.Account.Id, c.Account, fields)
	if err != nil {
		err = database.ParseError(err)
		return
	}

	return
}
예제 #5
0
func Authorize(db *database.Database, state string,
	code string) (acct *account.Account, tokn *oauth.Token, err error) {

	coll := db.Accounts()

	acct, tokn, err = conf.Authorize(db, state, code)
	if err != nil {
		return
	}

	client := &GoogleClient{
		acct: acct,
	}

	err = client.Update(db)
	if err != nil {
		return
	}

	_, err = coll.Upsert(&bson.M{
		"_id": acct.Id,
	}, acct)
	if err != nil {
		err = database.ParseError(err)
		return
	}

	return
}
예제 #6
0
func Update(db *database.Database, user string) (err error) {
	coll := db.Accounts()

	acct := &account.Account{}

	err = coll.FindOneId(user, acct)
	if err != nil {
		return
	}

	client := &GoogleClient{
		acct: acct,
	}

	err = client.Update(db)
	if err != nil {
		return
	}

	_, err = coll.Upsert(&bson.M{
		"_id": acct.Id,
	}, acct)
	if err != nil {
		err = database.ParseError(err)
		return
	}

	return
}
예제 #7
0
func (s *Saml) Request(db *database.Database, remoteState, remoteSecret,
	remoteCallback string) (resp *bytes.Buffer, err error) {

	coll := db.Tokens()
	state := utils.RandStr(64)

	req := s.provider.GetAuthnRequest()
	encodedReq, err := req.EncodedSignedString(s.provider.PrivateKeyPath)
	if err != nil {
		err = &SamlError{
			errors.Wrap(err, "saml: Encode error"),
		}
		return
	}

	data := struct {
		SsoUrl      string
		SAMLRequest string
		RelayState  string
	}{
		SsoUrl:      s.provider.IDPSSOURL,
		SAMLRequest: encodedReq,
		RelayState:  state,
	}

	respTemplate := template.New("saml")
	respTemplate, err = respTemplate.Parse(bindTemplate)
	if err != nil {
		err = &SamlError{
			errors.Wrap(err, "saml: Template parse error"),
		}
		return
	}

	tokn := &Token{
		Id:             state,
		RemoteCallback: remoteCallback,
		RemoteState:    remoteState,
		RemoteSecret:   remoteSecret,
		SsoUrl:         s.SsoUrl,
		IssuerUrl:      s.IssuerUrl,
		Cert:           s.Cert,
		Type:           "saml",
	}
	err = coll.Insert(tokn)
	if err != nil {
		err = database.ParseError(err)
		return
	}

	resp = &bytes.Buffer{}
	err = respTemplate.Execute(resp, data)
	if err != nil {
		err = &SamlError{
			errors.Wrap(err, "saml: Template execute error"),
		}
		return
	}

	return
}