예제 #1
0
func handleCertPut(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	//Extract client id
	clientID := strings.TrimPrefix(r.RequestURI, JWTFlowCertsURI)
	if clientID == "" {
		respondError(w, http.StatusNotFound, errors.New("Resource not specified"))
		return
	}

	log.Info("Putting cert for client_id: ", clientID)

	//Extract the subject from the request header based on security mode
	subject, _, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		log.Print("Error extracting subject: ", err.Error())
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	//Parse body
	var certCtx CertPutCtx
	if err := parseRequest(r, &certCtx); err != nil {
		log.Info("Error parsing request body: ", err.Error())
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Check body content
	log.Info("Checking content")
	err = checkBodyContent(certCtx)
	if err != nil {
		log.Info("Problem with content: ", err.Error())
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Validate client secret
	log.Info("validating client secret")
	app, err := validateClientSecret(core, r, clientID, certCtx.ClientSecret)
	if err != nil {
		switch err {
		case errApplicationNotFound:
			respondNotFound(w)
		case errInvalidClientSecret:
			respondError(w, http.StatusUnauthorized, nil)
		default:
			respondError(w, http.StatusInternalServerError, err)
		}
		return
	}

	//Extract public key from cert
	log.Info("Extract public key")
	publicKeyPEM, err := extractPublicKeyFromCert(certCtx.CertPEM)
	if err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Update the app with the public key. Note here we are adding the cert to the retrieved application
	//attributes.
	log.Info("Update app with signing key, etc")
	app.JWTFlowPublicKey = publicKeyPEM
	app.JWTFlowIssuer = certCtx.CertIssuer
	app.JWTFlowAudience = certCtx.CertAudience
	err = core.UpdateApplication(app, subject)
	if err != nil {
		switch err.(type) {
		case roll.NonOwnerUpdateError:
			respondError(w, http.StatusUnauthorized, err)
		case roll.NoSuchApplicationError:
			respondError(w, http.StatusNotFound, err)
		case roll.MissingJWTFlowIssuer:
			respondError(w, http.StatusBadRequest, err)
		case roll.MissingJWTFlowAudience:
			respondError(w, http.StatusBadRequest, err)
		default:
			respondError(w, http.StatusInternalServerError, err)
		}

		return
	}

	respondOk(w, nil)
}
예제 #2
0
파일: apps.go 프로젝트: xtraclabs/roll
func handleApplicationPut(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	var app roll.Application
	if err := parseRequest(r, &app); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Make sure we use the clientID in the resource not any clientID sent in the JSON.
	clientID := strings.TrimPrefix(r.RequestURI, ApplicationsURI)
	if clientID == "" {
		respondError(w, http.StatusBadRequest, nil)
		return
	}

	app.ClientID = clientID

	//Validate the content
	if err := app.Validate(); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Extract the subject from the request header based on security mode
	subject, adminScope, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		log.Print("Error extracting subject:", err.Error())
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	//Retrieve the app definition to update
	storedApp, err := core.RetrieveApplication(clientID, subject, adminScope)
	if err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	if storedApp == nil {
		respondError(w, http.StatusNotFound, nil)
		return
	}

	//Copy over the potential updates
	storedApp.ApplicationName = app.ApplicationName
	storedApp.DeveloperEmail = app.DeveloperEmail
	storedApp.LoginProvider = app.LoginProvider
	storedApp.RedirectURI = app.RedirectURI
	storedApp.DeveloperID = app.DeveloperID

	//Store the application definition
	log.Info("updating app def: ", app)
	err = core.UpdateApplication(&app, subject)

	if err != nil {
		log.Info("Error updating definition: ", err.Error())
		switch err.(type) {
		case roll.NonOwnerUpdateError:
			respondError(w, http.StatusUnauthorized, err)
		case roll.NoSuchApplicationError:
			respondError(w, http.StatusNotFound, err)
		default:
			respondError(w, http.StatusInternalServerError, err)
		}
	}

	respondOk(w, nil)
}