Пример #1
0
// LoadRefresh will load access data from Redis
func (r RedisOsinStorageInterface) LoadRefresh(token string) (*osin.AccessData, error) {
	key := REFRESH_PREFIX + token
	log.Debug("Loading REFRESH key: ", key)
	accessJSON, storeErr := r.store.GetKey(key)

	if storeErr != nil {
		log.Error("Failure retreiving access token by key")
		log.Error(storeErr)
		return nil, storeErr
	}

	// new interface means having to make this nested... ick.
	thisAccessData := osin.AccessData{}
	thisAccessData.Client = new(osin.DefaultClient)
	thisAccessData.AuthorizeData = &osin.AuthorizeData{}
	thisAccessData.AuthorizeData.Client = new(osin.DefaultClient)

	if marshalErr := json.Unmarshal([]byte(accessJSON), &thisAccessData); marshalErr != nil {
		log.Error("Couldn't unmarshal OAuth auth data object (LoadRefresh)")
		log.Error(marshalErr)
		return nil, marshalErr
	}

	return &thisAccessData, nil
}
Пример #2
0
// SaveAccess will save a token and it's access data to redis
func (r RedisOsinStorageInterface) SaveAccess(accessData *osin.AccessData) error {
	authDataJSON, marshalErr := json.Marshal(accessData)
	if marshalErr != nil {
		return marshalErr
	}

	key := ACCESS_PREFIX + accessData.AccessToken
	log.Debug("Saving ACCESS key: ", key)

	// Overide default ExpiresIn:
	if config.OauthTokenExpire != 0 {
		accessData.ExpiresIn = config.OauthTokenExpire
	}

	r.store.SetKey(key, string(authDataJSON), int64(accessData.ExpiresIn))

	// Create a SessionState object and register it with the authmanager
	var newSession SessionState
	unmarshalErr := json.Unmarshal([]byte(accessData.UserData.(string)), &newSession)

	if unmarshalErr != nil {
		log.Error("Couldn't decode SessionState from UserData")
		log.Error(unmarshalErr)
		return unmarshalErr
	}

	// Set the client ID for analytics
	newSession.OauthClientID = accessData.Client.GetId()

	// Override timeouts so that we can be in sync with Osin
	newSession.Expires = time.Now().Unix() + int64(accessData.ExpiresIn)

	// Use the default session expiry here as this is OAuth
	r.sessionManager.UpdateSession(accessData.AccessToken, newSession, newSession.Expires)

	// Store the refresh token too
	if accessData.RefreshToken != "" {
		if accessDataJSON, marshalErr := json.Marshal(accessData); marshalErr != nil {
			return marshalErr
		} else {
			key := REFRESH_PREFIX + accessData.RefreshToken
			log.Debug("Saving REFRESH key: ", key)
			refreshExpire := int64(1209600) // 14 days
			if config.OauthRefreshExpire != 0 {
				refreshExpire = config.OauthRefreshExpire
			}
			r.store.SetKey(key, string(accessDataJSON), refreshExpire)
			log.Debug("STORING ACCESS DATA: ", string(accessDataJSON))

			return nil
		}

	}

	return nil
}
Пример #3
0
// LoadAccess will load access data from redis
func (r RedisOsinStorageInterface) LoadAccess(token string) (*osin.AccessData, error) {
	key := ACCESS_PREFIX + token
	log.Debug("Loading ACCESS key: ", key)
	accessJSON, storeErr := r.store.GetKey(key)

	if storeErr != nil {
		log.Error("Failure retreiving access token by key")
		log.Error(storeErr)
		return nil, storeErr
	}

	thisAccessData := osin.AccessData{}
	thisAccessData.Client = new(osin.DefaultClient)
	if marshalErr := json.Unmarshal([]byte(accessJSON), &thisAccessData); marshalErr != nil {
		log.Error("Couldn't unmarshal OAuth auth data object (LoadAccess)")
		log.Error(marshalErr)
		return nil, marshalErr
	}

	return &thisAccessData, nil
}
Пример #4
0
// SaveAccess will save a token and it's access data to redis
func (r RedisOsinStorageInterface) SaveAccess(accessData *osin.AccessData) error {
	authDataJSON, marshalErr := json.Marshal(accessData)
	if marshalErr != nil {
		return marshalErr
	}

	key := ACCESS_PREFIX + accessData.AccessToken
	log.Debug("Saving ACCESS key: ", key)

	// Overide default ExpiresIn:
	if config.OauthTokenExpire != 0 {
		accessData.ExpiresIn = config.OauthTokenExpire
	}

	r.store.SetKey(key, string(authDataJSON), int64(accessData.ExpiresIn))

	// Create a SessionState object and register it with the authmanager
	var newSession SessionState

	// ------
	checkPolicy := true
	if accessData.UserData != nil {
		checkPolicy = false
		marshalErr := json.Unmarshal([]byte(accessData.UserData.(string)), &newSession)
		if marshalErr != nil {
			log.Info("Couldn't decode SessionState from UserData, checking policy: ", marshalErr)
			checkPolicy = true
		}
	}

	if checkPolicy {
		// defined in JWT middleware
		sessionFromPolicy, notFoundErr := generateSessionFromPolicy(accessData.Client.GetPolicyID(), "", false)
		if notFoundErr != nil {
			return errors.New("Couldn't use policy or key rules to create token, failing")
		}

		newSession = sessionFromPolicy
	}

	// ------

	// Set the client ID for analytics
	newSession.OauthClientID = accessData.Client.GetId()

	// Override timeouts so that we can be in sync with Osin
	newSession.Expires = time.Now().Unix() + int64(accessData.ExpiresIn)

	// Use the default session expiry here as this is OAuth
	r.sessionManager.UpdateSession(accessData.AccessToken, newSession, int64(accessData.ExpiresIn))

	// Store the refresh token too
	if accessData.RefreshToken != "" {
		accessDataJSON, marshalErr := json.Marshal(accessData)
		if marshalErr != nil {
			return marshalErr
		}
		key := REFRESH_PREFIX + accessData.RefreshToken
		log.Debug("Saving REFRESH key: ", key)
		refreshExpire := int64(1209600) // 14 days
		if config.OauthRefreshExpire != 0 {
			refreshExpire = config.OauthRefreshExpire
		}
		r.store.SetKey(key, string(accessDataJSON), refreshExpire)
		log.Debug("STORING ACCESS DATA: ", string(accessDataJSON))
		return nil
	}

	return nil
}