Пример #1
0
func GenerateSecret(length int) ([]byte, error) {
	secret, err := sequence.RuneSequence(length, secretCharSet)
	if err != nil {
		return []byte{}, err
	}
	return []byte(string(secret)), nil
}
Пример #2
0
func (s *StateData) FromAuthorizeRequest(ar *osin.AuthorizeRequest, provider string) error {
	if seq, err := sequence.RuneSequence(25, sequence.AlphaNum); err != nil {
		return err
	} else {
		s.ID = string(seq)
	}
	s.ClientID = ar.Client.GetId()
	s.RedirectURL = ar.RedirectUri
	s.Scope = ar.Scope
	s.State = ar.State
	s.Type = string(ar.Type)
	s.Provider = provider
	return nil
}
Пример #3
0
func (h *Handler) Create(ctx context.Context, rw http.ResponseWriter, req *http.Request) {
	var p payload
	decoder := json.NewDecoder(req.Body)
	if err := decoder.Decode(&p); err != nil {
		HttpError(rw, err, http.StatusBadRequest)
		return
	}

	if v, err := govalidator.ValidateStruct(p); !v {
		if err != nil {
			HttpError(rw, err, http.StatusBadRequest)
			return
		}
		HttpError(rw, errors.New("Payload did not validate."), http.StatusBadRequest)
		return
	}

	secret, err := sequence.RuneSequence(12, []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"))
	if err != nil {
		HttpError(rw, err, http.StatusInternalServerError)
		return
	}

	client := &osin.DefaultClient{
		Id:          uuid.New(),
		Secret:      string(secret),
		RedirectUri: p.RedirectURIs,
		UserData:    "{}",
	}

	if err := h.s.CreateClient(client); err != nil {
		WriteError(rw, err)
		return
	}

	WriteCreatedJSON(rw, "/clients/"+client.Id, client)
}
Пример #4
0
func (g *HS256Generator) Generate(id string) (*jose.JsonWebKeySet, error) {
	if g.Length < 12 {
		g.Length = 12
	}

	if id == "" {
		id = "shared"
	}

	key, err := sequence.RuneSequence(g.Length, []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789,.-;:_#+*!§$%&/()=?}][{<>"))
	if err != nil {
		return nil, errors.Errorf("Could not generate key because %s", err)
	}

	return &jose.JsonWebKeySet{
		Keys: []jose.JsonWebKey{
			{
				Key:          []byte(string(key)),
				KeyID:        id,
				Certificates: []*x509.Certificate{},
			},
		},
	}, nil
}
Пример #5
0
func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	var c fosite.DefaultClient
	var ctx = herodot.NewContext()

	if err := json.NewDecoder(r.Body).Decode(&c); err != nil {
		h.H.WriteError(ctx, w, r, errors.New(err))
		return
	}

	if _, err := h.W.HTTPActionAllowed(ctx, r, &ladon.Request{
		Resource: ClientsResource,
		Action:   "create",
		Context: ladon.Context{
			"owner": c.Owner,
		},
	}, Scope); err != nil {
		h.H.WriteError(ctx, w, r, err)
		return
	}

	if len(c.Secret) < 6 {
		secret, err := sequence.RuneSequence(12, []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_-.,:;$%!&/()=?+*#<>"))
		if err != nil {
			h.H.WriteError(ctx, w, r, errors.New(err))
			return
		}
		c.Secret = []byte(string(secret))
	}

	if err := h.Manager.CreateClient(&c); err != nil {
		h.H.WriteError(ctx, w, r, err)
		return
	}

	h.H.WriteCreated(ctx, w, r, ClientsHandlerPath+"/"+c.GetID(), &c)
}
Пример #6
0
func (c *Client) Create(ctx *cli.Context) error {
	id := ctx.String("id")
	if id == "" {
		id = uuid.New()
	}

	secret := ctx.String("secret")
	if secret == "" {
		if seq, err := sequence.RuneSequence(10, sequence.AlphaNum); err != nil {
			return fmt.Errorf("Could not create rune sequence because %s", err)
		} else {
			secret = string(seq)
		}
	}

	client := &osin.DefaultClient{
		Id:          id,
		Secret:      secret,
		RedirectUri: ctx.String("redirect-url"),
		UserData:    "",
	}

	c.Ctx.Start()
	if err := c.Ctx.Osins.CreateClient(client); err != nil {
		return fmt.Errorf("Could not create client because %s", err)
	}
	fmt.Printf(`Created client "%s" with secret "%s" and redirect url "%s".`+"\n", client.Id, client.Secret, client.RedirectUri)

	if ctx.Bool("as-superuser") {
		if err := c.Ctx.Policies.Create(superUserPolicy(client.Id)); err != nil {
			return fmt.Errorf("Could not create policy for client because %s", err)
		}
		fmt.Printf(`Granted superuser privileges to client "%s".`+"\n", client.Id)
	}
	return nil
}
Пример #7
0
			ctx = context.WithValue(context.Background(), oauth2.HTTPClient, &http.Client{Transport: &http.Transport{
				TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
			}})
		}

		conf := oauth2.Config{
			ClientID:     c.ClientID,
			ClientSecret: c.ClientSecret,
			Endpoint: oauth2.Endpoint{
				TokenURL: pkg.JoinURLStrings(c.ClusterURL, "/oauth2/token"),
				AuthURL:  pkg.JoinURLStrings(c.ClusterURL, "/oauth2/auth"),
			},
			Scopes: []string{"core", "hydra"},
		}

		state, err := sequence.RuneSequence(24, []rune("abcdefghijklmnopqrstuvwxyz"))
		pkg.Must(err, "Could not generate random state: %s", err)

		nonce, err := sequence.RuneSequence(24, []rune("abcdefghijklmnopqrstuvwxyz"))
		pkg.Must(err, "Could not generate random state: %s", err)

		location := conf.AuthCodeURL(string(state)) + "&nonce=" + string(nonce)

		if ok, _ := cmd.Flags().GetBool("no-open"); !ok {
			webbrowser.Open(location)
		}
		fmt.Printf("If your browser does not open automatically, navigate to: %s\n", location)

		fmt.Println("Setting up callback listener on http://localhost:4445/callback")
		fmt.Println("Press ctrl + c on Linux / Windows or cmd + c on OSX to end the process.")