func (o *Oauth2) Authorize(db *database.Database, state, code string) (
acct *account.Account, tokn *Token, err error) {
coll := db.Tokens()
tokn = &Token{}
err = coll.FindOneId(state, tokn)
if err != nil {
err = database.ParseError(err)
return
}
accessTokn, err := o.conf.Exchange(oauth2.NoContext, code)
if err != nil {
err = &errortypes.UnknownError{
errors.Wrap(err, "oauth.oauth2: Unknown api error"),
}
return
}
acct = &account.Account{
Type: o.Type,
Oauth2AccTokn: accessTokn.AccessToken,
Oauth2RefTokn: accessTokn.RefreshToken,
Oauth2Exp: accessTokn.Expiry,
}
return
}
func Authorize(db *database.Database, state, respEncoded string) (
data *UserData, tokn *Token, err error) {
tokn = &Token{}
coll := db.Tokens()
err = coll.FindOne(&bson.M{
"_id": state,
"type": "saml",
}, tokn)
if err != nil {
err = database.ParseError(err)
return
}
sml := &Saml{
SsoUrl: tokn.SsoUrl,
IssuerUrl: tokn.IssuerUrl,
Cert: tokn.Cert,
}
err = sml.Init()
if err != nil {
return
}
data, err = sml.Authorize(state, respEncoded)
if err != nil {
return
}
return
}
func (o *Oauth2) Request(db *database.Database, remoteState, remoteSecret,
remoteCallback string, version int) (url string, err error) {
coll := db.Tokens()
state := utils.RandStr(64)
url = o.conf.AuthCodeURL(state, oauth2.AccessTypeOffline,
oauth2.ApprovalForce)
if err != nil {
err = &errortypes.UnknownError{
errors.Wrap(err, "oauth.oauth2: Unknown api error"),
}
return
}
tokn := &Token{
Id: state,
RemoteCallback: remoteCallback,
RemoteState: remoteState,
RemoteSecret: remoteSecret,
Type: o.Type,
Version: version,
}
err = coll.Insert(tokn)
if err != nil {
err = database.ParseError(err)
return
}
return
}
func (c *Oauth2Client) Refresh(db *database.Database) (err error) {
refreshed, err := c.Check()
if err != nil {
return
}
if !refreshed {
return
}
coll := db.Accounts()
c.Account.Oauth2AccTokn = c.AccessToken
c.Account.Oauth2RefTokn = c.RefreshToken
c.Account.Oauth2Exp = c.Expiry
if c.Account.Id == "" {
return
}
fields := set.NewSet("oauth2_acc_tokn", "oauth2_ref_tokn", "oauth2_exp")
err = coll.CommitFields(c.Account.Id, c.Account, fields)
if err != nil {
err = database.ParseError(err)
return
}
return
}
func Authorize(db *database.Database, state string,
code string) (acct *account.Account, tokn *oauth.Token, err error) {
coll := db.Accounts()
acct, tokn, err = conf.Authorize(db, state, code)
if err != nil {
return
}
client := &GoogleClient{
acct: acct,
}
err = client.Update(db)
if err != nil {
return
}
_, err = coll.Upsert(&bson.M{
"_id": acct.Id,
}, acct)
if err != nil {
err = database.ParseError(err)
return
}
return
}
func Update(db *database.Database, user string) (err error) {
coll := db.Accounts()
acct := &account.Account{}
err = coll.FindOneId(user, acct)
if err != nil {
return
}
client := &GoogleClient{
acct: acct,
}
err = client.Update(db)
if err != nil {
return
}
_, err = coll.Upsert(&bson.M{
"_id": acct.Id,
}, acct)
if err != nil {
err = database.ParseError(err)
return
}
return
}
func FindUser(db *database.Database, id string) (usr *User, err error) {
usr = &User{}
coll := db.Users()
err = coll.FindOneId(id, usr)
if err != nil {
return
}
return
}
func (s *Saml) Request(db *database.Database, remoteState, remoteSecret,
remoteCallback string) (resp *bytes.Buffer, err error) {
coll := db.Tokens()
state := utils.RandStr(64)
req := s.provider.GetAuthnRequest()
encodedReq, err := req.EncodedSignedString(s.provider.PrivateKeyPath)
if err != nil {
err = &SamlError{
errors.Wrap(err, "saml: Encode error"),
}
return
}
data := struct {
SsoUrl string
SAMLRequest string
RelayState string
}{
SsoUrl: s.provider.IDPSSOURL,
SAMLRequest: encodedReq,
RelayState: state,
}
respTemplate := template.New("saml")
respTemplate, err = respTemplate.Parse(bindTemplate)
if err != nil {
err = &SamlError{
errors.Wrap(err, "saml: Template parse error"),
}
return
}
tokn := &Token{
Id: state,
RemoteCallback: remoteCallback,
RemoteState: remoteState,
RemoteSecret: remoteSecret,
SsoUrl: s.SsoUrl,
IssuerUrl: s.IssuerUrl,
Cert: s.Cert,
Type: "saml",
}
err = coll.Insert(tokn)
if err != nil {
err = database.ParseError(err)
return
}
resp = &bytes.Buffer{}
err = respTemplate.Execute(resp, data)
if err != nil {
err = &SamlError{
errors.Wrap(err, "saml: Template execute error"),
}
return
}
return
}