created a new Type AccountConstant.
This should help a bit with linting
Dieser Commit ist enthalten in:
Ursprung
327adffebf
Commit
865e38d813
10
auth/auth.go
10
auth/auth.go
|
|
@ -17,8 +17,8 @@ type AuthenticationHandler interface {
|
||||||
|
|
||||||
// Account is an interface that gives the application access to infos about the user.
|
// Account is an interface that gives the application access to infos about the user.
|
||||||
type Account interface {
|
type Account interface {
|
||||||
Get(string) interface{}
|
Get(AccountConstant) interface{}
|
||||||
List() []string
|
List() []AccountConstant
|
||||||
Anonymous() bool
|
Anonymous() bool
|
||||||
Redirect(c *gin.Context)
|
Redirect(c *gin.Context)
|
||||||
}
|
}
|
||||||
|
|
@ -36,7 +36,7 @@ func (*AnonAccountHandler) Account(*gin.Context) Account {
|
||||||
type AnonAccount struct{}
|
type AnonAccount struct{}
|
||||||
|
|
||||||
// Get returns only AccountAnon = true
|
// Get returns only AccountAnon = true
|
||||||
func (*AnonAccount) Get(key string) (in interface{}) {
|
func (*AnonAccount) Get(key AccountConstant) (in interface{}) {
|
||||||
if key == AccountAnon {
|
if key == AccountAnon {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
@ -44,8 +44,8 @@ func (*AnonAccount) Get(key string) (in interface{}) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// List return only AccountAnon as the only Listitem
|
// List return only AccountAnon as the only Listitem
|
||||||
func (*AnonAccount) List() []string {
|
func (*AnonAccount) List() []AccountConstant {
|
||||||
return []string{AccountAnon}
|
return []AccountConstant{AccountAnon}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Anonymous is always true
|
// Anonymous is always true
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,14 @@
|
||||||
package auth
|
package auth
|
||||||
|
|
||||||
|
// AccountConstant is an type for easier linting.
|
||||||
|
type AccountConstant string
|
||||||
|
|
||||||
// These are Constants to save specific attributes in single points of use.
|
// These are Constants to save specific attributes in single points of use.
|
||||||
const (
|
const (
|
||||||
// AccountID is the ID of the session. Prefferably it should be an UUIDv4 to mitigate security errors.
|
// AccountID is the ID of the session. Prefferably it should be an UUIDv4 to mitigate security errors.
|
||||||
AccountID string = "jti"
|
AccountID AccountConstant = "jti"
|
||||||
// AccountAnon is to identify Sessions as Anonymous sessions.
|
// AccountAnon is to identify Sessions as Anonymous sessions.
|
||||||
AccountAnon string = "anon"
|
AccountAnon AccountConstant = "anon"
|
||||||
// AccountUser is an attribute that identifies the user with an string that is unique for the user, for Example the username.
|
// AccountUser is an attribute that identifies the user with an string that is unique for the user, for Example the username.
|
||||||
AccountUser string = "uid"
|
AccountUser AccountConstant = "uid"
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@ import (
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
|
"go.sebtobie.de/httpserver/auth"
|
||||||
"go.sebtobie.de/httpserver/menus"
|
"go.sebtobie.de/httpserver/menus"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -16,12 +17,12 @@ func (a *account) Anonymous() bool {
|
||||||
return !a.auth
|
return !a.auth
|
||||||
}
|
}
|
||||||
|
|
||||||
func (*account) Get(string) interface{} {
|
func (*account) Get(auth.AccountConstant) interface{} {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (*account) List() []string {
|
func (*account) List() []auth.AccountConstant {
|
||||||
return []string{}
|
return []auth.AccountConstant{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (*account) Redirect(*gin.Context) {
|
func (*account) Redirect(*gin.Context) {
|
||||||
|
|
|
||||||
|
|
@ -14,8 +14,8 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
var defaccount = &account{
|
var defaccount = &account{
|
||||||
data: map[string]interface{}{
|
data: map[auth.AccountConstant]interface{}{
|
||||||
auth.AccountID: "",
|
auth.AccountID: uuid.Nil,
|
||||||
auth.AccountAnon: true,
|
auth.AccountAnon: true,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
@ -33,7 +33,6 @@ func (s *SAML) Account(c *gin.Context) auth.Account {
|
||||||
acc.s = s
|
acc.s = s
|
||||||
cookie, err := c.Cookie(s.Cookiename)
|
cookie, err := c.Cookie(s.Cookiename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Debug().Err(err).Msg("Cookie error")
|
|
||||||
return acc
|
return acc
|
||||||
}
|
}
|
||||||
var (
|
var (
|
||||||
|
|
@ -46,7 +45,9 @@ func (s *SAML) Account(c *gin.Context) auth.Account {
|
||||||
}
|
}
|
||||||
if claim, ok = token.Claims.(*jwt.MapClaims); ok && token.Valid {
|
if claim, ok = token.Claims.(*jwt.MapClaims); ok && token.Valid {
|
||||||
log.Debug().KeysAndValues(claim).Msg("Got valid token")
|
log.Debug().KeysAndValues(claim).Msg("Got valid token")
|
||||||
acc.data = *claim
|
for key, value := range *claim {
|
||||||
|
acc.data[auth.AccountConstant(key)] = value
|
||||||
|
}
|
||||||
return acc
|
return acc
|
||||||
}
|
}
|
||||||
log.Debug().Bool("valid", token.Valid).KeysAndValues(maptoarray(*claim)...).Msg("problem vith token")
|
log.Debug().Bool("valid", token.Valid).KeysAndValues(maptoarray(*claim)...).Msg("problem vith token")
|
||||||
|
|
@ -62,7 +63,7 @@ func (s *SAML) signingkey(token *jwt.Token) (key interface{}, err error) {
|
||||||
|
|
||||||
type account struct {
|
type account struct {
|
||||||
s *SAML
|
s *SAML
|
||||||
data map[string]interface{}
|
data map[auth.AccountConstant]interface{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *account) Anonymous() bool {
|
func (a *account) Anonymous() bool {
|
||||||
|
|
@ -72,8 +73,8 @@ func (a *account) Anonymous() bool {
|
||||||
func (a *account) Redirect(c *gin.Context) {
|
func (a *account) Redirect(c *gin.Context) {
|
||||||
id := uuid.New().String()
|
id := uuid.New().String()
|
||||||
tokenstring, err := jwttoken(jwt.MapClaims{
|
tokenstring, err := jwttoken(jwt.MapClaims{
|
||||||
auth.AccountID: id,
|
string(auth.AccountID): id,
|
||||||
auth.AccountAnon: true,
|
string(auth.AccountAnon): true,
|
||||||
}, a.s.jwtprivatekey)
|
}, a.s.jwtprivatekey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().Err(err).Msg("Failed to generate the token")
|
log.Error().Err(err).Msg("Failed to generate the token")
|
||||||
|
|
@ -91,12 +92,12 @@ func (a *account) Redirect(c *gin.Context) {
|
||||||
c.Redirect(http.StatusSeeOther, request.Redirect(c.Request.URL.String()).String())
|
c.Redirect(http.StatusSeeOther, request.Redirect(c.Request.URL.String()).String())
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *account) Get(key string) interface{} {
|
func (a *account) Get(key auth.AccountConstant) interface{} {
|
||||||
return a.data[key]
|
return a.data[key]
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *account) List() []string {
|
func (a *account) List() []auth.AccountConstant {
|
||||||
liste := make([]string, len(a.data))
|
var liste []auth.AccountConstant
|
||||||
for key := range a.data {
|
for key := range a.data {
|
||||||
liste = append(liste, key)
|
liste = append(liste, key)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -188,9 +188,9 @@ func (s *SAML) acsHF(c *gin.Context) {
|
||||||
}
|
}
|
||||||
data := attributeStatementstomap(assert.AttributeStatements)
|
data := attributeStatementstomap(assert.AttributeStatements)
|
||||||
token, err := jwttoken(jwt.MapClaims{
|
token, err := jwttoken(jwt.MapClaims{
|
||||||
auth.AccountAnon: false,
|
string(auth.AccountAnon): false,
|
||||||
auth.AccountID: account.Get(auth.AccountID).(string),
|
string(auth.AccountID): account.Get(auth.AccountID).(string),
|
||||||
auth.AccountUser: data["uid"][0],
|
string(auth.AccountUser): data["uid"][0],
|
||||||
}, s.jwtprivatekey)
|
}, s.jwtprivatekey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.AbortWithStatus(http.StatusInternalServerError)
|
c.AbortWithStatus(http.StatusInternalServerError)
|
||||||
|
|
|
||||||
Laden…
In neuem Issue referenzieren