refactoring

2021-02-11 17:38:58 +01:00 · 2021-02-11 17:38:58 +01:00 · 0ca2370d48
commit 0ca2370d48
parent 138da8a208
25 changed files with 698 additions and 511 deletions
--- a/example/client/api/api.go
+++ b/example/client/api/api.go
@ -12,8 +12,8 @@ import (
 	"github.com/gorilla/mux"
 	"github.com/sirupsen/logrus"

+	"github.com/caos/oidc/pkg/client/rs"
 	"github.com/caos/oidc/pkg/oidc"
-	"github.com/caos/oidc/pkg/rp"
 )

 const (
@ -25,8 +25,9 @@ const (
 func main() {
 	keyPath := os.Getenv("KEY")
 	port := os.Getenv("PORT")
+	issuer := os.Getenv("ISSUER")

-	provider, err := rp.NewResourceServerFromKeyFile(keyPath)
+	provider, err := rs.NewResourceServerFromKeyFile(issuer, keyPath)
 	if err != nil {
 		logrus.Fatalf("error creating provider %s", err.Error())
 	}
@ -46,7 +47,7 @@ func main() {
 		if !ok {
 			return
 		}
-		resp, err := rp.Introspect(r.Context(), provider, token)
+		resp, err := rs.Introspect(r.Context(), provider, token)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusForbidden)
 			return
@ -67,7 +68,7 @@ func main() {
 		if !ok {
 			return
 		}
-		resp, err := rp.Introspect(r.Context(), provider, token)
+		resp, err := rs.Introspect(r.Context(), provider, token)
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusForbidden)
 			return
--- a/example/client/app/app.go
+++ b/example/client/app/app.go
@ -1,11 +1,8 @@
 package main

 import (
-	"context"
 	"encoding/json"
 	"fmt"
-	"html/template"
-	"io/ioutil"
 	"net/http"
 	"os"
 	"strings"
@ -14,8 +11,8 @@ import (
 	"github.com/google/uuid"
 	"github.com/sirupsen/logrus"

+	"github.com/caos/oidc/pkg/client/rp"
 	"github.com/caos/oidc/pkg/oidc"
-	"github.com/caos/oidc/pkg/rp"
 	"github.com/caos/oidc/pkg/utils"
 )

@ -32,8 +29,6 @@ func main() {
 	port := os.Getenv("PORT")
 	scopes := strings.Split(os.Getenv("SCOPES"), " ")

-	ctx := context.Background()
-
 	redirectURI := fmt.Sprintf("http://localhost:%v%v", port, callbackPath)
 	cookieHandler := utils.NewCookieHandler(key, key, utils.WithUnsecure())

@ -48,7 +43,7 @@ func main() {
 		options = append(options, rp.WithClientKey(keyPath))
 	}

-	provider, err := rp.NewRelayingPartyOIDC(issuer, clientID, clientSecret, redirectURI, scopes, options...)
+	provider, err := rp.NewRelyingPartyOIDC(issuer, clientID, clientSecret, redirectURI, scopes, options...)
 	if err != nil {
 		logrus.Fatalf("error creating provider %s", err.Error())
 	}
@ -81,80 +76,6 @@ func main() {
 	//with the returned tokens from the token endpoint
 	http.Handle(callbackPath, rp.CodeExchangeHandler(marshal, provider))

-	http.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) {
-		tokens, err := rp.ClientCredentials(ctx, provider, "scope")
-		if err != nil {
-			http.Error(w, "failed to exchange token: "+err.Error(), http.StatusUnauthorized)
-			return
-		}
-
-		data, err := json.Marshal(tokens)
-		if err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		w.Write(data)
-	})
-
-	http.HandleFunc("/jwt-profile", func(w http.ResponseWriter, r *http.Request) {
-		if r.Method == "GET" {
-			tpl := `
-	<!DOCTYPE html>
-	<html>
-		<head>
-			<meta charset="UTF-8">
-			<title>Login</title>
-		</head>
-		<body>
-			<form method="POST" action="/jwt-profile" enctype="multipart/form-data">
-				<label for="key">Select a key file:</label>
-				<input type="file" accept=".json" id="key" name="key">
-				<button type="submit">Get Token</button>
-			</form>
-		</body>
-	</html>`
-			t, err := template.New("login").Parse(tpl)
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			err = t.Execute(w, nil)
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-			}
-		} else {
-			err := r.ParseMultipartForm(4 << 10)
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			file, handler, err := r.FormFile("key")
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			defer file.Close()
-
-			key, err := ioutil.ReadAll(file)
-			fmt.Println(handler.Header)
-			assertion, err := oidc.NewJWTProfileAssertionFromFileData(key, []string{issuer})
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			token, err := rp.JWTProfileAssertionExchange(ctx, assertion, scopes, provider)
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			data, err := json.Marshal(token)
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusInternalServerError)
-				return
-			}
-			w.Write(data)
-		}
-	})
 	lis := fmt.Sprintf("127.0.0.1:%s", port)
 	logrus.Infof("listening on http://%s/", lis)
 	logrus.Fatal(http.ListenAndServe("127.0.0.1:"+port, nil))
--- a/example/client/github/github.go
+++ b/example/client/github/github.go
@ -10,8 +10,8 @@ import (
 	"golang.org/x/oauth2"
 	githubOAuth "golang.org/x/oauth2/github"

-	"github.com/caos/oidc/pkg/rp"
-	"github.com/caos/oidc/pkg/rp/cli"
+	"github.com/caos/oidc/pkg/client/rp"
+	"github.com/caos/oidc/pkg/client/rp/cli"
 	"github.com/caos/oidc/pkg/utils"
 )

@ -35,7 +35,7 @@ func main() {

 	ctx := context.Background()
 	cookieHandler := utils.NewCookieHandler(key, key, utils.WithUnsecure())
-	relayingParty, err := rp.NewRelayingPartyOAuth(rpConfig, rp.WithCookieHandler(cookieHandler))
+	relyingParty, err := rp.NewRelyingPartyOAuth(rpConfig, rp.WithCookieHandler(cookieHandler))
 	if err != nil {
 		fmt.Printf("error creating relaying party: %v", err)
 		return
@ -43,9 +43,9 @@ func main() {
 	state := func() string {
 		return uuid.New().String()
 	}
-	token := cli.CodeFlow(relayingParty, callbackPath, port, state)
+	token := cli.CodeFlow(relyingParty, callbackPath, port, state)

-	client := github.NewClient(relayingParty.OAuthConfig().Client(ctx, token.Token))
+	client := github.NewClient(relyingParty.OAuthConfig().Client(ctx, token.Token))

 	_, _, err = client.Users.Get(ctx, "")
 	if err != nil {
--- a/example/client/service/service.go
+++ b/example/client/service/service.go
@ -0,0 +1,196 @@
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/sirupsen/logrus"
+	"golang.org/x/oauth2"
+
+	"github.com/caos/oidc/pkg/client/profile"
+)
+
+var (
+	client *http.Client = http.DefaultClient
+)
+
+func main() {
+	//keyPath := os.Getenv("KEY_PATH")
+	issuer := os.Getenv("ISSUER")
+	port := os.Getenv("PORT")
+	scopes := strings.Split(os.Getenv("SCOPES"), " ")
+	//testURL := os.Getenv("TEST_URL")
+
+	//if keyPath != "" {
+	//	ts, err := rp.NewJWTProfileTokenSourceFromFile(issuer, keyPath, scopes)
+	//	if err != nil {
+	//		logrus.Fatalf("error creating token source %s", err.Error())
+	//	}
+	//	//client = oauth2.NewClient(context.Background(), ts)
+	//	resp, err := callExampleEndpoint(client, testURL)
+	//	if err != nil {
+	//		logrus.Fatalf("error response from test url: %s", err.Error())
+	//	}
+	//	fmt.Println(resp)
+	//}
+
+	http.HandleFunc("/jwt-profile", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == "GET" {
+			tpl := `
+	<!DOCTYPE html>
+	<html>
+		<head>
+			<meta charset="UTF-8">
+			<title>Login</title>
+		</head>
+		<body>
+			<form method="POST" action="/jwt-profile" enctype="multipart/form-data">
+				<label for="key">Select a key file:</label>
+				<input type="file" accept=".json" id="key" name="key">
+				<button type="submit">Get Token</button>
+			</form>
+		</body>
+	</html>`
+			t, err := template.New("login").Parse(tpl)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			err = t.Execute(w, nil)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+			}
+		} else {
+			err := r.ParseMultipartForm(4 << 10)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			file, _, err := r.FormFile("key")
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			defer file.Close()
+
+			key, err := ioutil.ReadAll(file)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			ts, err := profile.NewJWTProfileTokenSourceFromKeyFile(issuer, key, scopes)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			client = oauth2.NewClient(context.Background(), ts)
+			token, err := ts.Token()
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			//assertion, err := oidc.NewJWTProfileAssertionFromFileData(key, []string{issuer})
+			//if err != nil {
+			//	http.Error(w, err.Error(), http.StatusInternalServerError)
+			//	return
+			//}
+			//token, err := rp.JWTProfileAssertionExchange(ctx, assertion, scopes, provider)
+			//if err != nil {
+			//	http.Error(w, err.Error(), http.StatusInternalServerError)
+			//	return
+			//}
+			data, err := json.Marshal(token)
+			if err != nil {
+				http.Error(w, err.Error(), http.StatusInternalServerError)
+				return
+			}
+			w.Write(data)
+		}
+	})
+
+	http.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) {
+		tpl := `
+	<!DOCTYPE html>
+	<html>
+		<head>
+			<meta charset="UTF-8">
+			<title>Test</title>
+		</head>
+		<body>
+			<form method="POST" action="/test">
+				<label for="url">URL for test:</label>
+				<input type="text" id="url" name="url" width="200px">
+				<button type="submit">Test Token</button>
+			</form>
+			{{if .URL}}
+			<p>
+				Result for {{.URL}}: {{.Response}}
+			</p>
+			{{end}}
+		</body>
+	</html>`
+		err := r.ParseForm()
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		testURL := r.Form.Get("url")
+		var data struct {
+			URL      string
+			Response interface{}
+		}
+		if testURL != "" {
+			data.URL = testURL
+			data.Response, err = callExampleEndpoint(client, testURL)
+			if err != nil {
+				data.Response = err
+			}
+		}
+		t, err := template.New("login").Parse(tpl)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		err = t.Execute(w, data)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+		}
+
+	})
+	lis := fmt.Sprintf("127.0.0.1:%s", port)
+	logrus.Infof("listening on http://%s/", lis)
+	logrus.Fatal(http.ListenAndServe("127.0.0.1:"+port, nil))
+}
+
+func callExampleEndpoint(client *http.Client, testURL string) (interface{}, error) {
+	req, err := http.NewRequest("GET", testURL, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return "", fmt.Errorf("http status not ok: %s %s", resp.Status, body)
+	}
+
+	if strings.HasPrefix(resp.Header.Get("content-type"), "text/plain") {
+		return string(body), nil
+	}
+	return body, err
+}