refactoring

2020-09-25 16:41:25 +02:00 · 2020-09-25 16:41:25 +02:00 · 542ec6ed7b
commit 542ec6ed7b
parent 6cfd02e4c9
26 changed files with 1412 additions and 625 deletions
--- a/example/client/app/app.go
+++ b/example/client/app/app.go
@ -4,6 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"html/template"
+	"io/ioutil"
 	"net/http"
 	"os"
 	"time"
@ -30,7 +32,7 @@ func main() {
 	ctx := context.Background()

 	redirectURI := fmt.Sprintf("http://localhost:%v%v", port, callbackPath)
-	scopes := []string{oidc.ScopeOpenID, oidc.ScopeProfile, oidc.ScopeEmail}
+	scopes := []string{oidc.ScopeOpenID, oidc.ScopeProfile, oidc.ScopeEmail, oidc.ScopeAddress, "hodor"}
 	cookieHandler := utils.NewCookieHandler(key, key, utils.WithUnsecure())
 	provider, err := rp.NewRelayingPartyOIDC(issuer, clientID, clientSecret, redirectURI, scopes,
 		rp.WithPKCE(cookieHandler),
@ -82,6 +84,62 @@ func main() {
 		}
 		w.Write(data)
 	})
+
+	http.HandleFunc("/jwt-profile", func(w http.ResponseWriter, r *http.Request) {
+		tpl := `
+	<!DOCTYPE html>
+	<html>
+		<head>
+			<meta charset="UTF-8">
+			<title>Login</title>
+		</head>
+		<body>
+			<form method="POST" action="/jwt-profile-assertion" enctype="multipart/form-data">
+				<label for="key">Select a key file:</label>
+				<input type="file" id="key" name="key">
+				<button type="submit">Upload</button>
+			</form>
+		</body>
+	</html>`
+		t, err := template.New("login").Parse(tpl)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		err = t.Execute(w, nil)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+		}
+	})
+
+	http.HandleFunc("/jwt-profile-assertion", func(w http.ResponseWriter, r *http.Request) {
+		r.ParseMultipartForm(32 << 20)
+		file, handler, err := r.FormFile("key")
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		defer file.Close()
+
+		key, err := ioutil.ReadAll(file)
+		fmt.Println(handler.Header)
+		assertion, err := oidc.NewJWTProfileAssertionFromFileData(key, []string{issuer})
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		token, err := rp.JWTProfileExchange(ctx, assertion, provider)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		data, err := json.Marshal(token)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		w.Write(data)
+	})
 	lis := fmt.Sprintf("127.0.0.1:%s", port)
 	logrus.Infof("listening on http://%s/", lis)
 	logrus.Fatal(http.ListenAndServe("127.0.0.1:"+port, nil))
--- a/example/client/jwt_profile.go
+++ b/example/client/jwt_profile.go
@ -0,0 +1,39 @@
+package client
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/sirupsen/logrus"
+
+	"github.com/caos/oidc/pkg/oidc"
+	"github.com/caos/oidc/pkg/rp"
+	"github.com/caos/oidc/pkg/utils"
+)
+
+var (
+	callbackPath string = "/auth/callback"
+	key          []byte = []byte("test1234test1234")
+)
+
+func main() {
+	clientID := os.Getenv("CLIENT_ID")
+	clientSecret := os.Getenv("CLIENT_SECRET")
+	issuer := os.Getenv("ISSUER")
+	port := os.Getenv("PORT")
+
+	ctx := context.Background()
+
+	redirectURI := fmt.Sprintf("http://localhost:%v%v", port, callbackPath)
+	scopes := []string{oidc.ScopeOpenID, oidc.ScopeProfile, oidc.ScopeEmail, oidc.ScopeAddress, "hodor"}
+	cookieHandler := utils.NewCookieHandler(key, key, utils.WithUnsecure())
+	provider, err := rp.NewRelayingPartyOIDC(issuer, clientID, clientSecret, redirectURI, scopes,
+		rp.WithPKCE(cookieHandler),
+		rp.WithVerifierOpts(rp.WithIssuedAtOffset(5*time.Second)),
+	)
+	if err != nil {
+		logrus.Fatalf("error creating provider %s", err.Error())
+	}
+}