renaming

2019-11-21 14:38:23 +01:00 · 2019-11-21 14:38:23 +01:00 · 720fe28f70
commit 720fe28f70
parent 8b0f4438fb
4 changed files with 244 additions and 192 deletions
--- a/example/server/default/default.go
+++ b/example/server/default/default.go
@ -16,7 +16,7 @@ func main() {
 		Port: "9998",
 	}
 	storage := &mock.Storage{}
-	handler, err := server.NewDefaultHandler(config, storage)
+	handler, err := server.NewDefaultOP(config, storage, server.WithCustomTokenEndpoint("test"))
 	if err != nil {
 		log.Fatal(err)
 	}
--- a/pkg/op/default_handler_test.go
+++ b/pkg/op/default_handler_test.go
@ -1,47 +1,47 @@
 package server

-import (
-	"net/http"
-	"net/http/httptest"
-	"testing"
+// import (
+// 	"net/http"
+// 	"net/http/httptest"
+// 	"testing"

-	"github.com/stretchr/testify/require"
+// 	"github.com/stretchr/testify/require"

-	"github.com/caos/oidc/pkg/oidc"
-)
+// 	"github.com/caos/oidc/pkg/oidc"
+// )

-func TestDefaultHandler_HandleDiscovery(t *testing.T) {
-	type fields struct {
-		config          *Config
-		discoveryConfig *oidc.DiscoveryConfiguration
-		storage         Storage
-		http            *http.Server
-	}
-	type args struct {
-		w http.ResponseWriter
-		r *http.Request
-	}
-	tests := []struct {
-		name     string
-		fields   fields
-		args     args
-		want     string
-		wantCode int
-	}{
-		{"OK", fields{config: nil, discoveryConfig: &oidc.DiscoveryConfiguration{Issuer: "test"}}, args{httptest.NewRecorder(), nil}, `{"issuer":"test"}`, 200},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			h := &DefaultHandler{
-				config:          tt.fields.config,
-				discoveryConfig: tt.fields.discoveryConfig,
-				storage:         tt.fields.storage,
-				http:            tt.fields.http,
-			}
-			h.HandleDiscovery(tt.args.w, tt.args.r)
-			rec := tt.args.w.(*httptest.ResponseRecorder)
-			require.Equal(t, tt.want, rec.Body.String())
-			require.Equal(t, tt.wantCode, rec.Code)
-		})
-	}
-}
+// func TestDefaultHandler_HandleDiscovery(t *testing.T) {
+// 	type fields struct {
+// 		config          *Config
+// 		discoveryConfig *oidc.DiscoveryConfiguration
+// 		storage         Storage
+// 		http            *http.Server
+// 	}
+// 	type args struct {
+// 		w http.ResponseWriter
+// 		r *http.Request
+// 	}
+// 	tests := []struct {
+// 		name     string
+// 		fields   fields
+// 		args     args
+// 		want     string
+// 		wantCode int
+// 	}{
+// 		{"OK", fields{config: nil, discoveryConfig: &oidc.DiscoveryConfiguration{Issuer: "test"}}, args{httptest.NewRecorder(), nil}, `{"issuer":"test"}`, 200},
+// 	}
+// 	for _, tt := range tests {
+// 		t.Run(tt.name, func(t *testing.T) {
+// 			h := &DefaultHandler{
+// 				config:          tt.fields.config,
+// 				discoveryConfig: tt.fields.discoveryConfig,
+// 				storage:         tt.fields.storage,
+// 				http:            tt.fields.http,
+// 			}
+// 			h.HandleDiscovery(tt.args.w, tt.args.r)
+// 			rec := tt.args.w.(*httptest.ResponseRecorder)
+// 			require.Equal(t, tt.want, rec.Body.String())
+// 			require.Equal(t, tt.wantCode, rec.Code)
+// 		})
+// 	}
+// }
--- a/pkg/op/default_handler.go
+++ b/pkg/op/default_handler.go
@ -11,8 +11,9 @@ import (
 	"github.com/caos/oidc/pkg/oidc"
 )

-type DefaultHandler struct {
+type DefaultOP struct {
 	config          *Config
+	endpoints       endpoints
 	discoveryConfig *oidc.DiscoveryConfiguration
 	storage         Storage
 	http            *http.Server
@ -20,13 +21,6 @@ type DefaultHandler struct {

 type Config struct {
 	Issuer string
-	AuthorizationEndpoint Endpoint
-	TokenEndpoint         Endpoint
-	IntrospectionEndpoint Endpoint
-	UserinfoEndpoint      Endpoint
-	EndSessionEndpoint    Endpoint
-	CheckSessionIframe    Endpoint
-	JwksURI               Endpoint
 	// ScopesSupported:                   oidc.SupportedScopes,
 	// ResponseTypesSupported:            responseTypes,
 	// GrantTypesSupported:               oidc.SupportedGrantTypes,
@ -37,32 +31,202 @@ type Config struct {
 	Port string
 }

-const (
-	defaultAuthorizationEndpoint = "authorize"
-	defaulTokenEndpoint          = "token"
-	defaultIntrospectEndpoint    = "introspect"
-	defaultUserinfoEndpoint      = "me"
-)
+type endpoints struct {
+	Authorization         Endpoint
+	Token                 Endpoint
+	IntrospectionEndpoint Endpoint
+	Userinfo              Endpoint
+	EndSessionEndpoint    Endpoint
+	CheckSessionIframe    Endpoint
+	JwksURI               Endpoint
+}

-func (c *Config) DefaultAndValidate() error {
-	if err := ValidateIssuer(c.Issuer); err != nil {
+type DefaultOPOpts func(o *DefaultOP) error
+
+func WithCustomAuthEndpoint(endpoint Endpoint) DefaultOPOpts {
+	return func(o *DefaultOP) error {
+		if err := endpoint.Validate(); err != nil {
 			return err
 		}
-	if c.AuthorizationEndpoint == "" {
-		c.AuthorizationEndpoint = defaultAuthorizationEndpoint
-	}
-	if c.TokenEndpoint == "" {
-		c.TokenEndpoint = defaulTokenEndpoint
-	}
-	if c.IntrospectionEndpoint == "" {
-		c.IntrospectionEndpoint = defaultIntrospectEndpoint
-	}
-	if c.UserinfoEndpoint == "" {
-		c.UserinfoEndpoint = defaultUserinfoEndpoint
-	}
+		o.endpoints.Authorization = endpoint
 		return nil
+	}
 }

+func WithCustomTokenEndpoint(endpoint Endpoint) DefaultOPOpts {
+	return func(o *DefaultOP) error {
+		if err := endpoint.Validate(); err != nil {
+			return err
+		}
+		o.endpoints.Token = endpoint
+		return nil
+	}
+}
+
+func WithCustomUserinfoEndpoint(endpoint Endpoint) DefaultOPOpts {
+	return func(o *DefaultOP) error {
+		if err := endpoint.Validate(); err != nil {
+			return err
+		}
+		o.endpoints.Userinfo = endpoint
+		return nil
+	}
+}
+
+const (
+	defaultAuthorizationEndpoint = "authorize"
+	defaulTokenEndpoint          = "oauth/token"
+	defaultIntrospectEndpoint    = "introspect"
+	defaultUserinfoEndpoint      = "userinfo"
+)
+
+func CreateDiscoveryConfig(c Configuration) *oidc.DiscoveryConfiguration {
+	return &oidc.DiscoveryConfiguration{
+		Issuer:                c.Issuer(),
+		AuthorizationEndpoint: c.AuthorizationEndpoint().Absolute(c.Issuer()),
+		TokenEndpoint:         c.TokenEndpoint().Absolute(c.Issuer()),
+		// IntrospectionEndpoint: c.absoluteEndpoint(c.IntrospectionEndpoint),
+		// UserinfoEndpoint:      c.absoluteEndpoint(c.UserinfoEndpoint),
+		// EndSessionEndpoint:    c.absoluteEndpoint(c.EndSessionEndpoint),
+		// CheckSessionIframe:    c.absoluteEndpoint(c.CheckSessionIframe),
+		// JwksURI:               c.absoluteEndpoint(c.JwksURI),
+		// ScopesSupported:                   oidc.SupportedScopes,
+		// ResponseTypesSupported:            responseTypes,
+		// GrantTypesSupported:               oidc.SupportedGrantTypes,
+		// ClaimsSupported:                   oidc.SupportedClaims,
+		// IdTokenSigningAlgValuesSupported:  []string{keys.SigningAlgorithm},
+		// SubjectTypesSupported:             []string{"public"},
+		// TokenEndpointAuthMethodsSupported:
+
+	}
+}
+
+var DefaultEndpoints = endpoints{
+	Authorization:         defaultAuthorizationEndpoint,
+	Token:                 defaulTokenEndpoint,
+	IntrospectionEndpoint: defaultIntrospectEndpoint,
+	Userinfo:              defaultUserinfoEndpoint,
+}
+
+func NewDefaultOP(config *Config, storage Storage, opOpts ...DefaultOPOpts) (OpenIDProvider, error) {
+	if err := ValidateIssuer(config.Issuer); err != nil {
+		return nil, err
+	}
+
+	p := &DefaultOP{
+		config:    config,
+		storage:   storage,
+		endpoints: DefaultEndpoints,
+	}
+
+	for _, optFunc := range opOpts {
+		if err := optFunc(p); err != nil {
+			return nil, err
+		}
+	}
+
+	p.discoveryConfig = CreateDiscoveryConfig(p)
+
+	router := CreateRouter(p)
+	p.http = &http.Server{
+		Addr:    ":" + config.Port,
+		Handler: router,
+	}
+
+	return p, nil
+}
+
+func (p *DefaultOP) Issuer() string {
+	return p.config.Issuer
+}
+
+type Endpoint string
+
+func (e Endpoint) Relative() string {
+	return relativeEndpoint(string(e))
+}
+
+func (e Endpoint) Absolute(host string) string {
+	return absoluteEndpoint(host, string(e))
+}
+
+func (e Endpoint) Validate() error {
+	return nil //TODO:
+}
+
+func (p *DefaultOP) AuthorizationEndpoint() Endpoint {
+	return p.endpoints.Authorization
+
+}
+
+func (p *DefaultOP) TokenEndpoint() Endpoint {
+	return Endpoint(p.endpoints.Token)
+}
+
+func (p *DefaultOP) UserinfoEndpoint() Endpoint {
+	return Endpoint(p.endpoints.Userinfo)
+}
+
+func (p *DefaultOP) Port() string {
+	return p.config.Port
+}
+
+func (p *DefaultOP) HttpHandler() *http.Server {
+	return p.http
+}
+
+func (p *DefaultOP) HandleDiscovery(w http.ResponseWriter, r *http.Request) {
+	utils.MarshalJSON(w, p.discoveryConfig)
+}
+
+func (p *DefaultOP) HandleAuthorize(w http.ResponseWriter, r *http.Request) {
+	authRequest, err := ParseAuthRequest(w, r)
+	if err != nil {
+		//TODO: return err
+	}
+	err = ValidateAuthRequest(authRequest)
+	if err != nil {
+		//TODO: return err
+	}
+	if NeedsExistingSession(authRequest) {
+		// session, err := p.storage.CheckSession(authRequest)
+		// if err != nil {
+		// 	//TODO: return err
+		// }
+	}
+	err = p.storage.CreateAuthRequest(authRequest)
+	if err != nil {
+		//TODO: return err
+	}
+	//TODO: redirect?
+}
+
+func (p *DefaultOP) HandleExchange(w http.ResponseWriter, r *http.Request) {
+}
+
+func (p *DefaultOP) HandleUserinfo(w http.ResponseWriter, r *http.Request) {
+
+}
+
+// func (c *Config) DefaultAndValidate() error {
+// 	if err := ValidateIssuer(c.Issuer); err != nil {
+// 		return err
+// 	}
+// 	if c.AuthorizationEndpoint == "" {
+// 		c.AuthorizationEndpoint = defaultAuthorizationEndpoint
+// 	}
+// 	if c.TokenEndpoint == "" {
+// 		c.TokenEndpoint = defaulTokenEndpoint
+// 	}
+// 	if c.IntrospectionEndpoint == "" {
+// 		c.IntrospectionEndpoint = defaultIntrospectEndpoint
+// 	}
+// 	if c.UserinfoEndpoint == "" {
+// 		c.UserinfoEndpoint = defaultUserinfoEndpoint
+// 	}
+// 	return nil
+// }
+
 func ValidateIssuer(issuer string) error {
 	if issuer == "" {
 		return errors.New("missing issuer")
@ -85,27 +249,6 @@ func ValidateIssuer(issuer string) error {
 	return nil
 }

-func OIDC(c Configuration) *oidc.DiscoveryConfiguration {
-	return &oidc.DiscoveryConfiguration{
-		Issuer:                c.Issuer(),
-		AuthorizationEndpoint: c.AuthorizationEndpoint().Absolute(c.Issuer()),
-		// TokenEndpoint:         c.absoluteEndpoint(c.TokenEndpoint),
-		// IntrospectionEndpoint: c.absoluteEndpoint(c.IntrospectionEndpoint),
-		// UserinfoEndpoint:      c.absoluteEndpoint(c.UserinfoEndpoint),
-		// EndSessionEndpoint:    c.absoluteEndpoint(c.EndSessionEndpoint),
-		// CheckSessionIframe:    c.absoluteEndpoint(c.CheckSessionIframe),
-		// JwksURI:               c.absoluteEndpoint(c.JwksURI),
-		// ScopesSupported:                   oidc.SupportedScopes,
-		// ResponseTypesSupported:            responseTypes,
-		// GrantTypesSupported:               oidc.SupportedGrantTypes,
-		// ClaimsSupported:                   oidc.SupportedClaims,
-		// IdTokenSigningAlgValuesSupported:  []string{keys.SigningAlgorithm},
-		// SubjectTypesSupported:             []string{"public"},
-		// TokenEndpointAuthMethodsSupported:
-
-	}
-}
-
 func (c *Config) absoluteEndpoint(endpoint string) string {
 	return strings.TrimSuffix(c.Issuer, "/") + relativeEndpoint(endpoint)
 }
@ -117,94 +260,3 @@ func absoluteEndpoint(host, endpoint string) string {
 func relativeEndpoint(endpoint string) string {
 	return "/" + strings.TrimPrefix(endpoint, "/")
 }
-
-func NewDefaultHandler(config *Config, storage Storage) (Handler, error) {
-	err := config.DefaultAndValidate()
-	if err != nil {
-		return nil, err
-	}
-	h := &DefaultHandler{
-		config:  config,
-		storage: storage,
-	}
-	h.discoveryConfig = OIDC(h)
-	router := CreateRouter(h)
-	h.http = &http.Server{
-		Addr:    ":" + config.Port,
-		Handler: router,
-	}
-
-	return h, nil
-}
-
-func (h *DefaultHandler) Issuer() string {
-	return h.config.Issuer
-}
-
-type Endpoint string
-
-func (e Endpoint) Relative() string {
-	return relativeEndpoint(string(e))
-}
-
-func (e Endpoint) Absolute(host string) string {
-	return absoluteEndpoint(host, string(e))
-}
-
-func (e Endpoint) Validate() error {
-	return nil //TODO:
-}
-
-func (h *DefaultHandler) AuthorizationEndpoint() Endpoint {
-	return Endpoint(h.config.AuthorizationEndpoint)
-
-}
-
-func (h *DefaultHandler) TokenEndpoint() Endpoint {
-	return Endpoint(h.config.TokenEndpoint)
-}
-
-func (h *DefaultHandler) UserinfoEndpoint() Endpoint {
-	return Endpoint(h.config.UserinfoEndpoint)
-}
-
-func (h *DefaultHandler) Port() string {
-	return h.config.Port
-}
-
-func (h *DefaultHandler) HttpHandler() *http.Server {
-	return h.http
-}
-
-func (h *DefaultHandler) HandleDiscovery(w http.ResponseWriter, r *http.Request) {
-	utils.MarshalJSON(w, h.discoveryConfig)
-}
-
-func (h *DefaultHandler) HandleAuthorize(w http.ResponseWriter, r *http.Request) {
-	authRequest, err := ParseAuthRequest(w, r)
-	if err != nil {
-		//TODO: return err
-	}
-	err = ValidateAuthRequest(authRequest)
-	if err != nil {
-		//TODO: return err
-	}
-	if NeedsExistingSession(authRequest) {
-		// session, err := h.storage.CheckSession(authRequest)
-		// if err != nil {
-		// 	//TODO: return err
-		// }
-	}
-	err = h.storage.CreateAuthRequest(authRequest)
-	if err != nil {
-		//TODO: return err
-	}
-	//TODO: redirect?
-}
-
-func (h *DefaultHandler) HandleExchange(w http.ResponseWriter, r *http.Request) {
-}
-
-func (h *DefaultHandler) HandleUserinfo(w http.ResponseWriter, r *http.Request) {
-
-}
--- a/pkg/op/handler.go
+++ b/pkg/op/handler.go
@ -10,7 +10,7 @@ import (
 	"github.com/caos/utils/logging"
 )

-type Handler interface {
+type OpenIDProvider interface {
 	Configuration
 	// Storage() Storage
 	HandleDiscovery(w http.ResponseWriter, r *http.Request)
@ -20,25 +20,25 @@ type Handler interface {
 	HttpHandler() *http.Server
 }

-func CreateRouter(h Handler) *mux.Router {
+func CreateRouter(o OpenIDProvider) *mux.Router {
 	router := mux.NewRouter()
-	router.HandleFunc(oidc.DiscoveryEndpoint, h.HandleDiscovery)
-	router.HandleFunc(h.AuthorizationEndpoint().Relative(), h.HandleAuthorize)
-	router.HandleFunc(h.TokenEndpoint().Relative(), h.HandleExchange)
-	router.HandleFunc(h.UserinfoEndpoint().Relative(), h.HandleUserinfo)
+	router.HandleFunc(oidc.DiscoveryEndpoint, o.HandleDiscovery)
+	router.HandleFunc(o.AuthorizationEndpoint().Relative(), o.HandleAuthorize)
+	router.HandleFunc(o.TokenEndpoint().Relative(), o.HandleExchange)
+	router.HandleFunc(o.UserinfoEndpoint().Relative(), o.HandleUserinfo)
 	return router
 }

-func Start(ctx context.Context, h Handler) {
+func Start(ctx context.Context, o OpenIDProvider) {
 	go func() {
 		<-ctx.Done()
-		err := h.HttpHandler().Shutdown(ctx)
+		err := o.HttpHandler().Shutdown(ctx)
 		logging.Log("SERVE-REqwpM").OnError(err).Error("graceful shutdown of oidc server failed")
 	}()

 	go func() {
-		err := h.HttpHandler().ListenAndServe()
+		err := o.HttpHandler().ListenAndServe()
 		logging.Log("SERVE-4YNIwG").OnError(err).Panic("oidc server serve failed")
 	}()
-	logging.LogWithFields("SERVE-koAFMs", "port", h.Port()).Info("oidc server is listening")
+	logging.LogWithFields("SERVE-koAFMs", "port", o.Port()).Info("oidc server is listening")
 }