crypto

example/internal/mock/storage.go

@@ -16,9 +16,7 @@ type AuthStorage struct {
 	key *rsa.PrivateKey
 }
 
-type OPStorage struct{}
-
-func NewAuthStorage() op.AuthStorage {
+func NewAuthStorage() op.Storage {
 	reader := rand.Reader
 	bitSize := 2048
 	key, err := rsa.GenerateKey(reader, bitSize)
@@ -106,6 +104,7 @@ func (a *AuthRequest) GetSubject() string {
 
 var (
 	a = &AuthRequest{}
+	t bool
 )
 
 func (s *AuthStorage) CreateAuthRequest(authReq *oidc.AuthRequest) (op.AuthRequest, error) {
@@ -116,15 +115,20 @@ func (s *AuthStorage) CreateAuthRequest(authReq *oidc.AuthRequest) (op.AuthReque
 			Method:    authReq.CodeChallengeMethod,
 		}
 	}
+	t = false
 	return a, nil
 }
 func (s *AuthStorage) AuthRequestByCode(string) (op.AuthRequest, error) {
 	return a, nil
 }
-func (s *AuthStorage) DeleteAuthRequestAndCode(string, string) error {
+func (s *AuthStorage) DeleteAuthRequest(string) error {
+	t = true
 	return nil
 }
 func (s *AuthStorage) AuthRequestByID(id string) (op.AuthRequest, error) {
+	if id != "id" || t {
+		return nil, errors.New("not found")
+	}
 	return a, nil
 }
 func (s *AuthStorage) GetSigningKey() (*jose.SigningKey, error) {
@@ -142,7 +146,7 @@ func (s *AuthStorage) GetKeySet() (*jose.JSONWebKeySet, error) {
 	}, nil
 }
 
-func (s *OPStorage) GetClientByClientID(id string) (op.Client, error) {
+func (s *AuthStorage) GetClientByClientID(id string) (op.Client, error) {
 	if id == "none" {
 		return nil, errors.New("not found")
 	}
@@ -161,10 +165,11 @@ func (s *OPStorage) GetClientByClientID(id string) (op.Client, error) {
 	return &ConfClient{ID: id, applicationType: appType, authMethod: authMethod}, nil
 }
 
-func (s *OPStorage) AuthorizeClientIDSecret(id string, _ string) error {
+func (s *AuthStorage) AuthorizeClientIDSecret(id string, _ string) error {
 	return nil
 }
-func (s *OPStorage) GetUserinfoFromScopes([]string) (*oidc.Userinfo, error) {
+
+func (s *AuthStorage) GetUserinfoFromScopes([]string) (*oidc.Userinfo, error) {
 	return &oidc.Userinfo{
 		Subject: a.GetSubject(),
 		Address: &oidc.UserinfoAddress{

example/server/default/default.go

@@ -2,7 +2,12 @@ package main
 
 import (
 	"context"
+	"crypto/sha256"
+	"html/template"
 	"log"
+	"net/http"
+
+	"github.com/gorilla/mux"
 
 	"github.com/caos/oidc/example/internal/mock"
 	"github.com/caos/oidc/pkg/op"
@@ -11,17 +16,50 @@ import (
 func main() {
 	ctx := context.Background()
 	config := &op.Config{
-		Issuer: "http://localhost:9998/",
-
-		Port: "9998",
+		Issuer:    "http://localhost:9998/",
+		CryptoKey: sha256.Sum256([]byte("test")),
+		Port:      "9998",
 	}
-	authStorage := mock.NewAuthStorage()
-	opStorage := &mock.OPStorage{}
-	handler, err := op.NewDefaultOP(config, authStorage, opStorage, op.WithCustomTokenEndpoint("test"))
+	storage := mock.NewAuthStorage()
+	handler, err := op.NewDefaultOP(config, storage, op.WithCustomTokenEndpoint("test"))
 	if err != nil {
 		log.Fatal(err)
 	}
+	router := handler.HttpHandler().Handler.(*mux.Router)
+	router.Methods("GET").Path("/login").HandlerFunc(HandleLogin)
+	router.Methods("POST").Path("/login").HandlerFunc(HandleCallback)
 	op.Start(ctx, handler)
 	<-ctx.Done()
-
+}
+
+func HandleLogin(w http.ResponseWriter, r *http.Request) {
+	tpl := `
+	<!DOCTYPE html>
+	<html>
+		<head>
+			<meta charset="UTF-8">
+			<title>Login</title>
+		</head>
+		<body>
+			<form method="POST" action="/login">
+				<input name="client"/>
+				<button type="submit">Login</button>
+			</form>
+		</body>
+	</html>`
+	t, err := template.New("login").Parse(tpl)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	err = t.Execute(w, nil)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+	}
+}
+
+func HandleCallback(w http.ResponseWriter, r *http.Request) {
+	r.ParseForm()
+	client := r.FormValue("client")
+	http.Redirect(w, r, "/authorize/"+client, http.StatusFound)
 }