Added auth servicers to pkg

2021-09-01 14:10:47 +02:00
parent 9e87b43b33
commit 4d5ed1da26
4 changed files with 252 additions and 0 deletions
--- a/pkg/http/auth/basic.go
+++ b/pkg/http/auth/basic.go
@@ -0,0 +1,40 @@
+package auth
+
+import (
+	"context"
+	"encoding/base64"
+	"fmt"
+)
+
+type (
+	ServicerBasic struct {
+		user string
+		pass string
+	}
+
+	BasicParams struct {
+		User string
+		Pass string
+	}
+)
+
+func NewBasic(p BasicParams) (s ServicerBasic, err error) {
+	if p.User == "" {
+		err = fmt.Errorf("invalid param username")
+		return
+	}
+
+	if p.Pass == "" {
+		err = fmt.Errorf("invalid param password")
+		return
+	}
+
+	s = ServicerBasic{user: p.User, pass: p.Pass}
+
+	return
+}
+
+func (s ServicerBasic) Do(ctx context.Context) string {
+	auth := s.user + ":" + s.pass
+	return base64.StdEncoding.EncodeToString([]byte(auth))
+}
--- a/pkg/http/auth/basic_test.go
+++ b/pkg/http/auth/basic_test.go
@@ -0,0 +1,60 @@
+package auth
+
+import (
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func Test_basic(t *testing.T) {
+	type (
+		tf struct {
+			name   string
+			err    string
+			exp    string
+			params BasicParams
+		}
+	)
+
+	var (
+		tcc = []tf{
+			{
+				name:   "match basic headers fail username validation",
+				err:    "invalid param username",
+				params: BasicParams{},
+			},
+			{
+				name: "match basic headers fail password validation",
+				err:  "invalid param password",
+				params: BasicParams{
+					User: "user",
+				},
+			},
+			{
+				name: "match basic headers success",
+				params: BasicParams{
+					User: "thou",
+					Pass: "shallnotpass",
+				},
+				exp: "dGhvdTpzaGFsbG5vdHBhc3M=",
+			},
+		}
+	)
+
+	for _, tc := range tcc {
+		t.Run(tc.name, func(t *testing.T) {
+			var (
+				req    = require.New(t)
+				s, err = NewBasic(tc.params)
+			)
+
+			if tc.err != "" {
+				req.EqualError(err, tc.err)
+				return
+			}
+
+			req.Equal(tc.exp, s.Do(context.Background()))
+		})
+	}
+}
--- a/pkg/http/auth/oauth2.go
+++ b/pkg/http/auth/oauth2.go
@@ -0,0 +1,70 @@
+package auth
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"net/url"
+
+	"github.com/cortezaproject/corteza-server/pkg/apigw/types"
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/clientcredentials"
+)
+
+type (
+	ServicerOauth2 struct {
+		c *http.Client
+
+		client   string
+		secret   string
+		scope    []string
+		tokenUrl *url.URL
+	}
+
+	Oauth2Params struct {
+		Client   string
+		Secret   string
+		Scope    []string
+		TokenUrl *url.URL
+	}
+)
+
+func NewOauth2(p Oauth2Params, c *http.Client, s types.SecureStorager) (ss ServicerOauth2, err error) {
+	if p.Client == "" {
+		err = fmt.Errorf("invalid param client")
+		return
+	}
+
+	if p.Secret == "" {
+		err = fmt.Errorf("invalid param secret")
+		return
+	}
+
+	if p.TokenUrl == nil || p.TokenUrl.String() == "" {
+		err = fmt.Errorf("invalid param token url")
+		return
+	}
+
+	ss = ServicerOauth2{
+		c:        c,
+		client:   p.Client,
+		secret:   p.Secret,
+		scope:    p.Scope,
+		tokenUrl: p.TokenUrl,
+	}
+
+	return
+}
+
+func (s ServicerOauth2) Do(ctx context.Context) (t *oauth2.Token, err error) {
+	c := &clientcredentials.Config{
+		ClientID:     s.client,
+		ClientSecret: s.secret,
+		Scopes:       s.scope,
+		TokenURL:     s.tokenUrl.String(),
+	}
+
+	ctx = context.WithValue(ctx, oauth2.HTTPClient, s.c)
+
+	return c.Token(ctx)
+}
--- a/pkg/http/auth/oauth2_test.go
+++ b/pkg/http/auth/oauth2_test.go
@@ -0,0 +1,82 @@
+package auth
+
+import (
+	"net/http"
+	"net/url"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func Test_oauth2(t *testing.T) {
+	type (
+		tf struct {
+			name   string
+			err    string
+			exp    string
+			params Oauth2Params
+		}
+	)
+
+	var (
+		tcc = []tf{
+			{
+				name:   "match oauth2 fail client validation",
+				err:    "invalid param client",
+				params: Oauth2Params{},
+			},
+			{
+				name: "match oauth2 fail secret key validation",
+				err:  "invalid param secret",
+				params: Oauth2Params{
+					Client: "client_ID",
+				},
+			},
+			{
+				name: "match oauth2 fail url validation",
+				err:  "invalid param token url",
+				params: Oauth2Params{
+					Client: "client_ID",
+					Secret: "secret_KEY",
+				},
+			},
+			{
+				name: "match oauth2 fail url validation",
+				err:  "invalid param token url",
+				params: Oauth2Params{
+					Client:   "client_ID",
+					Secret:   "secret_KEY",
+					TokenUrl: &url.URL{},
+				},
+			},
+			{
+				name: "match oauth2 fail validation",
+				params: Oauth2Params{
+					Client:   "client_ID",
+					Secret:   "secret_KEY",
+					TokenUrl: generateURL("http://example.com"),
+				},
+			},
+		}
+	)
+
+	for _, tc := range tcc {
+		t.Run(tc.name, func(t *testing.T) {
+			var (
+				req    = require.New(t)
+				c      = http.DefaultClient
+				_, err = NewOauth2(tc.params, c, struct{}{})
+			)
+
+			if tc.err != "" {
+				req.EqualError(err, tc.err)
+				return
+			}
+		})
+	}
+}
+
+func generateURL(s string) (u *url.URL) {
+	u, _ = url.Parse(s)
+	return
+}