Add oauth2 provider

pkg/initialize/init.go

@@ -24,6 +24,7 @@ import (
 	"code.vikunja.io/api/pkg/migration"
 	"code.vikunja.io/api/pkg/models"
 	migrator "code.vikunja.io/api/pkg/modules/migration"
+	"code.vikunja.io/api/pkg/oauth"
 	"code.vikunja.io/api/pkg/red"
 	"code.vikunja.io/api/pkg/user"
 )
@@ -65,6 +66,11 @@ func FullInit() {
 
 	LightInit()
 
+	// Init OAuth2 provider
+	if err := oauth.InitProvider(); err != nil {
+		log.Fatal(err)
+	}
+
 	// Run the migrations
 	migration.Migrate(nil)
 

pkg/oauth/provider.go

@@ -0,0 +1,66 @@
+// Vikunja is a to-do list application to facilitate your life.
+// Copyright 2018-2020 Vikunja and contributors. All rights reserved.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package oauth
+
+import (
+	"code.vikunja.io/api/pkg/config"
+	"crypto/x509"
+	"encoding/pem"
+	"github.com/ory/fosite"
+	"github.com/ory/fosite/compose"
+	"github.com/ory/fosite/token/jwt"
+)
+
+var provider fosite.OAuth2Provider
+
+func Provider() fosite.OAuth2Provider {
+	return provider
+}
+
+func InitProvider() error {
+	storage := newStorage()
+	cfg := &compose.Config{}
+
+	block, _ := pem.Decode([]byte(config.ServiceJWTPrivateKey.GetString()))
+	privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+	if err != nil {
+		return err
+	}
+
+	provider = compose.Compose(
+		cfg,
+		storage,
+		&compose.CommonStrategy{
+			CoreStrategy: compose.NewOAuth2HMACStrategy(cfg, []byte(config.ServiceJWTSecret.GetString()), nil),
+			JWTStrategy: &jwt.RS256JWTStrategy{
+				PrivateKey: privateKey,
+			},
+		},
+		nil,
+
+		compose.OAuth2AuthorizeExplicitFactory,
+		compose.OAuth2AuthorizeImplicitFactory,
+		compose.OAuth2ClientCredentialsGrantFactory,
+		compose.OAuth2RefreshTokenGrantFactory,
+		compose.OAuth2ResourceOwnerPasswordCredentialsFactory,
+
+		compose.OAuth2TokenIntrospectionFactory,
+
+		compose.OAuth2PKCEFactory,
+	)
+	return nil
+}

pkg/oauth/storage.go

@@ -12,6 +12,10 @@ import (
 
 type Storage struct{}
 
+func newStorage() *Storage {
+	return &Storage{}
+}
+
 func (s *Storage) GetClient(ctx context.Context, id string) (fosite.Client, error) {
 	client, err := models.GetOAuth2ClientByClientID(id)
 	if err != nil {