This commit is contained in:
parent
16bd1543ad
commit
ff16f2516f
|
@ -24,6 +24,7 @@ import (
|
||||||
"code.vikunja.io/api/pkg/migration"
|
"code.vikunja.io/api/pkg/migration"
|
||||||
"code.vikunja.io/api/pkg/models"
|
"code.vikunja.io/api/pkg/models"
|
||||||
migrator "code.vikunja.io/api/pkg/modules/migration"
|
migrator "code.vikunja.io/api/pkg/modules/migration"
|
||||||
|
"code.vikunja.io/api/pkg/oauth"
|
||||||
"code.vikunja.io/api/pkg/red"
|
"code.vikunja.io/api/pkg/red"
|
||||||
"code.vikunja.io/api/pkg/user"
|
"code.vikunja.io/api/pkg/user"
|
||||||
)
|
)
|
||||||
|
@ -65,6 +66,11 @@ func FullInit() {
|
||||||
|
|
||||||
LightInit()
|
LightInit()
|
||||||
|
|
||||||
|
// Init OAuth2 provider
|
||||||
|
if err := oauth.InitProvider(); err != nil {
|
||||||
|
log.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
// Run the migrations
|
// Run the migrations
|
||||||
migration.Migrate(nil)
|
migration.Migrate(nil)
|
||||||
|
|
||||||
|
|
66
pkg/oauth/provider.go
Normal file
66
pkg/oauth/provider.go
Normal file
|
@ -0,0 +1,66 @@
|
||||||
|
// Vikunja is a to-do list application to facilitate your life.
|
||||||
|
// Copyright 2018-2020 Vikunja and contributors. All rights reserved.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU General Public License
|
||||||
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
package oauth
|
||||||
|
|
||||||
|
import (
|
||||||
|
"code.vikunja.io/api/pkg/config"
|
||||||
|
"crypto/x509"
|
||||||
|
"encoding/pem"
|
||||||
|
"github.com/ory/fosite"
|
||||||
|
"github.com/ory/fosite/compose"
|
||||||
|
"github.com/ory/fosite/token/jwt"
|
||||||
|
)
|
||||||
|
|
||||||
|
var provider fosite.OAuth2Provider
|
||||||
|
|
||||||
|
func Provider() fosite.OAuth2Provider {
|
||||||
|
return provider
|
||||||
|
}
|
||||||
|
|
||||||
|
func InitProvider() error {
|
||||||
|
storage := newStorage()
|
||||||
|
cfg := &compose.Config{}
|
||||||
|
|
||||||
|
block, _ := pem.Decode([]byte(config.ServiceJWTPrivateKey.GetString()))
|
||||||
|
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
provider = compose.Compose(
|
||||||
|
cfg,
|
||||||
|
storage,
|
||||||
|
&compose.CommonStrategy{
|
||||||
|
CoreStrategy: compose.NewOAuth2HMACStrategy(cfg, []byte(config.ServiceJWTSecret.GetString()), nil),
|
||||||
|
JWTStrategy: &jwt.RS256JWTStrategy{
|
||||||
|
PrivateKey: privateKey,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
nil,
|
||||||
|
|
||||||
|
compose.OAuth2AuthorizeExplicitFactory,
|
||||||
|
compose.OAuth2AuthorizeImplicitFactory,
|
||||||
|
compose.OAuth2ClientCredentialsGrantFactory,
|
||||||
|
compose.OAuth2RefreshTokenGrantFactory,
|
||||||
|
compose.OAuth2ResourceOwnerPasswordCredentialsFactory,
|
||||||
|
|
||||||
|
compose.OAuth2TokenIntrospectionFactory,
|
||||||
|
|
||||||
|
compose.OAuth2PKCEFactory,
|
||||||
|
)
|
||||||
|
return nil
|
||||||
|
}
|
|
@ -12,6 +12,10 @@ import (
|
||||||
|
|
||||||
type Storage struct{}
|
type Storage struct{}
|
||||||
|
|
||||||
|
func newStorage() *Storage {
|
||||||
|
return &Storage{}
|
||||||
|
}
|
||||||
|
|
||||||
func (s *Storage) GetClient(ctx context.Context, id string) (fosite.Client, error) {
|
func (s *Storage) GetClient(ctx context.Context, id string) (fosite.Client, error) {
|
||||||
client, err := models.GetOAuth2ClientByClientID(id)
|
client, err := models.GetOAuth2ClientByClientID(id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user