WIP: Begin OAuth2 implementation #598
|
@ -53,6 +53,8 @@ func GetTables() []interface{} {
|
|||
&TaskComment{},
|
||||
&Bucket{},
|
||||
&UnsplashPhoto{},
|
||||
&OAuth2Client{},
|
||||
&OAuth2BlockedJTI{},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -22,12 +22,23 @@ import (
|
|||
"time"
|
||||
)
|
||||
|
||||
// OAuth2JTIBlocklist contains all JTI signatures for already assinged JWT tokens
|
||||
// OAuth2BlockedJTI contains all JTI signatures for already assigned JWT tokens
|
||||
type OAuth2BlockedJTI struct {
|
||||
Signature string `xorm:"pk not null"`
|
||||
ExpiresAt *time.Time
|
||||
}
|
||||
|
||||
// TableName returns the table's name
|
||||
func (jti OAuth2BlockedJTI) TableName() string {
|
||||
return "oauth2_blocked_jtis"
|
||||
}
|
||||
|
||||
// Expired checks if the JTI already expired
|
||||
func (jti *OAuth2BlockedJTI) Expired() bool {
|
||||
return jti.ExpiresAt.Before(time.Now())
|
||||
}
|
||||
|
||||
// calculateSignatureOfJTI calculates the SHA256 hash of the JTI
|
||||
func calculateSignatureOfJTI(jti string) string {
|
||||
hasher := crypto.SHA256.New()
|
||||
hasher.Write([]byte(jti))
|
||||
|
@ -58,5 +69,5 @@ func IsJTIBlocked(jti string) (bool, error) {
|
|||
} else if !has {
|
||||
return false, nil
|
||||
}
|
||||
return blockedJTI.ExpiresAt.Before(time.Now()), nil
|
||||
return blockedJTI.Expired(), nil
|
||||
}
|
||||
|
|
|
@ -24,6 +24,7 @@ import (
|
|||
"code.vikunja.io/api/pkg/user"
|
||||
)
|
||||
|
||||
// OAuth2Client represents a third party application used the authenticate with Vikunja
|
||||
type OAuth2Client struct {
|
||||
ClientID string `xorm:"pk not null"`
|
||||
ClientSecret []byte
|
||||
|
@ -38,6 +39,12 @@ type OAuth2Client struct {
|
|||
UpdatedAt *time.Time `xorm:"updated"`
|
||||
}
|
||||
|
||||
// TableName returns the table's name
|
||||
func (client OAuth2Client) TableName() string {
|
||||
return "oauth2_clients"
|
||||
}
|
||||
|
||||
// BeforeInsert will generate new UUID for the client id if not already set
|
||||
func (client *OAuth2Client) BeforeInsert() {
|
||||
if len(client.ClientID) == 0 {
|
||||
id := uuid.NewV4()
|
||||
|
@ -45,6 +52,7 @@ func (client *OAuth2Client) BeforeInsert() {
|
|||
}
|
||||
}
|
||||
|
||||
// GetOAuth2ClientByClientID returns the client with the given client id
|
||||
func GetOAuth2ClientByClientID(clientID string) (*OAuth2Client, error) {
|
||||
if len(clientID) == 0 {
|
||||
return nil, ErrOAuth2ClientDoesNotExist{ClientID: clientID}
|
||||
|
|
Loading…
Reference in New Issue
Block a user