vikunja/vikunja
7
43
Fork 73
Code Issues 150 Pull Requests 16 Packages Releases 32 Activity

WIP: Begin OAuth2 implementation #598

Closed
JonasFranz wants to merge 9 commits from feature/oauth2 into master
pull from: feature/oauth2
merge into: vikunja:master
Conversation 0 Commits 9 Files Changed 259 +23 -2
3 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit ffb70e9879 - Show all commits

2
pkg/models/models.go
View File

@ -53,6 +53,8 @@ func GetTables() []interface{} {
&TaskComment{},
&Bucket{},
&UnsplashPhoto{},
&OAuth2Client{},
&OAuth2BlockedJTI{},
}
}

15
pkg/models/oauth2_blocked_jti.go
View File

@ -22,12 +22,23 @@ import (
"time"
)
// OAuth2JTIBlocklist contains all JTI signatures for already assinged JWT tokens
// OAuth2BlockedJTI contains all JTI signatures for already assigned JWT tokens
type OAuth2BlockedJTI struct {
Signature string `xorm:"pk not null"`
ExpiresAt *time.Time
}
// TableName returns the table's name
func (jti OAuth2BlockedJTI) TableName() string {
return "oauth2_blocked_jtis"
}
// Expired checks if the JTI already expired
func (jti *OAuth2BlockedJTI) Expired() bool {
return jti.ExpiresAt.Before(time.Now())
}
// calculateSignatureOfJTI calculates the SHA256 hash of the JTI
func calculateSignatureOfJTI(jti string) string {
hasher := crypto.SHA256.New()
hasher.Write([]byte(jti))
@ -58,5 +69,5 @@ func IsJTIBlocked(jti string) (bool, error) {
} else if !has {
return false, nil
}
return blockedJTI.ExpiresAt.Before(time.Now()), nil
return blockedJTI.Expired(), nil
}

8
pkg/models/oauth2_client.go
View File

@ -24,6 +24,7 @@ import (
"code.vikunja.io/api/pkg/user"
)
// OAuth2Client represents a third party application used the authenticate with Vikunja
type OAuth2Client struct {
ClientID string `xorm:"pk not null"`
ClientSecret []byte
@ -38,6 +39,12 @@ type OAuth2Client struct {
UpdatedAt *time.Time `xorm:"updated"`
}
// TableName returns the table's name
func (client OAuth2Client) TableName() string {
return "oauth2_clients"
}
// BeforeInsert will generate new UUID for the client id if not already set
func (client *OAuth2Client) BeforeInsert() {
if len(client.ClientID) == 0 {
id := uuid.NewV4()
@ -45,6 +52,7 @@ func (client *OAuth2Client) BeforeInsert() {
}
}
// GetOAuth2ClientByClientID returns the client with the given client id
func GetOAuth2ClientByClientID(clientID string) (*OAuth2Client, error) {
if len(clientID) == 0 {
return nil, ErrOAuth2ClientDoesNotExist{ClientID: clientID}