fix: tests
This commit is contained in:
Lakhan Samani
parent
b68d9ce661
commit
df1c56bb1c
|
|
@ -16,12 +16,12 @@ func SetAdminCookie(gc *gin.Context, token string) {
|
|||
hostname := utils.GetHost(gc)
|
||||
host, _ := utils.GetHostParts(hostname)
|
||||
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), token, 3600, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), token, 3600, "/", host, secure, httpOnly)
|
||||
}
|
||||
|
||||
// GetAdminCookie gets the admin cookie from the request
|
||||
func GetAdminCookie(gc *gin.Context) (string, error) {
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName))
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
@ -42,5 +42,5 @@ func DeleteAdminCookie(gc *gin.Context) {
|
|||
hostname := utils.GetHost(gc)
|
||||
host, _ := utils.GetHostParts(hostname)
|
||||
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), "", -1, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), "", -1, "/", host, secure, httpOnly)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,23 +31,23 @@ func SetCookie(gc *gin.Context, accessToken, refreshToken, fingerprintHash strin
|
|||
|
||||
gc.SetSameSite(http.SameSiteNoneMode)
|
||||
// set cookie for host
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", accessToken, thirtyMin, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", accessToken, thirtyMin, "/", host, secure, httpOnly)
|
||||
|
||||
// in case of subdomain, set cookie for domain
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token.domain", accessToken, thirtyMin, "/", domain, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token.domain", accessToken, thirtyMin, "/", domain, secure, httpOnly)
|
||||
|
||||
// set finger print cookie (this should be accessed via cookie only)
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", fingerprintHash, year, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", fingerprintHash, year, "/", host, secure, httpOnly)
|
||||
|
||||
// set refresh token cookie (this should be accessed via cookie only)
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", refreshToken, year, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", refreshToken, year, "/", host, secure, httpOnly)
|
||||
}
|
||||
|
||||
// GetAccessTokenCookie to get access token cookie from the request
|
||||
func GetAccessTokenCookie(gc *gin.Context) (string, error) {
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".access_token")
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".access_token")
|
||||
if err != nil {
|
||||
cookie, err = gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".access_token.domain")
|
||||
cookie, err = gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".access_token.domain")
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
@ -58,7 +58,7 @@ func GetAccessTokenCookie(gc *gin.Context) (string, error) {
|
|||
|
||||
// GetRefreshTokenCookie to get refresh token cookie
|
||||
func GetRefreshTokenCookie(gc *gin.Context) (string, error) {
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".refresh_token")
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".refresh_token")
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
@ -68,7 +68,7 @@ func GetRefreshTokenCookie(gc *gin.Context) (string, error) {
|
|||
|
||||
// GetFingerPrintCookie to get fingerprint cookie
|
||||
func GetFingerPrintCookie(gc *gin.Context) (string, error) {
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".fingerprint")
|
||||
cookie, err := gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + ".fingerprint")
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
@ -95,8 +95,8 @@ func DeleteCookie(gc *gin.Context) {
|
|||
}
|
||||
|
||||
gc.SetSameSite(http.SameSiteNoneMode)
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", "", -1, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token.domain", "", -1, "/", domain, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", "", -1, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", "", -1, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", "", -1, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token.domain", "", -1, "/", domain, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", "", -1, "/", host, secure, httpOnly)
|
||||
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", "", -1, "/", host, secure, httpOnly)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,22 +31,24 @@ func GetPubJWK(algo, keyID string, publicKey interface{}) (string, error) {
|
|||
}
|
||||
|
||||
// GenerateJWKBasedOnEnv generates JWK based on env
|
||||
// make sure clientID, jwtType, jwtSecret / public & private key pair is set
|
||||
// this is called while initializing app / when env is updated
|
||||
func GenerateJWKBasedOnEnv() (string, error) {
|
||||
jwk := ""
|
||||
algo := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
clientID := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID)
|
||||
algo := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
clientID := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID)
|
||||
|
||||
var err error
|
||||
// check if jwt secret is provided
|
||||
if IsHMACA(algo) {
|
||||
jwk, err = GetPubJWK(algo, clientID, []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)))
|
||||
jwk, err = GetPubJWK(algo, clientID, []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
}
|
||||
|
||||
if IsRSA(algo) {
|
||||
publicKeyInstance, err := ParseRsaPublicKeyFromPemStr(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
|
||||
publicKeyInstance, err := ParseRsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
@ -58,7 +60,7 @@ func GenerateJWKBasedOnEnv() (string, error) {
|
|||
}
|
||||
|
||||
if IsECDSA(algo) {
|
||||
publicKeyInstance, err := ParseEcdsaPublicKeyFromPemStr(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
|
||||
publicKeyInstance, err := ParseEcdsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,7 +12,18 @@ import (
|
|||
// NewECDSAKey to generate new ECDSA Key if env is not set
|
||||
// returns key instance, private key string, public key string, jwk string, error
|
||||
func NewECDSAKey(algo, keyID string) (*ecdsa.PrivateKey, string, string, string, error) {
|
||||
key, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
|
||||
var curve elliptic.Curve
|
||||
switch algo {
|
||||
case "ES256":
|
||||
curve = elliptic.P256()
|
||||
case "ES384":
|
||||
curve = elliptic.P384()
|
||||
case "ES512":
|
||||
curve = elliptic.P521()
|
||||
default:
|
||||
return nil, "", "", "", errors.New("Invalid algo")
|
||||
}
|
||||
key, err := ecdsa.GenerateKey(curve, rand.Reader)
|
||||
if err != nil {
|
||||
return nil, "", "", "", err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,9 +15,9 @@ var Provider providers.Provider
|
|||
func InitDB() error {
|
||||
var err error
|
||||
|
||||
isSQL := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeArangodb && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeMongodb
|
||||
isArangoDB := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeArangodb
|
||||
isMongoDB := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeMongodb
|
||||
isSQL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeArangodb && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeMongodb
|
||||
isArangoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeArangodb
|
||||
isMongoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeMongodb
|
||||
|
||||
if isSQL {
|
||||
Provider, err = sql.NewProvider()
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ type provider struct {
|
|||
func NewProvider() (*provider, error) {
|
||||
ctx := context.Background()
|
||||
conn, err := http.NewConnection(http.ConnectionConfig{
|
||||
Endpoints: []string{envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)},
|
||||
Endpoints: []string{envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)},
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -39,16 +39,16 @@ func NewProvider() (*provider, error) {
|
|||
|
||||
var arangodb driver.Database
|
||||
|
||||
arangodb_exists, err := arangoClient.DatabaseExists(nil, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
|
||||
arangodb_exists, err := arangoClient.DatabaseExists(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
|
||||
|
||||
if arangodb_exists {
|
||||
log.Println(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName) + " db exists already")
|
||||
arangodb, err = arangoClient.Database(nil, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
|
||||
log.Println(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName) + " db exists already")
|
||||
arangodb, err = arangoClient.Database(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
} else {
|
||||
arangodb, err = arangoClient.CreateDatabase(nil, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), nil)
|
||||
arangodb, err = arangoClient.CreateDatabase(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,7 +34,6 @@ func (p *provider) DeleteSession(userId string) error {
|
|||
}
|
||||
cursor, err := p.db.Query(nil, query, bindVars)
|
||||
if err != nil {
|
||||
log.Println("=> error deleting arangodb session:", err)
|
||||
return err
|
||||
}
|
||||
defer cursor.Close()
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
|
|||
}
|
||||
|
||||
if user.Roles == "" {
|
||||
user.Roles = strings.Join(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
}
|
||||
|
||||
user.CreatedAt = time.Now().Unix()
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ type provider struct {
|
|||
|
||||
// NewProvider to initialize mongodb connection
|
||||
func NewProvider() (*provider, error) {
|
||||
mongodbOptions := options.Client().ApplyURI(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL))
|
||||
mongodbOptions := options.Client().ApplyURI(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL))
|
||||
maxWait := time.Duration(5 * time.Second)
|
||||
mongodbOptions.ConnectTimeout = &maxWait
|
||||
mongoClient, err := mongo.NewClient(mongodbOptions)
|
||||
|
|
@ -37,7 +37,7 @@ func NewProvider() (*provider, error) {
|
|||
return nil, err
|
||||
}
|
||||
|
||||
mongodb := mongoClient.Database(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), options.Database())
|
||||
mongodb := mongoClient.Database(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), options.Database())
|
||||
|
||||
mongodb.CreateCollection(ctx, models.Collections.User, options.CreateCollection())
|
||||
userCollection := mongodb.Collection(models.Collections.User, options.Collection())
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
|
|||
}
|
||||
|
||||
if user.Roles == "" {
|
||||
user.Roles = strings.Join(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
}
|
||||
user.CreatedAt = time.Now().Unix()
|
||||
user.UpdatedAt = time.Now().Unix()
|
||||
|
|
|
|||
|
|
@ -41,15 +41,15 @@ func NewProvider() (*provider, error) {
|
|||
TablePrefix: models.Prefix,
|
||||
},
|
||||
}
|
||||
switch envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) {
|
||||
switch envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) {
|
||||
case constants.DbTypePostgres, constants.DbTypeYugabyte:
|
||||
sqlDB, err = gorm.Open(postgres.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
sqlDB, err = gorm.Open(postgres.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
case constants.DbTypeSqlite:
|
||||
sqlDB, err = gorm.Open(sqlite.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
sqlDB, err = gorm.Open(sqlite.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
case constants.DbTypeMysql, constants.DbTypeMariaDB:
|
||||
sqlDB, err = gorm.Open(mysql.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
sqlDB, err = gorm.Open(mysql.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
case constants.DbTypeSqlserver:
|
||||
sqlDB, err = gorm.Open(sqlserver.Open(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
sqlDB, err = gorm.Open(sqlserver.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
|
|||
}
|
||||
|
||||
if user.Roles == "" {
|
||||
user.Roles = strings.Join(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
}
|
||||
|
||||
user.CreatedAt = time.Now().Unix()
|
||||
|
|
|
|||
|
|
@ -32,13 +32,13 @@ func addEmailTemplate(a string, b map[string]interface{}, templateName string) s
|
|||
// SendMail function to send mail
|
||||
func SendMail(to []string, Subject, bodyMessage string) error {
|
||||
m := gomail.NewMessage()
|
||||
m.SetHeader("From", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySenderEmail))
|
||||
m.SetHeader("From", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySenderEmail))
|
||||
m.SetHeader("To", to...)
|
||||
m.SetHeader("Subject", Subject)
|
||||
m.SetBody("text/html", bodyMessage)
|
||||
port, _ := strconv.Atoi(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPort))
|
||||
d := gomail.NewDialer(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpHost), port, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername), envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword))
|
||||
if envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "development" {
|
||||
port, _ := strconv.Atoi(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPort))
|
||||
d := gomail.NewDialer(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpHost), port, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername), envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword))
|
||||
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "development" {
|
||||
d.TLSConfig = &tls.Config{InsecureSkipVerify: true}
|
||||
}
|
||||
if err := d.DialAndSend(m); err != nil {
|
||||
|
|
|
|||
|
|
@ -7,9 +7,9 @@ import (
|
|||
|
||||
// SendForgotPasswordMail to send forgot password email
|
||||
func SendForgotPasswordMail(toEmail, token, hostname string) error {
|
||||
resetPasswordUrl := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
|
||||
resetPasswordUrl := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
|
||||
if resetPasswordUrl == "" {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password")
|
||||
}
|
||||
|
||||
// The receiver needs to be in slice as the receive supports multiple receiver
|
||||
|
|
@ -103,8 +103,8 @@ func SendForgotPasswordMail(toEmail, token, hostname string) error {
|
|||
`
|
||||
|
||||
data := make(map[string]interface{}, 3)
|
||||
data["org_logo"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
|
||||
data["org_name"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
|
||||
data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
|
||||
data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
|
||||
data["verification_url"] = resetPasswordUrl + "?token=" + token
|
||||
message = addEmailTemplate(message, data, "reset_password_email.tmpl")
|
||||
|
||||
|
|
|
|||
|
|
@ -97,8 +97,8 @@ func SendVerificationMail(toEmail, token, hostname string) error {
|
|||
</html>
|
||||
`
|
||||
data := make(map[string]interface{}, 3)
|
||||
data["org_logo"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
|
||||
data["org_name"] = envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
|
||||
data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
|
||||
data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
|
||||
data["verification_url"] = hostname + "/verify_email?token=" + token
|
||||
message = addEmailTemplate(message, data, "verify_email.tmpl")
|
||||
// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
|
||||
|
|
|
|||
19
server/env/env.go
vendored
19
server/env/env.go
vendored
|
|
@ -20,7 +20,10 @@ func InitRequiredEnv() error {
|
|||
envPath := os.Getenv(constants.EnvKeyEnvPath)
|
||||
|
||||
if envPath == "" {
|
||||
envPath = `.env`
|
||||
envPath = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnvPath)
|
||||
if envPath == "" {
|
||||
envPath = `.env`
|
||||
}
|
||||
}
|
||||
|
||||
if envstore.ARG_ENV_FILE != nil && *envstore.ARG_ENV_FILE != "" {
|
||||
|
|
@ -46,7 +49,7 @@ func InitRequiredEnv() error {
|
|||
}
|
||||
}
|
||||
|
||||
if strings.TrimSpace(dbURL) == "" {
|
||||
if strings.TrimSpace(dbURL) == "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL) == "" {
|
||||
if envstore.ARG_DB_URL != nil && *envstore.ARG_DB_URL != "" {
|
||||
dbURL = strings.TrimSpace(*envstore.ARG_DB_URL)
|
||||
}
|
||||
|
|
@ -62,10 +65,10 @@ func InitRequiredEnv() error {
|
|||
}
|
||||
}
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, envPath)
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseURL, dbURL)
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseType, dbType)
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseName, dbName)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, envPath)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseURL, dbURL)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseType, dbType)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseName, dbName)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -75,7 +78,7 @@ func InitAllEnv() error {
|
|||
if err != nil {
|
||||
log.Println("No env data found in db, using local clone of env data")
|
||||
// get clone of current store
|
||||
envData = envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
|
||||
envData = envstore.EnvStoreObj.GetEnvStoreClone()
|
||||
}
|
||||
|
||||
clientID := envData.StringEnv[constants.EnvKeyClientID]
|
||||
|
|
@ -362,6 +365,6 @@ func InitAllEnv() error {
|
|||
envData.StringEnv[constants.EnvKeyOrganizationLogo] = os.Getenv(constants.EnvKeyOrganizationLogo)
|
||||
}
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvStore(envData)
|
||||
envstore.EnvStoreObj.UpdateEnvStore(envData)
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
12
server/env/persist_env.go
vendored
12
server/env/persist_env.go
vendored
|
|
@ -32,7 +32,7 @@ func GetEnvData() (envstore.Store, error) {
|
|||
return result, err
|
||||
}
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
|
||||
b64DecryptedConfig, err := utils.DecryptB64(env.EnvData)
|
||||
if err != nil {
|
||||
return result, err
|
||||
|
|
@ -58,10 +58,10 @@ func PersistEnv() error {
|
|||
if err != nil {
|
||||
// AES encryption needs 32 bit key only, so we chop off last 4 characters from 36 bit uuid
|
||||
hash := uuid.New().String()[:36-4]
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, hash)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, hash)
|
||||
encodedHash := utils.EncryptB64(hash)
|
||||
|
||||
encryptedConfig, err := utils.EncryptEnvData(envstore.EnvInMemoryStoreObj.GetEnvStoreClone())
|
||||
encryptedConfig, err := utils.EncryptEnvData(envstore.EnvStoreObj.GetEnvStoreClone())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -84,7 +84,7 @@ func PersistEnv() error {
|
|||
return err
|
||||
}
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
|
||||
b64DecryptedConfig, err := utils.DecryptB64(env.EnvData)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -163,13 +163,13 @@ func PersistEnv() error {
|
|||
hasChanged = true
|
||||
}
|
||||
}
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvStore(storeData)
|
||||
envstore.EnvStoreObj.UpdateEnvStore(storeData)
|
||||
jwk, err := crypto.GenerateJWKBasedOnEnv()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// updating jwk
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJWK, jwk)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJWK, jwk)
|
||||
|
||||
if hasChanged {
|
||||
encryptedConfig, err := utils.EncryptEnvData(storeData)
|
||||
|
|
|
|||
|
|
@ -22,14 +22,13 @@ type Store struct {
|
|||
SliceEnv map[string][]string `json:"slice_env"`
|
||||
}
|
||||
|
||||
// EnvInMemoryStore struct
|
||||
type EnvInMemoryStore struct {
|
||||
// EnvStore struct
|
||||
type EnvStore struct {
|
||||
mutex sync.Mutex
|
||||
store *Store
|
||||
}
|
||||
|
||||
// EnvInMemoryStoreObj global variable for EnvInMemoryStore
|
||||
var EnvInMemoryStoreObj = &EnvInMemoryStore{
|
||||
var defaultStore = &EnvStore{
|
||||
store: &Store{
|
||||
StringEnv: map[string]string{
|
||||
constants.EnvKeyAdminCookieName: "authorizer-admin",
|
||||
|
|
@ -47,8 +46,11 @@ var EnvInMemoryStoreObj = &EnvInMemoryStore{
|
|||
},
|
||||
}
|
||||
|
||||
// EnvStoreObj.GetBoolStoreEnvVariable global variable for EnvStore
|
||||
var EnvStoreObj = defaultStore
|
||||
|
||||
// UpdateEnvStore to update the whole env store object
|
||||
func (e *EnvInMemoryStore) UpdateEnvStore(store Store) {
|
||||
func (e *EnvStore) UpdateEnvStore(store Store) {
|
||||
e.mutex.Lock()
|
||||
defer e.mutex.Unlock()
|
||||
// just override the keys + new keys
|
||||
|
|
@ -67,7 +69,7 @@ func (e *EnvInMemoryStore) UpdateEnvStore(store Store) {
|
|||
}
|
||||
|
||||
// UpdateEnvVariable to update the particular env variable
|
||||
func (e *EnvInMemoryStore) UpdateEnvVariable(storeIdentifier, key string, value interface{}) {
|
||||
func (e *EnvStore) UpdateEnvVariable(storeIdentifier, key string, value interface{}) {
|
||||
e.mutex.Lock()
|
||||
defer e.mutex.Unlock()
|
||||
switch storeIdentifier {
|
||||
|
|
@ -81,31 +83,37 @@ func (e *EnvInMemoryStore) UpdateEnvVariable(storeIdentifier, key string, value
|
|||
}
|
||||
|
||||
// GetStringStoreEnvVariable to get the env variable from string store object
|
||||
func (e *EnvInMemoryStore) GetStringStoreEnvVariable(key string) string {
|
||||
func (e *EnvStore) GetStringStoreEnvVariable(key string) string {
|
||||
// e.mutex.Lock()
|
||||
// defer e.mutex.Unlock()
|
||||
return e.store.StringEnv[key]
|
||||
}
|
||||
|
||||
// GetBoolStoreEnvVariable to get the env variable from bool store object
|
||||
func (e *EnvInMemoryStore) GetBoolStoreEnvVariable(key string) bool {
|
||||
func (e *EnvStore) GetBoolStoreEnvVariable(key string) bool {
|
||||
// e.mutex.Lock()
|
||||
// defer e.mutex.Unlock()
|
||||
return e.store.BoolEnv[key]
|
||||
}
|
||||
|
||||
// GetSliceStoreEnvVariable to get the env variable from slice store object
|
||||
func (e *EnvInMemoryStore) GetSliceStoreEnvVariable(key string) []string {
|
||||
func (e *EnvStore) GetSliceStoreEnvVariable(key string) []string {
|
||||
// e.mutex.Lock()
|
||||
// defer e.mutex.Unlock()
|
||||
return e.store.SliceEnv[key]
|
||||
}
|
||||
|
||||
// GetEnvStoreClone to get clone of current env store object
|
||||
func (e *EnvInMemoryStore) GetEnvStoreClone() Store {
|
||||
func (e *EnvStore) GetEnvStoreClone() Store {
|
||||
e.mutex.Lock()
|
||||
defer e.mutex.Unlock()
|
||||
|
||||
result := *e.store
|
||||
return result
|
||||
}
|
||||
|
||||
func (e *EnvStore) ResetStore() {
|
||||
e.mutex.Lock()
|
||||
defer e.mutex.Unlock()
|
||||
e.store = defaultStore.store
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ type State struct {
|
|||
func AppHandler() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
hostname := utils.GetHost(c)
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) {
|
||||
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) {
|
||||
c.JSON(400, gin.H{"error": "login page is not enabled"})
|
||||
return
|
||||
}
|
||||
|
|
@ -79,8 +79,8 @@ func AppHandler() gin.HandlerFunc {
|
|||
"data": map[string]string{
|
||||
"authorizerURL": stateObj.AuthorizerURL,
|
||||
"redirectURL": stateObj.RedirectURL,
|
||||
"organizationName": envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName),
|
||||
"organizationLogo": envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo),
|
||||
"organizationName": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName),
|
||||
"organizationLogo": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo),
|
||||
},
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ func DashboardHandler() gin.HandlerFunc {
|
|||
return func(c *gin.Context) {
|
||||
isOnboardingCompleted := false
|
||||
|
||||
if envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret) != "" {
|
||||
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret) != "" {
|
||||
isOnboardingCompleted = true
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ import (
|
|||
func JWKsHandler() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
var data map[string]string
|
||||
jwk := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJWK)
|
||||
jwk := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJWK)
|
||||
err := json.Unmarshal([]byte(jwk), &data)
|
||||
if err != nil {
|
||||
c.JSON(500, gin.H{
|
||||
|
|
|
|||
|
|
@ -74,7 +74,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
|
|||
// make sure inputRoles don't include protected roles
|
||||
hasProtectedRole := false
|
||||
for _, ir := range inputRoles {
|
||||
if utils.StringSliceContains(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ir) {
|
||||
if utils.StringSliceContains(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ir) {
|
||||
hasProtectedRole = true
|
||||
}
|
||||
}
|
||||
|
|
@ -122,7 +122,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
|
|||
// check if it contains protected unassigned role
|
||||
hasProtectedRole := false
|
||||
for _, ur := range unasignedRoles {
|
||||
if utils.StringSliceContains(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) {
|
||||
if utils.StringSliceContains(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) {
|
||||
hasProtectedRole = true
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,14 +33,14 @@ func OAuthLoginHandler() gin.HandlerFunc {
|
|||
|
||||
// use protected roles verification for admin login only.
|
||||
// though if not associated with user, it will be rejected from oauth_callback
|
||||
if !utils.IsValidRoles(append([]string{}, append(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), rolesSplit) {
|
||||
if !utils.IsValidRoles(append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), rolesSplit) {
|
||||
c.JSON(400, gin.H{
|
||||
"error": "invalid role",
|
||||
})
|
||||
return
|
||||
}
|
||||
} else {
|
||||
roles = strings.Join(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",")
|
||||
}
|
||||
|
||||
uuid := uuid.New()
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ import (
|
|||
func OpenIDConfigurationHandler() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
issuer := utils.GetHost(c)
|
||||
jwtType := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
jwtType := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
|
||||
c.JSON(200, gin.H{
|
||||
"issuer": issuer,
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ func main() {
|
|||
envstore.ARG_ENV_FILE = flag.String("env_file", "", "Env file path")
|
||||
flag.Parse()
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyVersion, VERSION)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyVersion, VERSION)
|
||||
|
||||
// initialize required envs (mainly db & env file path)
|
||||
err := env.InitRequiredEnv()
|
||||
|
|
@ -61,5 +61,5 @@ func main() {
|
|||
}
|
||||
|
||||
router := routes.InitRouter()
|
||||
router.Run(":" + envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyPort))
|
||||
router.Run(":" + envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyPort))
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,32 +33,32 @@ var (
|
|||
// InitOAuth initializes the OAuth providers based on EnvData
|
||||
func InitOAuth() error {
|
||||
ctx := context.Background()
|
||||
if envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret) != "" {
|
||||
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret) != "" {
|
||||
p, err := oidc.NewProvider(ctx, "https://accounts.google.com")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
OIDCProviders.GoogleOIDC = p
|
||||
OAuthProviders.GoogleConfig = &oauth2.Config{
|
||||
ClientID: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID),
|
||||
ClientSecret: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret),
|
||||
ClientID: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID),
|
||||
ClientSecret: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret),
|
||||
RedirectURL: "/oauth_callback/google",
|
||||
Endpoint: OIDCProviders.GoogleOIDC.Endpoint(),
|
||||
Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
|
||||
}
|
||||
}
|
||||
if envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID) != "" && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret) != "" {
|
||||
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret) != "" {
|
||||
OAuthProviders.GithubConfig = &oauth2.Config{
|
||||
ClientID: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID),
|
||||
ClientSecret: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret),
|
||||
ClientID: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID),
|
||||
ClientSecret: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret),
|
||||
RedirectURL: "/oauth_callback/github",
|
||||
Endpoint: githubOAuth2.Endpoint,
|
||||
}
|
||||
}
|
||||
if envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID) != "" && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" {
|
||||
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" {
|
||||
OAuthProviders.FacebookConfig = &oauth2.Config{
|
||||
ClientID: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID),
|
||||
ClientSecret: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientSecret),
|
||||
ClientID: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID),
|
||||
ClientSecret: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientSecret),
|
||||
RedirectURL: "/oauth_callback/facebook",
|
||||
Endpoint: facebookOAuth2.Endpoint,
|
||||
Scopes: []string{"public_profile", "email"},
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ func AdminLoginResolver(ctx context.Context, params model.AdminLoginInput) (*mod
|
|||
return res, err
|
||||
}
|
||||
|
||||
adminSecret := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
|
||||
adminSecret := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
|
||||
if params.AdminSecret != adminSecret {
|
||||
return res, fmt.Errorf(`invalid admin secret`)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ func AdminSessionResolver(ctx context.Context) (*model.Response, error) {
|
|||
return res, fmt.Errorf("unauthorized")
|
||||
}
|
||||
|
||||
hashedKey, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
hashedKey, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
if err != nil {
|
||||
return res, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,18 +33,18 @@ func AdminSignupResolver(ctx context.Context, params model.AdminSignupInput) (*m
|
|||
return res, err
|
||||
}
|
||||
|
||||
adminSecret := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
|
||||
adminSecret := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
|
||||
|
||||
if adminSecret != "" {
|
||||
err = fmt.Errorf("admin sign up already completed")
|
||||
return res, err
|
||||
}
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyAdminSecret, params.AdminSecret)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyAdminSecret, params.AdminSecret)
|
||||
// consvert EnvData to JSON
|
||||
var storeData envstore.Store
|
||||
|
||||
jsonBytes, err := json.Marshal(envstore.EnvInMemoryStoreObj.GetEnvStoreClone())
|
||||
jsonBytes, err := json.Marshal(envstore.EnvStoreObj.GetEnvStoreClone())
|
||||
if err != nil {
|
||||
return res, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
|
|||
}
|
||||
|
||||
// get clone of store
|
||||
store := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
|
||||
store := envstore.EnvStoreObj.GetEnvStoreClone()
|
||||
adminSecret := store.StringEnv[constants.EnvKeyAdminSecret]
|
||||
clientID := store.StringEnv[constants.EnvKeyClientID]
|
||||
databaseURL := store.StringEnv[constants.EnvKeyDatabaseURL]
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
|
|||
if err != nil {
|
||||
return res, err
|
||||
}
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
return res, fmt.Errorf(`basic authentication is disabled for this instance`)
|
||||
}
|
||||
params.Email = strings.ToLower(params.Email)
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ func IsValidJwtResolver(ctx context.Context, params *model.IsValidJWTQueryInput)
|
|||
return nil, err
|
||||
}
|
||||
|
||||
claimRoleInterface := claims[envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtRoleClaim)].([]interface{})
|
||||
claimRoleInterface := claims[envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtRoleClaim)].([]interface{})
|
||||
claimRoles := []string{}
|
||||
for _, v := range claimRoleInterface {
|
||||
claimRoles = append(claimRoles, v.(string))
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
|
|||
return res, err
|
||||
}
|
||||
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
return res, fmt.Errorf(`basic authentication is disabled for this instance`)
|
||||
}
|
||||
|
||||
|
|
@ -49,7 +49,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
|
|||
log.Println("compare password error:", err)
|
||||
return res, fmt.Errorf(`invalid password`)
|
||||
}
|
||||
roles := envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
|
||||
roles := envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
|
||||
currentRoles := strings.Split(user.Roles, ",")
|
||||
if len(params.Roles) > 0 {
|
||||
if !utils.IsValidRoles(currentRoles, params.Roles) {
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
|
|||
return res, err
|
||||
}
|
||||
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableMagicLinkLogin) {
|
||||
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableMagicLinkLogin) {
|
||||
return res, fmt.Errorf(`magic link login is disabled for this instance`)
|
||||
}
|
||||
|
||||
|
|
@ -49,13 +49,13 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
|
|||
// define roles for new user
|
||||
if len(params.Roles) > 0 {
|
||||
// check if roles exists
|
||||
if !utils.IsValidRoles(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {
|
||||
if !utils.IsValidRoles(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {
|
||||
return res, fmt.Errorf(`invalid roles`)
|
||||
} else {
|
||||
inputRoles = params.Roles
|
||||
}
|
||||
} else {
|
||||
inputRoles = envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
|
||||
inputRoles = envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
|
||||
}
|
||||
|
||||
user.Roles = strings.Join(inputRoles, ",")
|
||||
|
|
@ -80,7 +80,7 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
|
|||
// check if it contains protected unassigned role
|
||||
hasProtectedRole := false
|
||||
for _, ur := range unasignedRoles {
|
||||
if utils.StringSliceContains(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) {
|
||||
if utils.StringSliceContains(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) {
|
||||
hasProtectedRole = true
|
||||
}
|
||||
}
|
||||
|
|
@ -107,7 +107,7 @@ func MagicLinkLoginResolver(ctx context.Context, params model.MagicLinkLoginInpu
|
|||
}
|
||||
|
||||
hostname := utils.GetHost(gc)
|
||||
if !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
|
||||
if !envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
|
||||
// insert verification request
|
||||
verificationType := constants.VerificationTypeMagicLinkLogin
|
||||
verificationToken, err := token.CreateVerificationToken(params.Email, verificationType, hostname)
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ import (
|
|||
// ResetPasswordResolver is a resolver for reset password mutation
|
||||
func ResetPasswordResolver(ctx context.Context, params model.ResetPasswordInput) (*model.Response, error) {
|
||||
var res *model.Response
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
return res, fmt.Errorf(`basic authentication is disabled for this instance`)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
|
|||
return res, err
|
||||
}
|
||||
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
||||
return res, fmt.Errorf(`basic authentication is disabled for this instance`)
|
||||
}
|
||||
if params.ConfirmPassword != params.Password {
|
||||
|
|
@ -57,13 +57,13 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
|
|||
|
||||
if len(params.Roles) > 0 {
|
||||
// check if roles exists
|
||||
if !utils.IsValidRoles(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {
|
||||
if !utils.IsValidRoles(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), params.Roles) {
|
||||
return res, fmt.Errorf(`invalid roles`)
|
||||
} else {
|
||||
inputRoles = params.Roles
|
||||
}
|
||||
} else {
|
||||
inputRoles = envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
|
||||
inputRoles = envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles)
|
||||
}
|
||||
|
||||
user := models.User{
|
||||
|
|
@ -108,7 +108,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
|
|||
}
|
||||
|
||||
user.SignupMethods = constants.SignupMethodBasicAuth
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
|
||||
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
|
||||
now := time.Now().Unix()
|
||||
user.EmailVerifiedAt = &now
|
||||
}
|
||||
|
|
@ -120,7 +120,7 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
|
|||
userToReturn := user.AsAPIUser()
|
||||
|
||||
hostname := utils.GetHost(gc)
|
||||
if !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
|
||||
if !envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification) {
|
||||
// insert verification request
|
||||
verificationType := constants.VerificationTypeBasicAuthSignup
|
||||
verificationToken, err := token.CreateVerificationToken(params.Email, verificationType, hostname)
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
|||
return res, fmt.Errorf("unauthorized")
|
||||
}
|
||||
|
||||
updatedData := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
|
||||
updatedData := envstore.EnvStoreObj.GetEnvStoreClone()
|
||||
|
||||
isJWTUpdated := false
|
||||
algo := updatedData.StringEnv[constants.EnvKeyJwtType]
|
||||
|
|
@ -111,7 +111,7 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
|||
return res, errors.New("admin secret and old admin secret are required for secret change")
|
||||
}
|
||||
|
||||
if *params.OldAdminSecret != envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret) {
|
||||
if *params.OldAdminSecret != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret) {
|
||||
return res, errors.New("old admin secret is not correct")
|
||||
}
|
||||
|
||||
|
|
@ -176,13 +176,13 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
|||
}
|
||||
|
||||
// Update local store
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvStore(updatedData)
|
||||
envstore.EnvStoreObj.UpdateEnvStore(updatedData)
|
||||
jwk, err := crypto.GenerateJWKBasedOnEnv()
|
||||
if err != nil {
|
||||
return res, err
|
||||
}
|
||||
// updating jwk
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJWK, jwk)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJWK, jwk)
|
||||
err = sessionstore.InitSession()
|
||||
if err != nil {
|
||||
return res, err
|
||||
|
|
@ -199,7 +199,7 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
|||
}
|
||||
|
||||
if params.AdminSecret != nil {
|
||||
hashedKey, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
hashedKey, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
if err != nil {
|
||||
return res, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod
|
|||
inputRoles = append(inputRoles, *item)
|
||||
}
|
||||
|
||||
if !utils.IsValidRoles(inputRoles, append([]string{}, append(envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...)) {
|
||||
if !utils.IsValidRoles(inputRoles, append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...)) {
|
||||
return res, fmt.Errorf("invalid list of roles")
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -24,13 +24,13 @@ func VerifyEmailResolver(ctx context.Context, params model.VerifyEmailInput) (*m
|
|||
|
||||
verificationRequest, err := db.Provider.GetVerificationRequestByToken(params.Token)
|
||||
if err != nil {
|
||||
return res, fmt.Errorf(`invalid token`)
|
||||
return res, fmt.Errorf(`invalid token: %s`, err.Error())
|
||||
}
|
||||
|
||||
// verify if token exists in db
|
||||
claim, err := token.ParseJWTToken(params.Token)
|
||||
if err != nil {
|
||||
return res, fmt.Errorf(`invalid token`)
|
||||
return res, fmt.Errorf(`invalid token: %s`, err.Error())
|
||||
}
|
||||
|
||||
user, err := db.Provider.GetUserByEmail(claim["email"].(string))
|
||||
|
|
|
|||
|
|
@ -120,10 +120,10 @@ func RemoveSocialLoginState(key string) {
|
|||
|
||||
// InitializeSessionStore initializes the SessionStoreObj based on environment variables
|
||||
func InitSession() error {
|
||||
if envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyRedisURL) != "" {
|
||||
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyRedisURL) != "" {
|
||||
log.Println("using redis store to save sessions")
|
||||
|
||||
redisURL := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyRedisURL)
|
||||
redisURL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyRedisURL)
|
||||
redisURLHostPortsList := strings.Split(redisURL, ",")
|
||||
|
||||
if len(redisURLHostPortsList) > 1 {
|
||||
|
|
@ -151,7 +151,7 @@ func InitSession() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
opt, err := redis.ParseURL(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyRedisURL))
|
||||
opt, err := redis.ParseURL(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyRedisURL))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ func adminLoginTests(t *testing.T, s TestSetup) {
|
|||
assert.NotNil(t, err)
|
||||
|
||||
_, err = resolvers.AdminLoginResolver(ctx, model.AdminLoginInput{
|
||||
AdminSecret: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret),
|
||||
AdminSecret: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret),
|
||||
})
|
||||
|
||||
assert.Nil(t, err)
|
||||
|
|
|
|||
|
|
@ -18,9 +18,9 @@ func adminLogoutTests(t *testing.T, s TestSetup) {
|
|||
_, err := resolvers.AdminLogoutResolver(ctx)
|
||||
assert.NotNil(t, err)
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
_, err = resolvers.AdminLogoutResolver(ctx)
|
||||
|
||||
assert.Nil(t, err)
|
||||
|
|
|
|||
|
|
@ -18,9 +18,9 @@ func adminSessionTests(t *testing.T, s TestSetup) {
|
|||
_, err := resolvers.AdminSessionResolver(ctx)
|
||||
assert.NotNil(t, err)
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
_, err = resolvers.AdminSessionResolver(ctx)
|
||||
|
||||
assert.Nil(t, err)
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ func adminSignupTests(t *testing.T, s TestSetup) {
|
|||
|
||||
assert.NotNil(t, err)
|
||||
// reset env for test to pass
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyAdminSecret, "")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyAdminSecret, "")
|
||||
|
||||
_, err = resolvers.AdminSignupResolver(ctx, model.AdminSignupInput{
|
||||
AdminSecret: "admin123",
|
||||
|
|
|
|||
|
|
@ -28,9 +28,9 @@ func deleteUserTest(t *testing.T, s TestSetup) {
|
|||
})
|
||||
assert.NotNil(t, err, "unauthorized")
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
|
||||
_, err = resolvers.DeleteUserResolver(ctx, model.DeleteUserInput{
|
||||
Email: email,
|
||||
|
|
|
|||
|
|
@ -10,15 +10,15 @@ import (
|
|||
)
|
||||
|
||||
func TestEnvs(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, "../../.env.sample")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, "../../.env.sample")
|
||||
env.InitAllEnv()
|
||||
store := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
|
||||
store := envstore.EnvStoreObj.GetEnvStoreClone()
|
||||
|
||||
assert.Equal(t, store.StringEnv[constants.EnvKeyEnv], "production")
|
||||
assert.False(t, store.BoolEnv[constants.EnvKeyDisableEmailVerification])
|
||||
assert.False(t, store.BoolEnv[constants.EnvKeyDisableMagicLinkLogin])
|
||||
assert.False(t, store.BoolEnv[constants.EnvKeyDisableBasicAuthentication])
|
||||
assert.Equal(t, store.StringEnv[constants.EnvKeyJwtType], "HS256")
|
||||
assert.Equal(t, store.StringEnv[constants.EnvKeyJwtType], "RS256")
|
||||
assert.Equal(t, store.StringEnv[constants.EnvKeyJwtRoleClaim], "role")
|
||||
assert.EqualValues(t, store.SliceEnv[constants.EnvKeyRoles], []string{"user"})
|
||||
assert.EqualValues(t, store.SliceEnv[constants.EnvKeyDefaultRoles], []string{"user"})
|
||||
|
|
|
|||
|
|
@ -18,12 +18,12 @@ func envTests(t *testing.T, s TestSetup) {
|
|||
_, err := resolvers.EnvResolver(ctx)
|
||||
assert.NotNil(t, err)
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
res, err := resolvers.EnvResolver(ctx)
|
||||
|
||||
assert.Nil(t, err)
|
||||
assert.Equal(t, *res.AdminSecret, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Equal(t, *res.AdminSecret, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/crypto"
|
||||
"github.com/authorizerdev/authorizer/server/envstore"
|
||||
"github.com/authorizerdev/authorizer/server/token"
|
||||
"github.com/golang-jwt/jwt"
|
||||
|
|
@ -12,24 +13,28 @@ import (
|
|||
)
|
||||
|
||||
func TestJwt(t *testing.T) {
|
||||
// persist older data till test is done and then reset it
|
||||
jwtType := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
publicKey := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)
|
||||
privateKey := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPrivateKey)
|
||||
clientID := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID)
|
||||
claims := jwt.MapClaims{
|
||||
"exp": time.Now().Add(time.Minute * 30).Unix(),
|
||||
"iat": time.Now().Unix(),
|
||||
"email": "test@yopmail.com",
|
||||
"sub": "test",
|
||||
"aud": clientID,
|
||||
}
|
||||
|
||||
// persist older data till test is done and then reset it
|
||||
jwtType := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
jwtSecret := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)
|
||||
|
||||
t.Run("invalid jwt type", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "invalid")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "invalid")
|
||||
token, err := token.SignJWTToken(claims)
|
||||
assert.Error(t, err, "unsupported signing method")
|
||||
assert.Empty(t, token)
|
||||
})
|
||||
t.Run("expired jwt token", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS256")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS256")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtSecret, "test")
|
||||
expiredClaims := jwt.MapClaims{
|
||||
"exp": time.Now().Add(-time.Minute * 30).Unix(),
|
||||
"iat": time.Now().Unix(),
|
||||
|
|
@ -41,8 +46,9 @@ func TestJwt(t *testing.T) {
|
|||
assert.Error(t, err, err.Error(), "Token is expired")
|
||||
})
|
||||
t.Run("HMAC algorithms", func(t *testing.T) {
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtSecret, "test")
|
||||
t.Run("HS256", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS256")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS256")
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -51,7 +57,7 @@ func TestJwt(t *testing.T) {
|
|||
assert.Equal(t, c["email"].(string), claims["email"])
|
||||
})
|
||||
t.Run("HS384", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS384")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS384")
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -60,7 +66,7 @@ func TestJwt(t *testing.T) {
|
|||
assert.Equal(t, c["email"].(string), claims["email"])
|
||||
})
|
||||
t.Run("HS512", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS512")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS512")
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -71,10 +77,12 @@ func TestJwt(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("RSA algorithms", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN RSA PRIVATE KEY-----\nMIICWgIBAAKBgHUQac/v0f3c8m4L9BMWfxBiEzkdV5CoaqfxhO5IwAX/1cs0WceN\njM7g/qzC7YmEOSiYqupiRtsyn6riz0xT/VUg4uv1uZ/muC6EVfOjR5Ack3Brquql\nD+oMxN4CeA0Wzp2dEV4N3Gv7wWHdhg9ZSc4g6+ZUdlkhIPfeO9RNK9pPAgMBAAEC\ngYBqLrIbp0dNQn0vbm48ZhppDNys4L2NfAYKQZs23Aw5JN6Si/CnffBrsk+u+ryl\nEKcb+KaHJQ9qQdfsFAC+FizhMQy0Dq9yw6shnqHX+paB6E6z2/vX8ToPzJRwxBY3\nyuaetCEpSXR7pQEd5YWDTUH7qYnb9FObD+umhVvmlsTHCQJBALagPmexu0DvMXKZ\nWdplik6eXg9lptiuj5MYqitEUyzU9E9HNeHKlZM7szGeWG3jNduoKcyo4M0Flvt9\ncP+soVUCQQCkGOQ5Y3/GoZmclKWMVwqGdmL6wEjhNfg4PRfgUalHBif9Q1KnM8FP\nAvIqIH8bttRfyT185WmaM2gml0ApwF0TAkBVil9QoK4t7xvBKtUsd809n+481gc9\njR4Q70edtoYjBKhejeNOHF7NNPRtNFcFOZybg3v4sc2CGrEqoQoRp+F1AkBeLmMe\nhPrbF/jAI5h4WaSS0/OvExlBGOaj8Hx5pKTRPLlK5I7VpCC4pmoyv3/0ehSd/TQr\nMMhRVlvaeki7Lcq9AkBravJUadVCAIsB6oh03mo8gUFFFqXDyEl6BiJYqrjCQ5wd\nAQYJGbqQvgjPxN9+PTPldDNi6KVXntSg5gF/dA+Z\n-----END RSA PRIVATE KEY-----")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgHUQac/v0f3c8m4L9BMWfxBiEzkd\nV5CoaqfxhO5IwAX/1cs0WceNjM7g/qzC7YmEOSiYqupiRtsyn6riz0xT/VUg4uv1\nuZ/muC6EVfOjR5Ack3BrquqlD+oMxN4CeA0Wzp2dEV4N3Gv7wWHdhg9ZSc4g6+ZU\ndlkhIPfeO9RNK9pPAgMBAAE=\n-----END PUBLIC KEY-----")
|
||||
t.Run("RS256", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS256")
|
||||
_, privateKey, publickKey, _, err := crypto.NewRSAKey("RS256", clientID)
|
||||
assert.NoError(t, err)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS256")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, privateKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, publickKey)
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -83,7 +91,11 @@ func TestJwt(t *testing.T) {
|
|||
assert.Equal(t, c["email"].(string), claims["email"])
|
||||
})
|
||||
t.Run("RS384", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS384")
|
||||
_, privateKey, publickKey, _, err := crypto.NewRSAKey("RS384", clientID)
|
||||
assert.NoError(t, err)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS384")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, privateKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, publickKey)
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -92,7 +104,11 @@ func TestJwt(t *testing.T) {
|
|||
assert.Equal(t, c["email"].(string), claims["email"])
|
||||
})
|
||||
t.Run("RS512", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS512")
|
||||
_, privateKey, publickKey, _, err := crypto.NewRSAKey("RS512", clientID)
|
||||
assert.NoError(t, err)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS512")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, privateKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, publickKey)
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -104,9 +120,11 @@ func TestJwt(t *testing.T) {
|
|||
|
||||
t.Run("ECDSA algorithms", func(t *testing.T) {
|
||||
t.Run("ES256", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN PRIVATE KEY-----\nMIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgevZzL1gdAFr88hb2\nOF/2NxApJCzGCEDdfSp6VQO30hyhRANCAAQRWz+jn65BtOMvdyHKcvjBeBSDZH2r\n1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G\n-----END PRIVATE KEY-----")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEVs/o5+uQbTjL3chynL4wXgUg2R9\nq9UU8I5mEovUf86QZ7kOBIjJwqnzD1omageEHWwHdBO6B+dFabmdT9POxg==\n-----END PUBLIC KEY-----")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES256")
|
||||
_, privateKey, publickKey, _, err := crypto.NewECDSAKey("ES256", clientID)
|
||||
assert.NoError(t, err)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES256")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, privateKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, publickKey)
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -115,9 +133,11 @@ func TestJwt(t *testing.T) {
|
|||
assert.Equal(t, c["email"].(string), claims["email"])
|
||||
})
|
||||
t.Run("ES384", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN PRIVATE KEY-----\nMIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCAHpFQ62QnGCEvYh/p\nE9QmR1C9aLcDItRbslbmhen/h1tt8AyMhskeenT+rAyyPhGhZANiAAQLW5ZJePZz\nMIPAxMtZXkEWbDF0zo9f2n4+T1h/2sh/fviblc/VTyrv10GEtIi5qiOy85Pf1RRw\n8lE5IPUWpgu553SteKigiKLUPeNpbqmYZUkWGh3MLfVzLmx85ii2vMU=\n-----END PRIVATE KEY-----")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEC1uWSXj2czCDwMTLWV5BFmwxdM6PX9p+\nPk9Yf9rIf374m5XP1U8q79dBhLSIuaojsvOT39UUcPJROSD1FqYLued0rXiooIii\n1D3jaW6pmGVJFhodzC31cy5sfOYotrzF\n-----END PUBLIC KEY-----")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES384")
|
||||
_, privateKey, publickKey, _, err := crypto.NewECDSAKey("ES384", clientID)
|
||||
assert.NoError(t, err)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES384")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, privateKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, publickKey)
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -126,9 +146,11 @@ func TestJwt(t *testing.T) {
|
|||
assert.Equal(t, c["email"].(string), claims["email"])
|
||||
})
|
||||
t.Run("ES512", func(t *testing.T) {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN PRIVATE KEY-----\nMIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBiyAa7aRHFDCh2qga\n9sTUGINE5jHAFnmM8xWeT/uni5I4tNqhV5Xx0pDrmCV9mbroFtfEa0XVfKuMAxxf\nZ6LM/yKhgYkDgYYABAGBzgdnP798FsLuWYTDDQA7c0r3BVk8NnRUSexpQUsRilPN\nv3SchO0lRw9Ru86x1khnVDx+duq4BiDFcvlSAcyjLACJvjvoyTLJiA+TQFdmrear\njMiZNE25pT2yWP1NUndJxPcvVtfBW48kPOmvkY4WlqP5bAwCXwbsKrCgk6xbsp12\new==\n-----END PRIVATE KEY-----")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBgc4HZz+/fBbC7lmEww0AO3NK9wVZ\nPDZ0VEnsaUFLEYpTzb90nITtJUcPUbvOsdZIZ1Q8fnbquAYgxXL5UgHMoywAib47\n6MkyyYgPk0BXZq3mq4zImTRNuaU9slj9TVJ3ScT3L1bXwVuPJDzpr5GOFpaj+WwM\nAl8G7CqwoJOsW7Kddns=\n-----END PUBLIC KEY-----")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES512")
|
||||
_, privateKey, publickKey, _, err := crypto.NewECDSAKey("ES512", clientID)
|
||||
assert.NoError(t, err)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES512")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, privateKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, publickKey)
|
||||
jwtToken, err := token.SignJWTToken(claims)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, jwtToken)
|
||||
|
|
@ -138,6 +160,7 @@ func TestJwt(t *testing.T) {
|
|||
})
|
||||
})
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, jwtType)
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtSecret, jwtSecret)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, jwtType)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, publicKey)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, privateKey)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,10 +29,11 @@ func loginTests(t *testing.T, s TestSetup) {
|
|||
assert.NotNil(t, err, "should fail because email is not verified")
|
||||
|
||||
verificationRequest, err := db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeBasicAuthSignup)
|
||||
resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
|
||||
res, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
|
||||
Token: verificationRequest.Token,
|
||||
})
|
||||
|
||||
assert.NoError(t, err)
|
||||
assert.NotNil(t, res)
|
||||
_, err = resolvers.LoginResolver(ctx, model.LoginInput{
|
||||
Email: email,
|
||||
Password: s.TestInfo.Password,
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ func logoutTests(t *testing.T, s TestSetup) {
|
|||
fingerPrintHash, _ := utils.EncryptAES([]byte(fingerPrint))
|
||||
|
||||
token := *verifyRes.AccessToken
|
||||
cookie := fmt.Sprintf("%s=%s;%s=%s;%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", url.QueryEscape(string(fingerPrintHash)), envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", refreshToken, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token)
|
||||
cookie := fmt.Sprintf("%s=%s;%s=%s;%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", url.QueryEscape(string(fingerPrintHash)), envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", refreshToken, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token)
|
||||
|
||||
req.Header.Set("Cookie", cookie)
|
||||
_, err = resolvers.LogoutResolver(ctx)
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ func magicLinkLoginTests(t *testing.T, s TestSetup) {
|
|||
})
|
||||
|
||||
token := *verifyRes.AccessToken
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token))
|
||||
_, err = resolvers.ProfileResolver(ctx)
|
||||
assert.Nil(t, err)
|
||||
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ func profileTests(t *testing.T, s TestSetup) {
|
|||
})
|
||||
|
||||
token := *verifyRes.AccessToken
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token))
|
||||
profileRes, err := resolvers.ProfileResolver(ctx)
|
||||
assert.Nil(t, err)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
package test
|
||||
|
||||
import (
|
||||
"log"
|
||||
"testing"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
|
|
@ -12,28 +11,30 @@ import (
|
|||
|
||||
func TestResolvers(t *testing.T) {
|
||||
databases := map[string]string{
|
||||
constants.DbTypeSqlite: "../../data.db",
|
||||
constants.DbTypeArangodb: "http://localhost:8529",
|
||||
constants.DbTypeMongodb: "mongodb://localhost:27017",
|
||||
constants.DbTypeSqlite: "../../data.db",
|
||||
// constants.DbTypeArangodb: "http://localhost:8529",
|
||||
// constants.DbTypeMongodb: "mongodb://localhost:27017",
|
||||
}
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyVersion, "test")
|
||||
envstore.EnvStoreObj.ResetStore()
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyVersion, "test")
|
||||
for dbType, dbURL := range databases {
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseURL, dbURL)
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseType, dbType)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseURL, dbURL)
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseType, dbType)
|
||||
|
||||
s := testSetup()
|
||||
defer s.Server.Close()
|
||||
|
||||
db.InitDB()
|
||||
|
||||
// clean the persisted config for test to use fresh config
|
||||
envData, err := db.Provider.GetEnv()
|
||||
log.Println("=> envData:", envstore.EnvInMemoryStoreObj.GetEnvStoreClone())
|
||||
if err == nil {
|
||||
envData.EnvData = ""
|
||||
db.Provider.UpdateEnv(envData)
|
||||
}
|
||||
env.InitAllEnv()
|
||||
err = env.InitAllEnv()
|
||||
if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
env.PersistEnv()
|
||||
|
||||
t.Run("should pass tests for "+dbType, func(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ func sessionTests(t *testing.T, s TestSetup) {
|
|||
fingerPrintHash, _ := utils.EncryptAES([]byte(fingerPrint))
|
||||
|
||||
token := *verifyRes.AccessToken
|
||||
cookie := fmt.Sprintf("%s=%s;%s=%s;%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", url.QueryEscape(string(fingerPrintHash)), envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", refreshToken, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token)
|
||||
cookie := fmt.Sprintf("%s=%s;%s=%s;%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".fingerprint", url.QueryEscape(string(fingerPrintHash)), envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".refresh_token", refreshToken, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token)
|
||||
|
||||
req.Header.Set("Cookie", cookie)
|
||||
|
||||
|
|
|
|||
|
|
@ -71,13 +71,15 @@ func testSetup() TestSetup {
|
|||
Password: "test",
|
||||
}
|
||||
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, "../../.env.sample")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpHost, "smtp.yopmail.com")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpPort, "2525")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpUsername, "lakhan@yopmail.com")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpPassword, "test")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySenderEmail, "info@yopmail.com")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyProtectedRoles, []string{"admin"})
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, "../../.env.sample")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpHost, "smtp.yopmail.com")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpPort, "2525")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpUsername, "lakhan@yopmail.com")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySmtpPassword, "test")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeySenderEmail, "info@yopmail.com")
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyProtectedRoles, []string{"admin"})
|
||||
env.InitRequiredEnv()
|
||||
db.InitDB()
|
||||
env.InitAllEnv()
|
||||
sessionstore.InitSession()
|
||||
|
||||
|
|
|
|||
|
|
@ -16,16 +16,16 @@ func updateEnvTests(t *testing.T, s TestSetup) {
|
|||
t.Helper()
|
||||
t.Run(`should update envs`, func(t *testing.T) {
|
||||
req, ctx := createContext(s)
|
||||
originalAppURL := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAppURL)
|
||||
originalAppURL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAppURL)
|
||||
|
||||
data := model.UpdateEnvInput{}
|
||||
_, err := resolvers.UpdateEnvResolver(ctx, data)
|
||||
|
||||
assert.NotNil(t, err)
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
newURL := "https://test.com"
|
||||
disableLoginPage := true
|
||||
allowedOrigins := []string{"http://localhost:8080"}
|
||||
|
|
@ -37,9 +37,9 @@ func updateEnvTests(t *testing.T, s TestSetup) {
|
|||
_, err = resolvers.UpdateEnvResolver(ctx, data)
|
||||
|
||||
assert.Nil(t, err)
|
||||
assert.Equal(t, envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAppURL), newURL)
|
||||
assert.True(t, envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage))
|
||||
assert.Equal(t, envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyAllowedOrigins), allowedOrigins)
|
||||
assert.Equal(t, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAppURL), newURL)
|
||||
assert.True(t, envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage))
|
||||
assert.Equal(t, envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyAllowedOrigins), allowedOrigins)
|
||||
|
||||
disableLoginPage = false
|
||||
data = model.UpdateEnvInput{
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ func updateProfileTests(t *testing.T, s TestSetup) {
|
|||
})
|
||||
|
||||
token := *verifyRes.AccessToken
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+".access_token", token))
|
||||
_, err = resolvers.UpdateProfileResolver(ctx, model.UpdateProfileInput{
|
||||
FamilyName: &fName,
|
||||
})
|
||||
|
|
|
|||
|
|
@ -33,9 +33,9 @@ func updateUserTest(t *testing.T, s TestSetup) {
|
|||
})
|
||||
assert.NotNil(t, err, "unauthorized")
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
|
||||
ID: user.ID,
|
||||
Roles: newRoles,
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@ package test
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"testing"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
|
|
@ -36,13 +35,12 @@ func usersTest(t *testing.T, s TestSetup) {
|
|||
usersRes, err := resolvers.UsersResolver(ctx, pagination)
|
||||
assert.NotNil(t, err, "unauthorized")
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
|
||||
usersRes, err = resolvers.UsersResolver(ctx, pagination)
|
||||
assert.Nil(t, err)
|
||||
log.Println("=> userRes:", usersRes)
|
||||
rLen := len(usersRes.Users)
|
||||
assert.GreaterOrEqual(t, rLen, 1)
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ func TestIsValidEmail(t *testing.T) {
|
|||
func TestIsValidOrigin(t *testing.T) {
|
||||
// don't use portocal(http/https) for ALLOWED_ORIGINS while testing,
|
||||
// as we trim them off while running the main function
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyAllowedOrigins, []string{"localhost:8080", "*.google.com", "*.google.in", "*abc.*"})
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyAllowedOrigins, []string{"localhost:8080", "*.google.com", "*.google.in", "*abc.*"})
|
||||
assert.False(t, utils.IsValidOrigin("http://myapp.com"), "it should be invalid origin")
|
||||
assert.False(t, utils.IsValidOrigin("http://appgoogle.com"), "it should be invalid origin")
|
||||
assert.True(t, utils.IsValidOrigin("http://app.google.com"), "it should be valid origin")
|
||||
|
|
@ -32,7 +32,7 @@ func TestIsValidOrigin(t *testing.T) {
|
|||
assert.True(t, utils.IsValidOrigin("http://xyx.abc.in"), "it should be valid origin")
|
||||
assert.True(t, utils.IsValidOrigin("http://xyxabc.in"), "it should be valid origin")
|
||||
assert.True(t, utils.IsValidOrigin("http://localhost:8080"), "it should be valid origin")
|
||||
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyAllowedOrigins, []string{"*"})
|
||||
envstore.EnvStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyAllowedOrigins, []string{"*"})
|
||||
}
|
||||
|
||||
func TestIsValidIdentifier(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -37,9 +37,9 @@ func verificationRequestsTest(t *testing.T, s TestSetup) {
|
|||
requests, err := resolvers.VerificationRequestsResolver(ctx, pagination)
|
||||
assert.NotNil(t, err, "unauthorized")
|
||||
|
||||
h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
h, err := utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), h))
|
||||
requests, err = resolvers.VerificationRequestsResolver(ctx, pagination)
|
||||
|
||||
assert.Nil(t, err)
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import (
|
|||
|
||||
// CreateAdminAuthToken creates the admin token based on secret key
|
||||
func CreateAdminAuthToken(tokenType string, c *gin.Context) (string, error) {
|
||||
return utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
return utils.EncryptPassword(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
}
|
||||
|
||||
// GetAdminAuthToken helps in getting the admin token from the request cookie
|
||||
|
|
@ -23,7 +23,7 @@ func GetAdminAuthToken(gc *gin.Context) (string, error) {
|
|||
return "", fmt.Errorf("unauthorized")
|
||||
}
|
||||
|
||||
err = bcrypt.CompareHashAndPassword([]byte(token), []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)))
|
||||
err = bcrypt.CompareHashAndPassword([]byte(token), []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)))
|
||||
|
||||
if err != nil {
|
||||
return "", fmt.Errorf(`unauthorized`)
|
||||
|
|
@ -41,7 +41,7 @@ func IsSuperAdmin(gc *gin.Context) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
return secret == envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
|
||||
return secret == envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
|
||||
}
|
||||
|
||||
return token != ""
|
||||
|
|
|
|||
|
|
@ -95,10 +95,10 @@ func CreateAccessToken(user models.User, roles []string) (string, int64, error)
|
|||
var userMap map[string]interface{}
|
||||
json.Unmarshal(userBytes, &userMap)
|
||||
|
||||
claimKey := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtRoleClaim)
|
||||
claimKey := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtRoleClaim)
|
||||
customClaims := jwt.MapClaims{
|
||||
"iss": "",
|
||||
"aud": envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID),
|
||||
"aud": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID),
|
||||
"nonce": "",
|
||||
"sub": user.ID,
|
||||
"exp": expiresAt,
|
||||
|
|
|
|||
|
|
@ -4,13 +4,14 @@ import (
|
|||
"errors"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/crypto"
|
||||
"github.com/authorizerdev/authorizer/server/envstore"
|
||||
"github.com/golang-jwt/jwt"
|
||||
)
|
||||
|
||||
// SignJWTToken common util to sing jwt token
|
||||
func SignJWTToken(claims jwt.MapClaims) (string, error) {
|
||||
jwtType := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
jwtType := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
signingMethod := jwt.GetSigningMethod(jwtType)
|
||||
if signingMethod == nil {
|
||||
return "", errors.New("unsupported signing method")
|
||||
|
|
@ -23,18 +24,19 @@ func SignJWTToken(claims jwt.MapClaims) (string, error) {
|
|||
|
||||
switch signingMethod {
|
||||
case jwt.SigningMethodHS256, jwt.SigningMethodHS384, jwt.SigningMethodHS512:
|
||||
return t.SignedString([]byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)))
|
||||
return t.SignedString([]byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)))
|
||||
case jwt.SigningMethodRS256, jwt.SigningMethodRS384, jwt.SigningMethodRS512:
|
||||
key, err := jwt.ParseRSAPrivateKeyFromPEM([]byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPrivateKey)))
|
||||
key, err := crypto.ParseRsaPrivateKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPrivateKey))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return t.SignedString(key)
|
||||
case jwt.SigningMethodES256, jwt.SigningMethodES384, jwt.SigningMethodES512:
|
||||
key, err := jwt.ParseECPrivateKeyFromPEM([]byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPrivateKey)))
|
||||
key, err := crypto.ParseEcdsaPrivateKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPrivateKey))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return t.SignedString(key)
|
||||
default:
|
||||
return "", errors.New("unsupported signing method")
|
||||
|
|
@ -43,7 +45,7 @@ func SignJWTToken(claims jwt.MapClaims) (string, error) {
|
|||
|
||||
// ParseJWTToken common util to parse jwt token
|
||||
func ParseJWTToken(token string) (jwt.MapClaims, error) {
|
||||
jwtType := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
jwtType := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
|
||||
signingMethod := jwt.GetSigningMethod(jwtType)
|
||||
|
||||
var err error
|
||||
|
|
@ -52,11 +54,11 @@ func ParseJWTToken(token string) (jwt.MapClaims, error) {
|
|||
switch signingMethod {
|
||||
case jwt.SigningMethodHS256, jwt.SigningMethodHS384, jwt.SigningMethodHS512:
|
||||
_, err = jwt.ParseWithClaims(token, &claims, func(token *jwt.Token) (interface{}, error) {
|
||||
return []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)), nil
|
||||
return []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)), nil
|
||||
})
|
||||
case jwt.SigningMethodRS256, jwt.SigningMethodRS384, jwt.SigningMethodRS512:
|
||||
_, err = jwt.ParseWithClaims(token, &claims, func(token *jwt.Token) (interface{}, error) {
|
||||
key, err := jwt.ParseRSAPublicKeyFromPEM([]byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)))
|
||||
key, err := crypto.ParseRsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -64,7 +66,7 @@ func ParseJWTToken(token string) (jwt.MapClaims, error) {
|
|||
})
|
||||
case jwt.SigningMethodES256, jwt.SigningMethodES384, jwt.SigningMethodES512:
|
||||
_, err = jwt.ParseWithClaims(token, &claims, func(token *jwt.Token) (interface{}, error) {
|
||||
key, err := jwt.ParseECPublicKeyFromPEM([]byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)))
|
||||
key, err := crypto.ParseEcdsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ func CreateVerificationToken(email, tokenType, hostname string) (string, error)
|
|||
"token_type": tokenType,
|
||||
"email": email,
|
||||
"host": hostname,
|
||||
"redirect_url": envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAppURL),
|
||||
"redirect_url": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAppURL),
|
||||
}
|
||||
|
||||
return SignJWTToken(claims)
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ func DecryptB64(s string) (string, error) {
|
|||
|
||||
// EncryptAES encrypts data using AES algorithm
|
||||
func EncryptAES(text []byte) ([]byte, error) {
|
||||
key := []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
|
||||
key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
|
||||
c, err := aes.NewCipher(key)
|
||||
var res []byte
|
||||
if err != nil {
|
||||
|
|
@ -63,7 +63,7 @@ func EncryptAES(text []byte) ([]byte, error) {
|
|||
|
||||
// DecryptAES decrypts data using AES algorithm
|
||||
func DecryptAES(ciphertext []byte) ([]byte, error) {
|
||||
key := []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
|
||||
key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
|
||||
c, err := aes.NewCipher(key)
|
||||
var res []byte
|
||||
if err != nil {
|
||||
|
|
@ -96,14 +96,14 @@ func EncryptEnvData(data envstore.Store) (string, error) {
|
|||
return "", err
|
||||
}
|
||||
|
||||
envStoreObj := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
|
||||
storeData := envstore.EnvStoreObj.GetEnvStoreClone()
|
||||
|
||||
err = json.Unmarshal(jsonBytes, &envStoreObj)
|
||||
err = json.Unmarshal(jsonBytes, &storeData)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
configData, err := json.Marshal(envStoreObj)
|
||||
configData, err := json.Marshal(storeData)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,13 +9,13 @@ import (
|
|||
// GetMeta helps in getting the meta data about the deployment from EnvData
|
||||
func GetMetaInfo() model.Meta {
|
||||
return model.Meta{
|
||||
Version: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyVersion),
|
||||
ClientID: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID),
|
||||
IsGoogleLoginEnabled: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret) != "",
|
||||
IsGithubLoginEnabled: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID) != "" && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret) != "",
|
||||
IsFacebookLoginEnabled: envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID) != "" && envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientSecret) != "",
|
||||
IsBasicAuthenticationEnabled: !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication),
|
||||
IsEmailVerificationEnabled: !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification),
|
||||
IsMagicLinkLoginEnabled: !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableMagicLinkLogin),
|
||||
Version: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyVersion),
|
||||
ClientID: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID),
|
||||
IsGoogleLoginEnabled: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret) != "",
|
||||
IsGithubLoginEnabled: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret) != "",
|
||||
IsFacebookLoginEnabled: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientSecret) != "",
|
||||
IsBasicAuthenticationEnabled: !envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication),
|
||||
IsEmailVerificationEnabled: !envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableEmailVerification),
|
||||
IsMagicLinkLoginEnabled: !envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableMagicLinkLogin),
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
package utils
|
||||
|
||||
import (
|
||||
"log"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
|
|
@ -15,7 +14,6 @@ func GetHost(c *gin.Context) string {
|
|||
scheme = "http"
|
||||
}
|
||||
host := c.Request.Host
|
||||
log.Println("=> host:", scheme+"://"+host)
|
||||
return scheme + "://" + host
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ func IsValidEmail(email string) bool {
|
|||
|
||||
// IsValidOrigin validates origin based on ALLOWED_ORIGINS
|
||||
func IsValidOrigin(url string) bool {
|
||||
allowedOrigins := envstore.EnvInMemoryStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyAllowedOrigins)
|
||||
allowedOrigins := envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyAllowedOrigins)
|
||||
if len(allowedOrigins) == 1 && allowedOrigins[0] == "*" {
|
||||
return true
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user