admingit/oauth20
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

changement de port d'écoute et ajout des scopes

Browse Source
This commit is contained in:
Laurent Drogou
2021-02-06 17:33:12 +01:00
parent 6d4795b0a6
commit 6041afc4f6
6 changed files with 44 additions and 308 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
main.go
View File

@@ -30,9 +30,9 @@ func run() error {
http.HandleFunc("/", srv.serveHTTP) http.HandleFunc("/", srv.serveHTTP)
port := 8080 port := 8090
log.Printf("servering http port %v", port) log.Printf("servering http port %v", port)
err = http.ListenAndServe(":8080", nil) err = http.ListenAndServe(":8090", nil)
if err != nil { if err != nil {
return err return err
} }

33
routes.auth.go
View File

@@ -40,6 +40,7 @@ type Claims struct {
Sub string `json:"sub"` Sub string `json:"sub"`
IDEntreprise string `json:"idEntreprise"` IDEntreprise string `json:"idEntreprise"`
RcaPartnerID string `json:"rcaPartnerId"` RcaPartnerID string `json:"rcaPartnerId"`
Scopes []string `json:"scopes"`
Roles []string `json:"roles"` Roles []string `json:"roles"`
jwt.StandardClaims jwt.StandardClaims
} }
@@ -68,32 +69,36 @@ func (s *server) handleLocal() http.HandlerFunc {
sub := r.FormValue("sub") sub := r.FormValue("sub")
idEntreprise := r.FormValue("id_entreprise") idEntreprise := r.FormValue("id_entreprise")
rcaPartnerID := r.FormValue("rcaPartnerId") rcaPartnerID := r.FormValue("rcaPartnerId")
var jwtKey = []byte(r.FormValue("secret")) jwtKey := r.FormValue("secret")
scopes := r.FormValue("scopes")
roles := r.FormValue("roles")
var sc []string
sc = append(sc, scopes)
rs := strings.Fields(roles)
// Declare the expiration time of the token // Declare the expiration time of the token
// here, we have kept it as 5 minutes // here, we have kept it as 5 minutes
expirationTime := time.Now().Add(5 * time.Hour) expirationTime := time.Now().Add(5 * time.Hour)
roles := []string{"RCA_CLOUD_EXPERT_COMPTABLE",
"E_COLLECTE_BO_CREA",
"E_CREATION_CREA",
"E_QUESTIONNAIRE_CREA"}
// Create the JWT claims, which includes the username and expiry time // Create the JWT claims, which includes the username and expiry time
claims := &Claims{ claims := &Claims{
Sub: sub, Sub: sub,
IDEntreprise: idEntreprise, IDEntreprise: idEntreprise,
RcaPartnerID: rcaPartnerID, RcaPartnerID: rcaPartnerID,
Roles: roles, Roles: rs,
Scopes: sc,
StandardClaims: jwt.StandardClaims{ StandardClaims: jwt.StandardClaims{
// In JWT, the expiry time is expressed as unix milliseconds // In JWT, the expiry time is expressed as unix milliseconds
ExpiresAt: expirationTime.Unix(), ExpiresAt: expirationTime.Unix(),
}, },
} }
secretBase64, err := jwt.DecodeSegment(jwtKey)
// Declare the token with the algorithm used for signing, and the claims // Declare the token with the algorithm used for signing, and the claims
ts := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) ts := jwt.NewWithClaims(jwt.SigningMethodHS512, claims)
at, err := ts.SignedString(secretBase64)
// Create the JWT string // Create the JWT string
at, err := ts.SignedString(jwtKey)
if err != nil { if err != nil {
log.Printf("erreur %v", err) log.Printf("erreur %v", err)
// If there is an error in creating the JWT return an internal server error // If there is an error in creating the JWT return an internal server error
@@ -116,7 +121,7 @@ func (s *server) handleLocal() http.HandlerFunc {
monID := strconv.Itoa(int(o.ID)) monID := strconv.Itoa(int(o.ID))
// Puis redisrect vers page resultat // Puis redisrect vers page resultat
rj := "http://localhost:8080/jwt?model=" + monID rj := "http://localhost:8090/jwt?model=" + monID
http.Redirect(rw, r, rj, http.StatusMovedPermanently) http.Redirect(rw, r, rj, http.StatusMovedPermanently)
} }
@@ -163,8 +168,8 @@ func (s *server) handleOAuth20() http.HandlerFunc {
rhttp := "https://" + d + "/entreprise-partenaire/authorize?client_id=" + ci + rhttp := "https://" + d + "/entreprise-partenaire/authorize?client_id=" + ci +
"&scope=" + sc + "&scope=" + sc +
"&current_company=" + cc + "&current_company=" + cc +
"&redirect_uri=http://localhost:8080/oauth/redirect%3Fstate=" + st + "&redirect_uri=http://localhost:8090/oauth/redirect%3Fstate=" + st +
"&abort_uri=http://localhost:8080/index" "&abort_uri=http://localhost:8090/index"
http.Redirect(rw, r, rhttp, http.StatusMovedPermanently) http.Redirect(rw, r, rhttp, http.StatusMovedPermanently)
} }
@@ -239,7 +244,7 @@ func (s *server) handleRedirect() http.HandlerFunc {
monID := strconv.Itoa(int(o.ID)) monID := strconv.Itoa(int(o.ID))
// Puis redisrect vers page resultat // Puis redisrect vers page resultat
rj := "http://localhost:8080/jwt?model=" + monID rj := "http://localhost:8090/jwt?model=" + monID
http.Redirect(rw, r, rj, http.StatusMovedPermanently) http.Redirect(rw, r, rj, http.StatusMovedPermanently)
} }
} }
@@ -300,7 +305,7 @@ func constJSONToken(code, state string, param *model.Param) JSONToken {
ClientID: param.ClientID, ClientID: param.ClientID,
ClientSecret: param.ClientSecret, ClientSecret: param.ClientSecret,
GrantType: param.GrantType, GrantType: param.GrantType,
RedirectURI: "http://localhost:8080/oauth/redirect%3Fstate=" + state, RedirectURI: "http://localhost:8090/oauth/redirect%3Fstate=" + state,
Code: code, Code: code,
} }
} }

72
templateOAuth/index.go
View File

@@ -16,64 +16,12 @@ var TemplateIndex = `<!DOCTYPE html>
<script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js"></script> <script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js"></script>
<script> <script>
function base64url(source) {
// Encode in classical base64
encodedSource = CryptoJS.enc.Base64.stringify(source);
// Remove padding equal characters
encodedSource = encodedSource.replace(/=+$/, '');
// Replace characters according to base64url specifications
encodedSource = encodedSource.replace(/\+/g, '-');
encodedSource = encodedSource.replace(/\//g, '_');
return encodedSource;
}
function generateToken(form) { function generateToken(form) {
var form = document.getElementById(form); var form = document.getElementById(form);
form.submit(); form.submit();
//window.location = 'https://captation.beta.rca.fr/entreprise-partenaire/authorize?client_id=meg-test-interne&scope=user.read company.read accounting_firm.read sales&current_company=true&redirect_uri=http://localhost:8080/oauth/redirect'
} }
function generate() {
var header = {
"alg": "HS512"
};
var data = {
"sub": document.getElementById('sub').value,
"exp": Math.floor(Date.now() / 1000) + 6 * 30 * 24 * 3600,
"roles": [
"RCA_CLOUD_EXPERT_COMPTABLE",
"E_COLLECTE_BO_CREA",
"E_CREATION_CREA",
"E_QUESTIONNAIRE_CREA"
],
"id_entreprise": document.getElementById('id_entreprise').value,
"rcaPartnerId": document.getElementById('rcaPartnerId').value
};
var secret = document.getElementById('secret').value;
secret = CryptoJS.enc.Base64.parse(secret);
var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header));
var encodedHeader = base64url(stringifiedHeader);
var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data));
var encodedData = base64url(stringifiedData);
var signature = encodedHeader + "." + encodedData;
signature = CryptoJS.HmacSHA512(signature, secret);
signature = base64url(signature);
document.getElementById('jwt').value = encodedHeader + "." + encodedData + "." + signature;
M.updateTextFields();
M.textareaAutoResize(document.getElementById('jwt'));
}
</script> </script>
</head> </head>
@@ -87,21 +35,35 @@ var TemplateIndex = `<!DOCTYPE html>
<div class="row"> <div class="row">
<div class="input-field col s12"> <div class="input-field col s12">
<i class="material-icons prefix">account_circle</i> <i class="material-icons prefix">account_circle</i>
<input type="text" id="sub" name="sub" value="mbola.randriamamonjisoa+ec@rca.fr"> <input type="text" id="sub" name="sub" value="localhost+ec@rca.fr">
<label for="name">Subject :</label> <label for="name">Subject :</label>
</div> </div>
</div> </div>
<div class="row"> <div class="row">
<div class="input-field col s12"> <div class="input-field col s12">
<i class="material-icons prefix">account_balance</i> <i class="material-icons prefix">account_balance</i>
<input type="text" id="id_entreprise" name="id_entreprise" value="85422"> <input type="text" id="id_entreprise" name="id_entreprise" value="1">
<label for="name">Id entreprise :</label> <label for="name">Id entreprise :</label>
</div> </div>
</div> </div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">fiber_pin</i>
<input type="text" id="scopes" name="scopes" value="purchase">
<label for="name">Scopes :</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">fiber_pin</i>
<input type="text" id="roles" name="roles" value="RCA_CLOUD_EXPERT_COMPTABLE E_COLLECTE_BO_CREA E_CREATION_CREA E_QUESTIONNAIRE_CREA">
<label for="name">Roles :</label>
</div>
</div>
<div class="row"> <div class="row">
<div class="input-field col s12"> <div class="input-field col s12">
<i class="material-icons prefix">account_balance</i> <i class="material-icons prefix">account_balance</i>
<input type="text" id="rcaPartnerId" name="rcaPartnerId" value="agora-expert"> <input type="text" id="rcaPartnerId" name="rcaPartnerId" value="meg-test-interne">
<label for="name" >ID partenaire RCA :</label> <label for="name" >ID partenaire RCA :</label>
</div> </div>
</div> </div>

166
templateOAuth/jwt.html
View File

@@ -1,166 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<title>RCA JWT API</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js"></script>
<script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/hmac-sha512.js"></script>
<script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js"></script>
<script>
function base64url(source) {
// Encode in classical base64
encodedSource = CryptoJS.enc.Base64.stringify(source);
// Remove padding equal characters
encodedSource = encodedSource.replace(/=+$/, '');
// Replace characters according to base64url specifications
encodedSource = encodedSource.replace(/\+/g, '-');
encodedSource = encodedSource.replace(/\//g, '_');
return encodedSource;
}
function generateToken(form) {
var form = document.getElementById(form);
form.submit();
//window.location = 'https://captation.beta.rca.fr/entreprise-partenaire/authorize?client_id=meg-test-interne&scope=user.read company.read accounting_firm.read sales&current_company=true&redirect_uri=http://localhost:8080/oauth/redirect'
}
function generate() {
var header = {
"alg": "HS512"
};
var data = {
"sub": document.getElementById('sub').value,
"exp": Math.floor(Date.now() / 1000) + 6 * 30 * 24 * 3600,
"roles": [
"RCA_CLOUD_EXPERT_COMPTABLE",
"E_COLLECTE_BO_CREA",
"E_CREATION_CREA",
"E_QUESTIONNAIRE_CREA"
],
"id_entreprise": document.getElementById('id_entreprise').value,
"rcaPartnerId": document.getElementById('rcaPartnerId').value
};
var secret = document.getElementById('secret').value;
secret = CryptoJS.enc.Base64.parse(secret);
var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header));
var encodedHeader = base64url(stringifiedHeader);
var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data));
var encodedData = base64url(stringifiedData);
var signature = encodedHeader + "." + encodedData;
signature = CryptoJS.HmacSHA512(signature, secret);
signature = base64url(signature);
document.getElementById('jwt').value = encodedHeader + "." + encodedData + "." + signature;
M.updateTextFields();
M.textareaAutoResize(document.getElementById('jwt'));
}
</script>
</head>
<body>
<div>
<h1 class="center-align">JWT</h1>
</div>
<div class="container">
<div class="row">
<form class="col s6 light-blue lighten-5" id="formLocal" method="post" action="/local">
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">account_circle</i>
<input type="text" id="sub" name="sub" value="mbola.randriamamonjisoa+ec@rca.fr">
<label for="name">Subject :</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">account_balance</i>
<input type="text" id="id_entreprise" name="id_entreprise" value="85422">
<label for="name">Id entreprise :</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">account_balance</i>
<input type="text" id="rcaPartnerId" name="rcaPartnerId" value="agora-expert">
<label for="name" >ID partenaire RCA :</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">fiber_pin</i>
<input type="text" id="secret" name="secret" value="XXXXXXX">
<label for="name">Secret :</label>
</div>
</div>
<div class="row">
<a class="waves-effect waves-light btn" onclick="generateToken('formLocal');"><i
class="material-icons left">cloud</i>Local</a>
</div>
</form>
<form class="col s6 light-green lighten-5" id="formOAtuh20" method="post" action="/oauth20">
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">account_balance</i>
<input type="text" id="domain" name="domain" value="captation.beta.rca.fr">
<label for="name">Domaine :</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">account_balance</i>
<input type="text" id="clientId" name="clientId" value="meg-test-interne">
<label for="name">Client Id :</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">account_balance</i>
<input type="text" id="clientSecret" name="clientSecret" value="xxxxxxxx">
<label for="name">Client Secret :</label>
</div>
</div>
<div class="row">
<div class="input-field col s12">
<i class="material-icons prefix">account_balance</i>
<input type="text" id="scopes" name="scopes" value="user">
<label for="name">Scopes</label>
</div>
</div>
<div class="row">
<div class="checkbox col s12">
<label>
<input type="checkbox" id="currentCompany" name="currentCompany" checked="checked" />
<span>Company courante</span>
</label>
</div>
</div>
<div class="row">
<a class="waves-effect waves-light btn" onclick="generateToken('formOAtuh20');"><i
class="material-icons left">cloud</i>OAuth2.0</a>
</div>
</form>
</div>
</div>
</body>
</html>

8
templateOAuth/resultat.go
View File

@@ -27,10 +27,10 @@ var Resultat = `<!DOCTYPE html>
<h1 class="center-align">Composition</h1> <h1 class="center-align">Composition</h1>
</div> </div>
<div class="container"> <div class="container">
<a class="waves-effect waves-light btn" onclick="copy('{{.JwtProduce }}');" > <a class="waves-effect waves-light btn tooltipped" data-tooltip="Copy" onclick="copy('{{.JwtProduce }}');" >
<i class="material-icons center">content_copy</i> <i class="material-icons center">content_copy</i>
</a> </a>
<a class="waves-effect waves-light btn" onclick="copy('{{.JwtProduce }}');" > <a class="waves-effect waves-light btn tooltipped" data-tooltip="Refresh" onclick="copy('{{.JwtProduce }}');" >
<i class="material-icons left bottom">refresh</i>Refresh Token <i class="material-icons left bottom">refresh</i>Refresh Token
</a> </a>
<div class="row"> <div class="row">
@@ -73,7 +73,11 @@ var Resultat = `<!DOCTYPE html>
document.addEventListener('DOMContentLoaded', function () { document.addEventListener('DOMContentLoaded', function () {
var elems = document.querySelectorAll('.collapsible'); var elems = document.querySelectorAll('.collapsible');
var instances = M.Collapsible.init(elems, {}); var instances = M.Collapsible.init(elems, {});
var elemsTt = document.querySelectorAll('.tooltipped');
var instancesTt = M.Tooltip.init(elemsTt, {});
}); });
</script> </script>
</html>` </html>`

69
templateOAuth/resultat.html
View File

@@ -1,69 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<title>RCA JWT API</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js"></script>
<script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/hmac-sha512.js"></script>
<script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js"></script>
</head>
<body>
<div>
<h1 class="center-align">Composition</h1>
</div>
<div class="container">
<div class="row">
<a class="waves-effect waves-light btn" onClick="{() => {navigator.clipboard.writeText(`{{.JwtProduce }}`)}}" >
<i class="material-icons left">content_copy</i>
</a>
<div class="light-blue lighten-5 col s5">
<span style="width:300px; word-wrap:break-word; display:inline-block;">
{{.JwtProduce }}
</span>
</div>
<div class="col s7">
<ul class="collapsible collapsible-accordion">
<li>
<div class="collapsible-header"><i class="material-icons">filter_drama</i>header</div>
<div class="collapsible-body" ><pre id="header"></pre></div>
</li>
<li class="active">
<div class="collapsible-header"><i class="material-icons">place</i>payload</div>
<div class="collapsible-body"><pre id="payload"></pre></div>
</li>
<li>
<div class="collapsible-header"><i class="material-icons">whatshot</i>signature</div>
<div class="collapsible-body"><span>Lorem ipsum dolor sit amet.</span></div>
</li>
</ul>
</div>
</div>
</div>
</body>
<script>
let headerGO = JSON.parse('{{.Header}}')
let payloadGo = JSON.parse('{{.Payload}}')
var headerJson = JSON.stringify(headerGO, null, 4)
var payloadJson = JSON.stringify(payloadGo, null, 4)
document.getElementById("header").innerHTML = "<pre>" + headerJson + "</pre>"
document.getElementById("payload").innerHTML = "<pre>" + payloadJson + "</pre>"
document.addEventListener('DOMContentLoaded', function () {
var elems = document.querySelectorAll('.collapsible');
var instances = M.Collapsible.init(elems, {});
});
</script>
</html>