From e21982350b7df782d4c0a52a59798def54c9269a Mon Sep 17 00:00:00 2001 From: DROGOU Laurent Date: Tue, 26 Jan 2021 23:32:57 +0100 Subject: [PATCH] ajout de la redirection vers l'affichage des tokens --- .gitignore | 4 +- model/oauth.go | 5 +- routes.auth.go | 179 +++++++++++++++++++++++++++++++++++++++---------- routes.go | 1 + server.go | 54 --------------- store/store.go | 5 +- 6 files changed, 153 insertions(+), 95 deletions(-) diff --git a/.gitignore b/.gitignore index d7b759a..baa6d28 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ .DS_Store -auth.db -goauth20 \ No newline at end of file +goauth20 +oauth.db \ No newline at end of file diff --git a/model/oauth.go b/model/oauth.go index 0d75e36..6da8277 100644 --- a/model/oauth.go +++ b/model/oauth.go @@ -5,11 +5,12 @@ import "fmt" type Oauth struct { ID int64 `db:"id"` AccessToken string `db:"access_token"` + TokenType string `db:"token_type"` ExpireIN int `db:"expire_in"` RefreshToken string `db:"refreh_token"` } func (o Oauth) String() string { - return fmt.Sprintf("id=%v, accessToken=%v, expireIN=%v, refreshToken=%v", - o.ID, o.AccessToken, o.ExpireIN, o.RefreshToken) + return fmt.Sprintf("id=%v, accessToken=%v, tokenType=%v, expireIN=%v, refreshToken=%v", + o.ID, o.AccessToken, o.TokenType, o.ExpireIN, o.RefreshToken) } diff --git a/routes.auth.go b/routes.auth.go index 71315cf..a1c338c 100644 --- a/routes.auth.go +++ b/routes.auth.go @@ -9,29 +9,32 @@ import ( "net/http" "net/url" "strconv" + "strings" "time" "github.com/dgrijalva/jwt-go" + "github.com/ldrogou/goauth20/model" templateoauth "github.com/ldrogou/goauth20/templateOAuth" ) -type JsonToken struct { - clientID string `json:"client_id"` - clientSecret string `json:"client_secret"` - grantType string `json:"grant_type"` - redirectURI string `json:"redirect_uri"` - code string `json:"code"` +//JSONToken json token +type JSONToken struct { + ClientID string `json:"client_id"` + ClientSecret string `json:"client_secret"` + GrantType string `json:"grant_type"` + RedirectURI string `json:"redirect_uri"` + Code string `json:"code"` } -type token struct { - accessToken string `json:"access_token"` - tokenType string `json:"token_type"` - expiresIn int `json:"expires_in"` - refreshToken string `json:"refresh_token"` +//Token token +type Token struct { + AccessToken string `json:"access_token"` + TokenType string `json:"token_type"` + ExpiresIn int `json:"expires_in"` + RefreshToken string `json:"refresh_token"` } -// Create a struct that will be encoded to a JWT. -// We add jwt.StandardClaims as an embedded type, to provide fields like expiry time +//Claim claims to export type Claims struct { Sub string `json:"sub"` IDEntreprise string `json:"idEntreprise"` @@ -42,17 +45,28 @@ type Claims struct { func (s *server) handleIndex() http.HandlerFunc { return func(rw http.ResponseWriter, r *http.Request) { + + err := s.store.DeleteOauth() + if err != nil { + fmt.Printf("erreur à la récupération des paramètres %v", err) + } + + err = s.store.DeleteParam() + if err != nil { + fmt.Printf("erreur à la récupération des paramètres %v", err) + } + rw.Header().Set("Content-Type", "text/html") rw.WriteHeader(http.StatusOK) t, err := template.New("test").Parse(templateoauth.TemplateIndex) if err != nil { - fmt.Errorf("erreur suivante %v", err) + fmt.Printf("erreur suivante %v", err) } err = t.Execute(rw, nil) if err != nil { - fmt.Errorf("erreur suivante %v", err) + fmt.Printf("erreur suivante %v", err) } } @@ -85,10 +99,10 @@ func (s *server) handleLocal() http.HandlerFunc { } // Declare the token with the algorithm used for signing, and the claims - tokenstr := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) + ts := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) // Create the JWT string - tokenString, err := tokenstr.SignedString(jwtKey) + at, err := ts.SignedString(jwtKey) if err != nil { log.Printf("erreur %v", err) // If there is an error in creating the JWT return an internal server error @@ -96,7 +110,22 @@ func (s *server) handleLocal() http.HandlerFunc { return } - s.responseFile(rw, r, tokenString, http.StatusOK) + // Puis redisrect vers page resultat + o := &model.Oauth{ + ID: 0, + AccessToken: at, + TokenType: "bearer", + ExpireIN: -1, + RefreshToken: "", + } + err = s.store.CreateOauth(o) + if err != nil { + fmt.Printf("erreur suivante %v", err) + } + + rj := "http://localhost:8080/jwt" + http.Redirect(rw, r, rj, http.StatusMovedPermanently) + } } @@ -106,7 +135,8 @@ func (s *server) handleOAuth20() http.HandlerFunc { d := r.FormValue("domain") ci := r.FormValue("clientId") - s := r.FormValue("scopes") + cs := r.FormValue("clientSecret") + sc := r.FormValue("scopes") cc := r.FormValue("currentCompany") if len(cc) == 0 { cc = "false" @@ -114,8 +144,22 @@ func (s *server) handleOAuth20() http.HandlerFunc { cc = "true" } + // Insert en base de données + p := &model.Param{ + ID: 0, + Domaine: d, + ClientID: ci, + ClientSecret: cs, + GrantType: "authorization_code", + } + + err := s.store.CreateParam(p) + if err != nil { + fmt.Printf("erreur suivante %v", err) + } + rhttp := "https://" + d + "/entreprise-partenaire/authorize?client_id=" + ci + - "&scope=" + s + + "&scope=" + sc + "¤t_company=" + cc + "&redirect_uri=http://localhost:8080/oauth/redirect" + "&abort_uri=http://localhost:8080/index" @@ -129,15 +173,19 @@ func (s *server) handleRedirect() http.HandlerFunc { return func(rw http.ResponseWriter, r *http.Request) { codes, _ := r.URL.Query()["code"] - jsonStr := constJsonToken(codes[0]) + p, err := s.store.GetParam() + if err != nil { + fmt.Printf("erreur à la recupération des param (err=%v)", err) + } + jsonStr := constJSONToken(codes[0], p) - apiURL := "https://api.captation.beta.rca.fr/auth/v1/oauth2.0/accessToken" + apiURL := "https://api." + p.Domaine + "/auth/v1/oauth2.0/accessToken" data := url.Values{} - data.Set("client_id", jsonStr.clientID) - data.Set("client_secret", jsonStr.clientSecret) - data.Set("grant_type", jsonStr.grantType) - data.Set("redirect_uri", jsonStr.redirectURI) - data.Set("code", jsonStr.code) + data.Set("client_id", jsonStr.ClientID) + data.Set("client_secret", jsonStr.ClientSecret) + data.Set("grant_type", jsonStr.GrantType) + data.Set("redirect_uri", jsonStr.RedirectURI) + data.Set("code", jsonStr.Code) client := &http.Client{} req, err := http.NewRequest("POST", apiURL, bytes.NewBufferString(data.Encode())) @@ -167,17 +215,78 @@ func (s *server) handleRedirect() http.HandlerFunc { return } - s.responseFile(rw, r, t["access_token"], http.StatusOK) + // Insert en base de données + o := &model.Oauth{ + ID: 0, + AccessToken: t["access_token"].(string), + TokenType: t["type_token"].(string), + ExpireIN: t["expire_in"].(int), + RefreshToken: t["refresh-token"].(string), + } + err = s.store.CreateOauth(o) + if err != nil { + fmt.Printf("erreur suivante %v", err) + } + // Puis redisrect vers page resultat + rj := "http://localhost:8080/jwt" + http.Redirect(rw, r, rj, http.StatusMovedPermanently) } } -func constJsonToken(code string) JsonToken { - return JsonToken{ - clientID: "meg-test-interne", - clientSecret: "YNVZF88dD4vny59k", - grantType: "authorization_code", - redirectURI: "http://localhost:8080/callback", - code: code, +func (s *server) handleJSONWebToken() http.HandlerFunc { + return func(rw http.ResponseWriter, r *http.Request) { + rw.Header().Set("Content-Type", "text/html") + rw.WriteHeader(http.StatusOK) + + t, err := template.New("test").Parse(templateoauth.TemplateIndex) + if err != nil { + fmt.Printf("erreur suivante %v", err) + } + + oauth, _ := s.store.GetOauth() + tokenVal := oauth.AccessToken + + fmt.Println("============") + fmt.Println(tokenVal) + fmt.Println("============") + + tableau := strings.Split(tokenVal, ".") + header, err := jwt.DecodeSegment(tableau[0]) + if err != nil { + fmt.Printf("Impossible de décoder le header. (err=%v)", err) + } + payload, err := jwt.DecodeSegment(tableau[1]) + if err != nil { + fmt.Printf("Impossible de décoder le payload. (err=%v)", err) + } + + //t := template.New("mon template") + t, err = template.New("Resultat").Parse(templateoauth.Resultat) + if err != nil { + fmt.Printf("erreur suivante %v", err) + } + + f := File{ + JwtProduce: tokenVal, + Header: string(header), + Payload: string(payload), + Sign: tableau[2], + } + + err = t.Execute(rw, f) + if err != nil { + fmt.Printf("erreur suivante %v", err) + } + } +} + +func constJSONToken(code string, param *model.Param) JSONToken { + return JSONToken{ + ClientID: param.ClientID, + ClientSecret: param.ClientSecret, + GrantType: param.GrantType, + RedirectURI: "http://localhost:8080/oauth/redirect", + Code: code, } } diff --git a/routes.go b/routes.go index fe52cca..513e712 100644 --- a/routes.go +++ b/routes.go @@ -5,5 +5,6 @@ func (s *server) routes() { s.router.HandleFunc("/oauth/redirect", s.handleRedirect()).Methods("GET") s.router.HandleFunc("/local", s.handleLocal()).Methods("POST") s.router.HandleFunc("/oauth20", s.handleOAuth20()).Methods("POST") + s.router.HandleFunc("/jwt", s.handleJSONWebToken()).Methods("GET") } diff --git a/server.go b/server.go index 5d8702b..b1fa64f 100644 --- a/server.go +++ b/server.go @@ -2,17 +2,11 @@ package main import ( "encoding/json" - "fmt" - "html/template" "log" "net/http" - "strings" - "github.com/dgrijalva/jwt-go" "github.com/gorilla/mux" - "github.com/ldrogou/goauth20/model" "github.com/ldrogou/goauth20/store" - templateoauth "github.com/ldrogou/goauth20/templateOAuth" ) type server struct { @@ -55,54 +49,6 @@ func (s *server) response(rw http.ResponseWriter, _ *http.Request, data interfac } -func (s *server) responseFile(rw http.ResponseWriter, _ *http.Request, data interface{}, status int) error { - rw.Header().Set("Content-Type", "text/html") - rw.WriteHeader(status) - - tokenVal := data.(string) - - tableau := strings.Split(tokenVal, ".") - header, err := jwt.DecodeSegment(tableau[0]) - if err != nil { - return fmt.Errorf("Impossible de décoder le header. (err=%v)", err) - } - payload, err := jwt.DecodeSegment(tableau[1]) - if err != nil { - return fmt.Errorf("Impossible de décoder le payload. (err=%v)", err) - } - - //t := template.New("mon template") - t, err := template.New("Resultat").Parse(templateoauth.Resultat) - if err != nil { - return fmt.Errorf("erreur suivante %v", err) - } - - f := File{ - JwtProduce: tokenVal, - Header: string(header), - Payload: string(payload), - Sign: tableau[2], - } - - o := &model.Oauth{ - ID: 0, - AccessToken: tokenVal, - ExpireIN: 180, - RefreshToken: "eeeee", - } - err = s.store.CreateOauth(o) - if err != nil { - fmt.Printf("erreur suivante %v", err) - } - - err = t.Execute(rw, f) - if err != nil { - return fmt.Errorf("erreur suivante %v", err) - } - - return nil -} - func (s *server) decode(rw http.ResponseWriter, r *http.Request, v interface{}) error { return json.NewDecoder(r.Body).Decode(v) diff --git a/store/store.go b/store/store.go index 41944ce..d5c1b6a 100644 --- a/store/store.go +++ b/store/store.go @@ -30,6 +30,7 @@ CREATE TABLE IF NOT EXISTS oauth ( id INTEGER PRIMARY KEY AUTOINCREMENT, access_token TEXT, + token_type TEXT, expire_in INTEGER, refresh_token TEXT ) @@ -86,7 +87,7 @@ func (store *DbStore) CreateOauth(o *model.Oauth) error { } func (store *DbStore) DeleteOauth() error { - _, err := store.db.Exec("DELETE TABLE oauth", nil) + _, err := store.db.Exec("DELETE FROM oauth", nil) if err != nil { return err } @@ -116,7 +117,7 @@ func (store *DbStore) CreateParam(p *model.Param) error { } func (store *DbStore) DeleteParam() error { - _, err := store.db.Exec("DELETE TABLE param", nil) + _, err := store.db.Exec("DELETE FROM param", nil) if err != nil { return err }