👽 Format and update exist domains due InideAuth spec changes
This commit is contained in:
parent
7069f63a72
commit
bdd633bc8d
GPG Key ID:
1F14E25B7C119FC5
|
|
@ -1,9 +1,9 @@
|
|||
package domain
|
||||
|
||||
type App struct {
|
||||
Name []string
|
||||
Logo []*URL
|
||||
URL []*URL
|
||||
Name []string
|
||||
}
|
||||
|
||||
// GetName safe returns first name, if any.
|
||||
|
|
@ -12,16 +12,16 @@ func (a App) GetName() string {
|
|||
return ""
|
||||
}
|
||||
|
||||
return a.Name[len(a.Name)-1]
|
||||
return a.Name[0]
|
||||
}
|
||||
|
||||
// GetURL safe returns first uRL, if any.
|
||||
// GetURL safe returns first URL, if any.
|
||||
func (a App) GetURL() *URL {
|
||||
if len(a.URL) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
return a.URL[len(a.URL)-1]
|
||||
return a.URL[0]
|
||||
}
|
||||
|
||||
// GetLogo safe returns first logo, if any.
|
||||
|
|
@ -30,5 +30,5 @@ func (a App) GetLogo() *URL {
|
|||
return nil
|
||||
}
|
||||
|
||||
return a.Logo[len(a.Logo)-1]
|
||||
return a.Logo[0]
|
||||
}
|
||||
|
|
|
|||
|
|
@ -96,7 +96,7 @@ func (c Client) GetName() string {
|
|||
return c.Name[0]
|
||||
}
|
||||
|
||||
// GetURL safe returns first uRL, if any.
|
||||
// GetURL safe returns first URL, if any.
|
||||
func (c Client) GetURL() *URL {
|
||||
if len(c.URL) == 0 {
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -48,16 +48,16 @@ type (
|
|||
}
|
||||
|
||||
ConfigJWT struct {
|
||||
Expiry time.Duration `yaml:"expiry"` // 1h
|
||||
Expiry time.Duration `yaml:"expiry"` // 1h
|
||||
Algorithm string `yaml:"algorithm"` // HS256
|
||||
Secret string `yaml:"secret"`
|
||||
Algorithm string `yaml:"algorithm"` // HS256
|
||||
NonceLength int `yaml:"nonceLength"` // 22
|
||||
}
|
||||
|
||||
ConfigIndieAuth struct {
|
||||
Enabled bool `yaml:"enabled"` // true
|
||||
Username string `yaml:"username"`
|
||||
Password string `yaml:"password"`
|
||||
Username string `yaml:"username"`
|
||||
Enabled bool `yaml:"enabled"` // true
|
||||
}
|
||||
|
||||
ConfigTicketAuth struct {
|
||||
|
|
@ -66,14 +66,14 @@ type (
|
|||
}
|
||||
|
||||
ConfigRelMeAuth struct {
|
||||
Enabled bool `yaml:"enabled"` // true
|
||||
Providers []ConfigRelMeAuthProvider `yaml:"providers"`
|
||||
Enabled bool `yaml:"enabled"` // true
|
||||
}
|
||||
|
||||
ConfigRelMeAuthProvider struct {
|
||||
Type string `yaml:"type"`
|
||||
ID string `yaml:"id"`
|
||||
Secret string `yaml:"secret"`
|
||||
Type string `yaml:"type"`
|
||||
}
|
||||
)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
//nolint: dupl
|
||||
package domain
|
||||
|
||||
import (
|
||||
|
|
@ -19,6 +18,7 @@ type GrantType struct {
|
|||
var (
|
||||
GrantTypeUndefined = GrantType{uid: ""}
|
||||
GrantTypeAuthorizationCode = GrantType{uid: "authorization_code"}
|
||||
GrantTypeRefreshToken = GrantType{uid: "refresh_token"}
|
||||
|
||||
// TicketAuth extension.
|
||||
GrantTypeTicket = GrantType{uid: "ticket"}
|
||||
|
|
@ -30,13 +30,17 @@ var ErrGrantTypeUnknown error = NewError(
|
|||
"",
|
||||
)
|
||||
|
||||
//nolint: gochecknoglobals // maps cannot be constants
|
||||
var uidsGrantTypes = map[string]GrantType{
|
||||
GrantTypeAuthorizationCode.uid: GrantTypeAuthorizationCode,
|
||||
GrantTypeRefreshToken.uid: GrantTypeRefreshToken,
|
||||
GrantTypeTicket.uid: GrantTypeTicket,
|
||||
}
|
||||
|
||||
// ParseGrantType parse grant_type value as GrantType struct enum.
|
||||
func ParseGrantType(uid string) (GrantType, error) {
|
||||
switch strings.ToLower(uid) {
|
||||
case GrantTypeAuthorizationCode.uid:
|
||||
return GrantTypeAuthorizationCode, nil
|
||||
case GrantTypeTicket.uid:
|
||||
return GrantTypeTicket, nil
|
||||
if grantType, ok := uidsGrantTypes[strings.ToLower(uid)]; ok {
|
||||
return grantType, nil
|
||||
}
|
||||
|
||||
return GrantTypeUndefined, fmt.Errorf("%w: %s", ErrGrantTypeUnknown, uid)
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@ package domain
|
|||
|
||||
import "testing"
|
||||
|
||||
//nolint: tagliatelle // https://indieauth.net/source/#indieauth-server-metadata
|
||||
type Metadata struct {
|
||||
// The server's issuer identifier. The issuer identifier is a URL that
|
||||
// uses the "https" scheme and has no query or fragment components. The
|
||||
|
|
@ -12,55 +11,66 @@ type Metadata struct {
|
|||
// issuer URL could be https://example.com/, or for a metadata URL of
|
||||
// https://example.com/wp-json/indieauth/1.0/metadata, the issuer URL
|
||||
// could be https://example.com/wp-json/indieauth/1.0
|
||||
Issuer *ClientID `json:"issuer"`
|
||||
Issuer *ClientID
|
||||
|
||||
// The Authorization Endpoint.
|
||||
AuthorizationEndpoint *URL `json:"authorization_endpoint"`
|
||||
AuthorizationEndpoint *URL
|
||||
|
||||
// The Token Endpoint.
|
||||
TokenEndpoint *URL `json:"token_endpoint"`
|
||||
TokenEndpoint *URL
|
||||
|
||||
// JSON array containing scope values supported by the IndieAuth server.
|
||||
// Servers MAY choose not to advertise some supported scope values even
|
||||
// when this parameter is used.
|
||||
ScopesSupported Scopes `json:"scopes_supported,omitempty"`
|
||||
// The Ticket Endpoint.
|
||||
TicketEndpoint *URL
|
||||
|
||||
// JSON array containing the response_type values supported. This
|
||||
// differs from RFC8414 in that this parameter is OPTIONAL and that, if
|
||||
// omitted, the default is code.
|
||||
ResponseTypesSupported []ResponseType `json:"response_types_supported,omitempty"`
|
||||
// The Micropub Endpoint.
|
||||
MicropubEndpoint *URL
|
||||
|
||||
// JSON array containing grant type values supported. If omitted, the
|
||||
// default value differs from RFC8414 and is authorization_code.
|
||||
GrantTypesSupported []GrantType `json:"grant_types_supported,omitempty"`
|
||||
// The Microsub Endpoint.
|
||||
MicrosubEndpoint *URL
|
||||
|
||||
// The Introspection Endpoint.
|
||||
IntrospectionEndpoint *URL
|
||||
|
||||
// The Revocation Endpoint.
|
||||
RevocationEndpoint *URL
|
||||
|
||||
// The User Info Endpoint.
|
||||
UserinfoEndpoint *URL
|
||||
|
||||
// URL of a page containing human-readable information that developers
|
||||
// might need to know when using the server. This might be a link to the
|
||||
// IndieAuth spec or something more personal to your implementation.
|
||||
ServiceDocumentation *URL `json:"service_documentation,omitempty"`
|
||||
ServiceDocumentation *URL
|
||||
|
||||
// JSON array containing scope values supported by the IndieAuth server.
|
||||
// Servers MAY choose not to advertise some supported scope values even
|
||||
// when this parameter is used.
|
||||
ScopesSupported Scopes
|
||||
|
||||
// JSON array containing the response_type values supported. This
|
||||
// differs from RFC8414 in that this parameter is OPTIONAL and that, if
|
||||
// omitted, the default is code.
|
||||
ResponseTypesSupported []ResponseType
|
||||
|
||||
// JSON array containing grant type values supported. If omitted, the
|
||||
// default value differs from RFC8414 and is authorization_code.
|
||||
GrantTypesSupported []GrantType
|
||||
|
||||
// JSON array containing the methods supported for PKCE. This parameter
|
||||
// parameter differs from RFC8414 in that it is not optional as PKCE is
|
||||
// REQUIRED.
|
||||
CodeChallengeMethodsSupported []CodeChallengeMethod `json:"code_challenge_methods_supported"`
|
||||
CodeChallengeMethodsSupported []CodeChallengeMethod
|
||||
|
||||
// List of client authentication methods supported by this introspection endpoint.
|
||||
IntrospectionEndpointAuthMethodsSupported []string // ["Bearer"]
|
||||
|
||||
RevocationEndpointAuthMethodsSupported []string // ["none"]
|
||||
|
||||
// Boolean parameter indicating whether the authorization server
|
||||
// provides the iss parameter. If omitted, the default value is false.
|
||||
// As the iss parameter is REQUIRED, this is provided for compatibility
|
||||
// with OAuth 2.0 servers implementing the parameter.
|
||||
AuthorizationResponseIssParameterSupported bool `json:"authorization_response_iss_parameter_supported,omitempty"` //nolint: lll
|
||||
|
||||
// The Ticket Endpoint.
|
||||
// WARN(toby3d): experimental
|
||||
TicketEndpoint *URL `json:"ticket_endpoint,omitempty"`
|
||||
|
||||
// The Micropub Endpoint.
|
||||
// WARN(toby3d): experimental
|
||||
Micropub *URL `json:"micropub,omitempty"`
|
||||
|
||||
// The Microsub Endpoint.
|
||||
// WARN(toby3d): experimental
|
||||
Microsub *URL `json:"microsub,omitempty"`
|
||||
AuthorizationResponseIssParameterSupported bool
|
||||
}
|
||||
|
||||
// TestMetadata returns valid random generated Metadata for tests.
|
||||
|
|
@ -71,6 +81,13 @@ func TestMetadata(tb testing.TB) *Metadata {
|
|||
Issuer: TestClientID(tb),
|
||||
AuthorizationEndpoint: TestURL(tb, "https://indieauth.example.com/auth"),
|
||||
TokenEndpoint: TestURL(tb, "https://indieauth.example.com/token"),
|
||||
TicketEndpoint: TestURL(tb, "https://auth.example.org/ticket"),
|
||||
MicropubEndpoint: TestURL(tb, "https://micropub.example.com/"),
|
||||
MicrosubEndpoint: TestURL(tb, "https://microsub.example.com/"),
|
||||
IntrospectionEndpoint: TestURL(tb, "https://indieauth.example.com/introspect"),
|
||||
RevocationEndpoint: TestURL(tb, "https://indieauth.example.com/revocation"),
|
||||
UserinfoEndpoint: TestURL(tb, "https://indieauth.example.com/userinfo"),
|
||||
ServiceDocumentation: TestURL(tb, "https://indieauth.net/draft/"),
|
||||
ScopesSupported: Scopes{
|
||||
ScopeBlock,
|
||||
ScopeChannels,
|
||||
|
|
@ -93,7 +110,6 @@ func TestMetadata(tb testing.TB) *Metadata {
|
|||
GrantTypeAuthorizationCode,
|
||||
GrantTypeTicket,
|
||||
},
|
||||
ServiceDocumentation: TestURL(tb, "https://indieauth.net/draft/"),
|
||||
CodeChallengeMethodsSupported: []CodeChallengeMethod{
|
||||
CodeChallengeMethodMD5,
|
||||
CodeChallengeMethodPLAIN,
|
||||
|
|
@ -101,9 +117,8 @@ func TestMetadata(tb testing.TB) *Metadata {
|
|||
CodeChallengeMethodS256,
|
||||
CodeChallengeMethodS512,
|
||||
},
|
||||
IntrospectionEndpointAuthMethodsSupported: []string{"Bearer"},
|
||||
RevocationEndpointAuthMethodsSupported: []string{"none"},
|
||||
AuthorizationResponseIssParameterSupported: true,
|
||||
TicketEndpoint: TestURL(tb, "https://auth.example.org/ticket"),
|
||||
Micropub: TestURL(tb, "https://example.com/micropub"),
|
||||
Microsub: TestURL(tb, "https://example.com/microsub"),
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,8 +10,9 @@ type Session struct {
|
|||
ClientID *ClientID
|
||||
RedirectURI *URL
|
||||
Me *Me
|
||||
CodeChallengeMethod CodeChallengeMethod
|
||||
Profile *Profile
|
||||
Scope Scopes
|
||||
CodeChallengeMethod CodeChallengeMethod
|
||||
CodeChallenge string
|
||||
Code string
|
||||
}
|
||||
|
|
@ -31,6 +32,7 @@ func TestSession(tb testing.TB) *Session {
|
|||
Code: code,
|
||||
CodeChallenge: "hackme",
|
||||
CodeChallengeMethod: CodeChallengeMethodPLAIN,
|
||||
Profile: TestProfile(tb),
|
||||
Me: TestMe(tb, "https://user.example.net/"),
|
||||
RedirectURI: TestURL(tb, "https://example.com/callback"),
|
||||
Scope: Scopes{
|
||||
|
|
|
|||
|
|
@ -5,14 +5,14 @@ import (
|
|||
)
|
||||
|
||||
type Ticket struct {
|
||||
// A random string that can be redeemed for an access token.
|
||||
Ticket string
|
||||
|
||||
// The access token will work at this URL.
|
||||
Resource *URL
|
||||
|
||||
// The access token should be used when acting on behalf of this URL.
|
||||
Subject *Me
|
||||
|
||||
// A random string that can be redeemed for an access token.
|
||||
Ticket string
|
||||
}
|
||||
|
||||
// TestTicket returns valid random generated ticket for tests.
|
||||
|
|
|
|||
|
|
@ -20,8 +20,8 @@ func TestUser(tb testing.TB) *User {
|
|||
tb.Helper()
|
||||
|
||||
return &User{
|
||||
Me: TestMe(tb, "https://user.example.net/"),
|
||||
Profile: TestProfile(tb),
|
||||
Me: TestMe(tb, "https://user.example.net/"),
|
||||
AuthorizationEndpoint: TestURL(tb, "https://example.org/auth"),
|
||||
IndieAuthMetadata: TestURL(tb, "https://example.org/.well-known/oauth-authorization-server"),
|
||||
Micropub: TestURL(tb, "https://microsub.example.org/"),
|
||||
|
|
|
|||
Loading…
Reference in New Issue