From bdd633bc8d30f770e684efbfedf2a5046d14f347 Mon Sep 17 00:00:00 2001 From: Maxim Lebedev Date: Thu, 17 Feb 2022 20:12:34 +0500 Subject: [PATCH] :alien: Format and update exist domains due InideAuth spec changes --- internal/domain/app.go | 10 ++--- internal/domain/client.go | 2 +- internal/domain/config.go | 12 ++--- internal/domain/grant_type.go | 16 ++++--- internal/domain/metadata.go | 83 +++++++++++++++++++++-------------- internal/domain/session.go | 4 +- internal/domain/ticket.go | 6 +-- internal/domain/user.go | 2 +- 8 files changed, 78 insertions(+), 57 deletions(-) diff --git a/internal/domain/app.go b/internal/domain/app.go index 55b267c..751119d 100644 --- a/internal/domain/app.go +++ b/internal/domain/app.go @@ -1,9 +1,9 @@ package domain type App struct { - Name []string Logo []*URL URL []*URL + Name []string } // GetName safe returns first name, if any. @@ -12,16 +12,16 @@ func (a App) GetName() string { return "" } - return a.Name[len(a.Name)-1] + return a.Name[0] } -// GetURL safe returns first uRL, if any. +// GetURL safe returns first URL, if any. func (a App) GetURL() *URL { if len(a.URL) == 0 { return nil } - return a.URL[len(a.URL)-1] + return a.URL[0] } // GetLogo safe returns first logo, if any. @@ -30,5 +30,5 @@ func (a App) GetLogo() *URL { return nil } - return a.Logo[len(a.Logo)-1] + return a.Logo[0] } diff --git a/internal/domain/client.go b/internal/domain/client.go index ba4a629..936dcb1 100644 --- a/internal/domain/client.go +++ b/internal/domain/client.go @@ -96,7 +96,7 @@ func (c Client) GetName() string { return c.Name[0] } -// GetURL safe returns first uRL, if any. +// GetURL safe returns first URL, if any. func (c Client) GetURL() *URL { if len(c.URL) == 0 { return nil diff --git a/internal/domain/config.go b/internal/domain/config.go index 3933b21..210ee4e 100644 --- a/internal/domain/config.go +++ b/internal/domain/config.go @@ -48,16 +48,16 @@ type ( } ConfigJWT struct { - Expiry time.Duration `yaml:"expiry"` // 1h + Expiry time.Duration `yaml:"expiry"` // 1h + Algorithm string `yaml:"algorithm"` // HS256 Secret string `yaml:"secret"` - Algorithm string `yaml:"algorithm"` // HS256 NonceLength int `yaml:"nonceLength"` // 22 } ConfigIndieAuth struct { - Enabled bool `yaml:"enabled"` // true - Username string `yaml:"username"` Password string `yaml:"password"` + Username string `yaml:"username"` + Enabled bool `yaml:"enabled"` // true } ConfigTicketAuth struct { @@ -66,14 +66,14 @@ type ( } ConfigRelMeAuth struct { - Enabled bool `yaml:"enabled"` // true Providers []ConfigRelMeAuthProvider `yaml:"providers"` + Enabled bool `yaml:"enabled"` // true } ConfigRelMeAuthProvider struct { - Type string `yaml:"type"` ID string `yaml:"id"` Secret string `yaml:"secret"` + Type string `yaml:"type"` } ) diff --git a/internal/domain/grant_type.go b/internal/domain/grant_type.go index c1595e2..fdded31 100644 --- a/internal/domain/grant_type.go +++ b/internal/domain/grant_type.go @@ -1,4 +1,3 @@ -//nolint: dupl package domain import ( @@ -19,6 +18,7 @@ type GrantType struct { var ( GrantTypeUndefined = GrantType{uid: ""} GrantTypeAuthorizationCode = GrantType{uid: "authorization_code"} + GrantTypeRefreshToken = GrantType{uid: "refresh_token"} // TicketAuth extension. GrantTypeTicket = GrantType{uid: "ticket"} @@ -30,13 +30,17 @@ var ErrGrantTypeUnknown error = NewError( "", ) +//nolint: gochecknoglobals // maps cannot be constants +var uidsGrantTypes = map[string]GrantType{ + GrantTypeAuthorizationCode.uid: GrantTypeAuthorizationCode, + GrantTypeRefreshToken.uid: GrantTypeRefreshToken, + GrantTypeTicket.uid: GrantTypeTicket, +} + // ParseGrantType parse grant_type value as GrantType struct enum. func ParseGrantType(uid string) (GrantType, error) { - switch strings.ToLower(uid) { - case GrantTypeAuthorizationCode.uid: - return GrantTypeAuthorizationCode, nil - case GrantTypeTicket.uid: - return GrantTypeTicket, nil + if grantType, ok := uidsGrantTypes[strings.ToLower(uid)]; ok { + return grantType, nil } return GrantTypeUndefined, fmt.Errorf("%w: %s", ErrGrantTypeUnknown, uid) diff --git a/internal/domain/metadata.go b/internal/domain/metadata.go index 3707bf4..8f46c5f 100644 --- a/internal/domain/metadata.go +++ b/internal/domain/metadata.go @@ -2,7 +2,6 @@ package domain import "testing" -//nolint: tagliatelle // https://indieauth.net/source/#indieauth-server-metadata type Metadata struct { // The server's issuer identifier. The issuer identifier is a URL that // uses the "https" scheme and has no query or fragment components. The @@ -12,55 +11,66 @@ type Metadata struct { // issuer URL could be https://example.com/, or for a metadata URL of // https://example.com/wp-json/indieauth/1.0/metadata, the issuer URL // could be https://example.com/wp-json/indieauth/1.0 - Issuer *ClientID `json:"issuer"` + Issuer *ClientID // The Authorization Endpoint. - AuthorizationEndpoint *URL `json:"authorization_endpoint"` + AuthorizationEndpoint *URL // The Token Endpoint. - TokenEndpoint *URL `json:"token_endpoint"` + TokenEndpoint *URL - // JSON array containing scope values supported by the IndieAuth server. - // Servers MAY choose not to advertise some supported scope values even - // when this parameter is used. - ScopesSupported Scopes `json:"scopes_supported,omitempty"` + // The Ticket Endpoint. + TicketEndpoint *URL - // JSON array containing the response_type values supported. This - // differs from RFC8414 in that this parameter is OPTIONAL and that, if - // omitted, the default is code. - ResponseTypesSupported []ResponseType `json:"response_types_supported,omitempty"` + // The Micropub Endpoint. + MicropubEndpoint *URL - // JSON array containing grant type values supported. If omitted, the - // default value differs from RFC8414 and is authorization_code. - GrantTypesSupported []GrantType `json:"grant_types_supported,omitempty"` + // The Microsub Endpoint. + MicrosubEndpoint *URL + + // The Introspection Endpoint. + IntrospectionEndpoint *URL + + // The Revocation Endpoint. + RevocationEndpoint *URL + + // The User Info Endpoint. + UserinfoEndpoint *URL // URL of a page containing human-readable information that developers // might need to know when using the server. This might be a link to the // IndieAuth spec or something more personal to your implementation. - ServiceDocumentation *URL `json:"service_documentation,omitempty"` + ServiceDocumentation *URL + + // JSON array containing scope values supported by the IndieAuth server. + // Servers MAY choose not to advertise some supported scope values even + // when this parameter is used. + ScopesSupported Scopes + + // JSON array containing the response_type values supported. This + // differs from RFC8414 in that this parameter is OPTIONAL and that, if + // omitted, the default is code. + ResponseTypesSupported []ResponseType + + // JSON array containing grant type values supported. If omitted, the + // default value differs from RFC8414 and is authorization_code. + GrantTypesSupported []GrantType // JSON array containing the methods supported for PKCE. This parameter // parameter differs from RFC8414 in that it is not optional as PKCE is // REQUIRED. - CodeChallengeMethodsSupported []CodeChallengeMethod `json:"code_challenge_methods_supported"` + CodeChallengeMethodsSupported []CodeChallengeMethod + + // List of client authentication methods supported by this introspection endpoint. + IntrospectionEndpointAuthMethodsSupported []string // ["Bearer"] + + RevocationEndpointAuthMethodsSupported []string // ["none"] // Boolean parameter indicating whether the authorization server // provides the iss parameter. If omitted, the default value is false. // As the iss parameter is REQUIRED, this is provided for compatibility // with OAuth 2.0 servers implementing the parameter. - AuthorizationResponseIssParameterSupported bool `json:"authorization_response_iss_parameter_supported,omitempty"` //nolint: lll - - // The Ticket Endpoint. - // WARN(toby3d): experimental - TicketEndpoint *URL `json:"ticket_endpoint,omitempty"` - - // The Micropub Endpoint. - // WARN(toby3d): experimental - Micropub *URL `json:"micropub,omitempty"` - - // The Microsub Endpoint. - // WARN(toby3d): experimental - Microsub *URL `json:"microsub,omitempty"` + AuthorizationResponseIssParameterSupported bool } // TestMetadata returns valid random generated Metadata for tests. @@ -71,6 +81,13 @@ func TestMetadata(tb testing.TB) *Metadata { Issuer: TestClientID(tb), AuthorizationEndpoint: TestURL(tb, "https://indieauth.example.com/auth"), TokenEndpoint: TestURL(tb, "https://indieauth.example.com/token"), + TicketEndpoint: TestURL(tb, "https://auth.example.org/ticket"), + MicropubEndpoint: TestURL(tb, "https://micropub.example.com/"), + MicrosubEndpoint: TestURL(tb, "https://microsub.example.com/"), + IntrospectionEndpoint: TestURL(tb, "https://indieauth.example.com/introspect"), + RevocationEndpoint: TestURL(tb, "https://indieauth.example.com/revocation"), + UserinfoEndpoint: TestURL(tb, "https://indieauth.example.com/userinfo"), + ServiceDocumentation: TestURL(tb, "https://indieauth.net/draft/"), ScopesSupported: Scopes{ ScopeBlock, ScopeChannels, @@ -93,7 +110,6 @@ func TestMetadata(tb testing.TB) *Metadata { GrantTypeAuthorizationCode, GrantTypeTicket, }, - ServiceDocumentation: TestURL(tb, "https://indieauth.net/draft/"), CodeChallengeMethodsSupported: []CodeChallengeMethod{ CodeChallengeMethodMD5, CodeChallengeMethodPLAIN, @@ -101,9 +117,8 @@ func TestMetadata(tb testing.TB) *Metadata { CodeChallengeMethodS256, CodeChallengeMethodS512, }, + IntrospectionEndpointAuthMethodsSupported: []string{"Bearer"}, + RevocationEndpointAuthMethodsSupported: []string{"none"}, AuthorizationResponseIssParameterSupported: true, - TicketEndpoint: TestURL(tb, "https://auth.example.org/ticket"), - Micropub: TestURL(tb, "https://example.com/micropub"), - Microsub: TestURL(tb, "https://example.com/microsub"), } } diff --git a/internal/domain/session.go b/internal/domain/session.go index f03c575..d42441d 100644 --- a/internal/domain/session.go +++ b/internal/domain/session.go @@ -10,8 +10,9 @@ type Session struct { ClientID *ClientID RedirectURI *URL Me *Me - CodeChallengeMethod CodeChallengeMethod + Profile *Profile Scope Scopes + CodeChallengeMethod CodeChallengeMethod CodeChallenge string Code string } @@ -31,6 +32,7 @@ func TestSession(tb testing.TB) *Session { Code: code, CodeChallenge: "hackme", CodeChallengeMethod: CodeChallengeMethodPLAIN, + Profile: TestProfile(tb), Me: TestMe(tb, "https://user.example.net/"), RedirectURI: TestURL(tb, "https://example.com/callback"), Scope: Scopes{ diff --git a/internal/domain/ticket.go b/internal/domain/ticket.go index e246301..63289a2 100644 --- a/internal/domain/ticket.go +++ b/internal/domain/ticket.go @@ -5,14 +5,14 @@ import ( ) type Ticket struct { - // A random string that can be redeemed for an access token. - Ticket string - // The access token will work at this URL. Resource *URL // The access token should be used when acting on behalf of this URL. Subject *Me + + // A random string that can be redeemed for an access token. + Ticket string } // TestTicket returns valid random generated ticket for tests. diff --git a/internal/domain/user.go b/internal/domain/user.go index 63c8ea8..c2f0fd3 100644 --- a/internal/domain/user.go +++ b/internal/domain/user.go @@ -20,8 +20,8 @@ func TestUser(tb testing.TB) *User { tb.Helper() return &User{ - Me: TestMe(tb, "https://user.example.net/"), Profile: TestProfile(tb), + Me: TestMe(tb, "https://user.example.net/"), AuthorizationEndpoint: TestURL(tb, "https://example.org/auth"), IndieAuthMetadata: TestURL(tb, "https://example.org/.well-known/oauth-authorization-server"), Micropub: TestURL(tb, "https://microsub.example.org/"),