♻️ Replaces xerrors to errors package
This commit is contained in:
parent
54de0d1dcb
commit
f1245f334f
|
@ -9,7 +9,6 @@ import (
|
|||
"testing"
|
||||
|
||||
http "github.com/valyala/fasthttp"
|
||||
"golang.org/x/xerrors"
|
||||
)
|
||||
|
||||
// Me is a URL user identifier.
|
||||
|
@ -22,87 +21,79 @@ type Me struct {
|
|||
func ParseMe(raw string) (*Me, error) {
|
||||
me := http.AcquireURI()
|
||||
if err := me.Parse(nil, []byte(raw)); err != nil {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: err.Error(),
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
err.Error(),
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
scheme := string(me.Scheme())
|
||||
if scheme != "http" && scheme != "https" {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: "profile URL MUST have either an https or http scheme",
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
"profile URL MUST have either an https or http scheme",
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
path := string(me.PathOriginal())
|
||||
if path == "" || strings.Contains(path, "/.") || strings.Contains(path, "/..") {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: "profile URL MUST contain a path component (/ is a valid path), MUST NOT " +
|
||||
"contain single-dot or double-dot path segments",
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
"profile URL MUST contain a path component (/ is a valid path), MUST NOT contain single-dot "+
|
||||
"or double-dot path segments",
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
if me.Hash() != nil {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: "profile URL MUST NOT contain a fragment component",
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
"profile URL MUST NOT contain a fragment component",
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
if me.Username() != nil || me.Password() != nil {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: "profile URL MUST NOT contain a username or password component",
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
"profile URL MUST NOT contain a username or password component",
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
domain := string(me.Host())
|
||||
if domain == "" {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: "profile host name MUST be a domain name",
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
"profile host name MUST be a domain name",
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
if _, port, _ := net.SplitHostPort(domain); port != "" {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: "profile MUST NOT contain a port",
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
"profile MUST NOT contain a port",
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
if net.ParseIP(domain) != nil {
|
||||
return nil, Error{
|
||||
Code: ErrorCodeInvalidRequest,
|
||||
Description: "profile MUST NOT be ipv4 or ipv6 addresses",
|
||||
URI: "https://indieauth.net/source/#user-profile-url",
|
||||
State: "",
|
||||
frame: xerrors.Caller(1),
|
||||
}
|
||||
return nil, NewError(
|
||||
ErrorCodeInvalidRequest,
|
||||
"profile MUST NOT be ipv4 or ipv6 addresses",
|
||||
"https://indieauth.net/source/#user-profile-url",
|
||||
"",
|
||||
)
|
||||
}
|
||||
|
||||
return &Me{me: me}, nil
|
||||
|
|
|
@ -2,11 +2,10 @@ package memory
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"path"
|
||||
"sync"
|
||||
|
||||
"golang.org/x/xerrors"
|
||||
|
||||
"source.toby3d.me/website/indieauth/internal/domain"
|
||||
"source.toby3d.me/website/indieauth/internal/token"
|
||||
)
|
||||
|
@ -25,7 +24,7 @@ func NewMemoryTokenRepository(store *sync.Map) token.Repository {
|
|||
|
||||
func (repo *memoryTokenRepository) Create(ctx context.Context, accessToken *domain.Token) error {
|
||||
t, err := repo.Get(ctx, accessToken.AccessToken)
|
||||
if err != nil && !xerrors.Is(err, token.ErrNotExist) {
|
||||
if err != nil && !errors.Is(err, token.ErrNotExist) {
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
|
@ -2,11 +2,11 @@ package usecase
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwa"
|
||||
"github.com/lestrrat-go/jwx/jwt"
|
||||
"golang.org/x/xerrors"
|
||||
|
||||
"source.toby3d.me/website/indieauth/internal/domain"
|
||||
"source.toby3d.me/website/indieauth/internal/session"
|
||||
|
@ -15,16 +15,16 @@ import (
|
|||
|
||||
type tokenUseCase struct {
|
||||
sessions session.Repository
|
||||
config *domain.Config
|
||||
tokens token.Repository
|
||||
config *domain.Config
|
||||
}
|
||||
|
||||
func NewTokenUseCase(tokens token.Repository, sessions session.Repository, config *domain.Config) token.UseCase {
|
||||
jwt.RegisterCustomField("scope", make(domain.Scopes, 0))
|
||||
|
||||
return &tokenUseCase{
|
||||
sessions: sessions,
|
||||
config: config,
|
||||
sessions: sessions,
|
||||
tokens: tokens,
|
||||
}
|
||||
}
|
||||
|
@ -51,7 +51,7 @@ func (useCase *tokenUseCase) Exchange(ctx context.Context, opts token.ExchangeOp
|
|||
|
||||
// NOTE(toby3d): If the authorization code was issued with no scope, the
|
||||
// token endpoint MUST NOT issue an access token, as empty scopes are
|
||||
// invalid per Section 3.3 of OAuth 2.0 RFC6749.
|
||||
// invalid (RFC 6749 section 3.3).
|
||||
if session.Scope.IsEmpty() {
|
||||
return nil, nil, token.ErrEmptyScope
|
||||
}
|
||||
|
@ -82,7 +82,7 @@ func (useCase *tokenUseCase) Exchange(ctx context.Context, opts token.ExchangeOp
|
|||
|
||||
func (useCase *tokenUseCase) Verify(ctx context.Context, accessToken string) (*domain.Token, error) {
|
||||
find, err := useCase.tokens.Get(ctx, accessToken)
|
||||
if err != nil && !xerrors.Is(err, token.ErrNotExist) {
|
||||
if err != nil && !errors.Is(err, token.ErrNotExist) {
|
||||
return nil, fmt.Errorf("cannot check token in store: %w", err)
|
||||
}
|
||||
|
||||
|
@ -100,12 +100,8 @@ func (useCase *tokenUseCase) Verify(ctx context.Context, accessToken string) (*d
|
|||
return nil, fmt.Errorf("cannot validate JWT token: %w", err)
|
||||
}
|
||||
|
||||
result := &domain.Token{
|
||||
Scope: nil,
|
||||
ClientID: nil,
|
||||
Me: nil,
|
||||
AccessToken: accessToken,
|
||||
}
|
||||
result := new(domain.Token)
|
||||
result.AccessToken = accessToken
|
||||
result.ClientID, _ = domain.ParseClientID(tkn.Issuer())
|
||||
result.Me, _ = domain.ParseMe(tkn.Subject())
|
||||
|
||||
|
|
Loading…
Reference in New Issue