-
Notifications
You must be signed in to change notification settings - Fork 299
/
oauthclient.go
115 lines (97 loc) · 3.04 KB
/
oauthclient.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// Copyright © 2019 The Things Network Foundation, The Things Industries B.V.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package oauthclient
import (
"context"
"fmt"
"net/http"
"net/url"
"strings"
echo "github.com/labstack/echo/v4"
"go.thethings.network/lorawan-stack/v3/pkg/component"
"go.thethings.network/lorawan-stack/v3/pkg/errors"
"golang.org/x/oauth2"
)
// OAuthClient is the OAuth client component.
type OAuthClient struct {
component *component.Component
rootURL string
config Config
}
var errNoOAuthConfig = errors.DefineInvalidArgument("no_oauth_config", "no OAuth configuration found for the OAuth client")
func (c Config) isZero() bool {
return c.AuthorizeURL == "" || c.TokenURL == "" || c.ClientID == "" || c.ClientSecret == ""
}
func (oc *OAuthClient) getMountPath() string {
var path string
u, err := url.Parse(oc.config.RootURL)
if err != nil || u.Path == "" {
path = "/"
} else {
path = u.Path
}
return path
}
func (oc *OAuthClient) withTLSClientConfig(ctx context.Context) (context.Context, error) {
config, err := oc.component.GetTLSClientConfig(ctx)
if err != nil {
return nil, err
}
return context.WithValue(ctx, oauth2.HTTPClient, &http.Client{
Transport: &http.Transport{
TLSClientConfig: config,
},
}), nil
}
// New returns a new OAuth client instance.
func New(c *component.Component, config Config) (*OAuthClient, error) {
if config.isZero() {
return nil, errNoOAuthConfig.New()
}
oc := &OAuthClient{
component: c,
config: config,
}
return oc, nil
}
type ctxKeyType struct{}
var ctxKey ctxKeyType
func (oc *OAuthClient) configFromContext(ctx context.Context) *Config {
if config, ok := ctx.Value(ctxKey).(*Config); ok {
return config
}
return &oc.config
}
func (oc *OAuthClient) oauth(c echo.Context) *oauth2.Config {
config := oc.configFromContext(c.Request().Context())
authorizeURL := config.AuthorizeURL
redirectURL := fmt.Sprintf("%s/oauth/callback", strings.TrimSuffix(config.RootURL, "/"))
if oauthRootURL, err := url.Parse(config.RootURL); err == nil {
rootURL := (&url.URL{Scheme: oauthRootURL.Scheme, Host: oauthRootURL.Host}).String()
if strings.HasPrefix(authorizeURL, rootURL) {
authorizeURL = strings.TrimPrefix(authorizeURL, rootURL)
redirectURL = strings.TrimPrefix(redirectURL, rootURL)
}
}
return &oauth2.Config{
ClientID: config.ClientID,
ClientSecret: config.ClientSecret,
RedirectURL: redirectURL,
Endpoint: oauth2.Endpoint{
TokenURL: config.TokenURL,
AuthURL: authorizeURL,
AuthStyle: oauth2.AuthStyleInParams,
},
}
}