generated from fluffy-bunny/fluffycore-grpc-starterkit
-
Notifications
You must be signed in to change notification settings - Fork 0
/
registration-begin.go
141 lines (126 loc) · 5.13 KB
/
registration-begin.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
package registrationbegin
import (
"net/http"
di "github.com/fluffy-bunny/fluffy-dozm-di"
contracts_cookies "github.com/fluffy-bunny/fluffycore-rage-identity/pkg/contracts/cookies"
contracts_webauthn "github.com/fluffy-bunny/fluffycore-rage-identity/pkg/contracts/webauthn"
services_echo_handlers_base "github.com/fluffy-bunny/fluffycore-rage-identity/pkg/services/echo/handlers/base"
services_handlers_webauthn "github.com/fluffy-bunny/fluffycore-rage-identity/pkg/services/echo/handlers/webauthn"
wellknown_echo "github.com/fluffy-bunny/fluffycore-rage-identity/pkg/wellknown/echo"
proto_oidc_user "github.com/fluffy-bunny/fluffycore-rage-identity/proto/oidc/user"
contracts_handler "github.com/fluffy-bunny/fluffycore/echo/contracts/handler"
fluffycore_echo_wellknown "github.com/fluffy-bunny/fluffycore/echo/wellknown"
fluffycore_utils "github.com/fluffy-bunny/fluffycore/utils"
echo "github.com/labstack/echo/v4"
zerolog "github.com/rs/zerolog"
codes "google.golang.org/grpc/codes"
status "google.golang.org/grpc/status"
)
type (
service struct {
*services_echo_handlers_base.BaseHandler
webAuthN contracts_webauthn.IWebAuthN
cookies contracts_cookies.IWellknownCookies
}
)
var stemService = (*service)(nil)
func init() {
var _ contracts_handler.IHandler = stemService
}
func (s *service) Ctor(
container di.Container,
webAuthN contracts_webauthn.IWebAuthN,
cookies contracts_cookies.IWellknownCookies,
) (*service, error) {
return &service{
BaseHandler: services_echo_handlers_base.NewBaseHandler(container),
webAuthN: webAuthN,
cookies: cookies,
}, nil
}
// AddScopedIHandler registers the *service as a singleton.
func AddScopedIHandler(builder di.ContainerBuilder) {
contracts_handler.AddScopedIHandleWithMetadata[*service](builder,
stemService.Ctor,
[]contracts_handler.HTTPVERB{
contracts_handler.GET,
},
wellknown_echo.WebAuthN_Register_Begin,
)
}
const (
// make sure only one is shown. This is an internal error code to point the developer to the code that is failing
InternalError_WebAuthN_RegisterBegin_001 = "rg-webAuthN-RB-001"
InternalError_WebAuthN_RegisterBegin_002 = "rg-webAuthN-RB-002"
InternalError_WebAuthN_RegisterBegin_003 = "rg-webAuthN-RB-003"
InternalError_WebAuthN_RegisterBegin_004 = "rg-webAuthN-RB-004"
InternalError_WebAuthN_RegisterBegin_005 = "rg-webAuthN-RB-005"
InternalError_WebAuthN_RegisterBegin_006 = "rg-webAuthN-RB-006"
InternalError_WebAuthN_RegisterBegin_007 = "rg-webAuthN-RB-007"
InternalError_WebAuthN_RegisterBegin_008 = "rg-webAuthN-RB-008"
InternalError_WebAuthN_RegisterBegin_009 = "rg-webAuthN-RB-009"
InternalError_WebAuthN_RegisterBegin_010 = "rg-webAuthN-RB-010"
InternalError_WebAuthN_RegisterBegin_099 = "rg-webAuthN-RB-099"
)
func (s *service) GetMiddleware() []echo.MiddlewareFunc {
return []echo.MiddlewareFunc{}
}
/*
Requirments.
1. The user must be authenticated, and all that information is in the claims principal
2. Pull the subject and get the user from the store
3. Put the user in the WebAuthNUser wrapper, which pull the username/email to generate the challenge.
*/
func (s *service) Do(c echo.Context) error {
r := c.Request()
ctx := r.Context()
log := zerolog.Ctx(ctx).With().Logger()
// the the user subject from claims principal
claimsPrincipal := s.ClaimsPrincipal()
subjectClaims := claimsPrincipal.GetClaimsByType(fluffycore_echo_wellknown.ClaimTypeSubject)
if fluffycore_utils.IsEmptyOrNil(subjectClaims) {
return c.JSON(http.StatusUnauthorized, "Unauthorized")
}
claim := subjectClaims[0]
if fluffycore_utils.IsEmptyOrNil(claim.Value) {
return c.JSON(http.StatusUnauthorized, "Unauthorized")
}
subject := claim.Value
log.Info().Msg("WebAuthN_Register_Begin")
// get the user from the store
getRageUserResponse, err := s.RageUserService().GetRageUser(ctx,
&proto_oidc_user.GetRageUserRequest{
By: &proto_oidc_user.GetRageUserRequest_Subject{
Subject: subject,
},
})
if err != nil {
st, ok := status.FromError(err)
if ok {
if st.Code() == codes.NotFound {
return c.JSON(http.StatusNotFound, "User not found")
}
}
log.Error().Err(err).Msg("GetRageUser")
return c.JSON(http.StatusInternalServerError, InternalError_WebAuthN_RegisterBegin_001)
}
webAuthNUser := services_handlers_webauthn.NewWebAuthNUser(getRageUserResponse.User)
credentialCreation, webAuthNSession, err := s.webAuthN.GetWebAuthN().BeginRegistration(webAuthNUser)
if err != nil {
log.Error().Err(err).Msg("BeginRegistration")
return c.JSON(http.StatusInternalServerError, InternalError_WebAuthN_RegisterBegin_002)
}
cookieValue := &contracts_cookies.WebAuthNCookie{
Identity: getRageUserResponse.User.RootIdentity,
SessionData: webAuthNSession,
}
err = s.cookies.SetWebAuthNCookie(c, &contracts_cookies.SetWebAuthNCookieRequest{
Value: cookieValue,
})
if err != nil {
log.Error().Err(err).Msg("SetWebAuthNCookie")
return c.JSON(http.StatusInternalServerError, InternalError_WebAuthN_RegisterBegin_003)
}
// store the WebAuthNSession in a cookie.
return c.JSON(http.StatusOK, credentialCreation)
}