forked from rogpeppe-contrib/candid
/
idputil.go
134 lines (114 loc) · 3.69 KB
/
idputil.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
// Copyright 2015 Canonical Ltd.
// Licensed under the AGPLv3, see LICENCE file for details.
// Package idputil contains utility routines common to many identity
// providers.
package idputil
import (
"html/template"
"net/http"
"net/url"
"github.com/juju/loggo"
"golang.org/x/net/context"
"gopkg.in/errgo.v1"
"gopkg.in/httprequest.v1"
)
var logger = loggo.GetLogger("candid.idp.idputil")
var ReservedUsernames = map[string]bool{
"admin": true,
"everyone": true,
}
// GetLoginMethods uses c to perform a request to get the list of
// available login methods from u. The result is unmarshalled into v.
func GetLoginMethods(ctx context.Context, c *httprequest.Client, u *url.URL, v interface{}) error {
req, err := http.NewRequest("GET", u.String(), nil)
if err != nil {
return errgo.Mask(err)
}
req.Header.Set("Accept", "application/json")
if err := c.Do(ctx, req, v); err != nil {
return errgo.Mask(err)
}
return nil
}
// RequestParams creates an httprequest.Params object from the given fields.
func RequestParams(ctx context.Context, w http.ResponseWriter, req *http.Request) httprequest.Params {
return httprequest.Params{
Response: w,
Request: req,
Context: ctx,
}
}
// DischargeID gets the discharge ID from the given request using the
// standard form value.
func DischargeID(req *http.Request) string {
return req.Form.Get("id")
}
// RedirectParams gets the return_to and state parameters from the
// request.
func RedirectParams(req *http.Request) (returnTo, state string) {
return req.Form.Get("return_to"), req.Form.Get("state")
}
// URL creates a URL addressed to the given path within the IDP handler
// and adds the given dischargeID (when specified).
func URL(prefix, path, dischargeID string) string {
callback := prefix + path
v := make(url.Values)
if dischargeID != "" {
v.Set("id", dischargeID)
}
if len(v) > 0 {
callback += "?" + v.Encode()
}
return callback
}
type RegistrationParams struct {
// State contains some opaque state for the registration. It can
// be used to pass arbitrary data back to the idp once the
// registration is processed.
State string
// Username contains the preferred username for the user. This
// will be used to populate the username input.
Username string
// Error contains an error message if the registration failed.
Error string
// Domain contains the domain in which the user is being created.
// This cannot be modified by the user.
Domain string
// FullName contains the full name of the user. This is used to
// populate the fullname input.
FullName string
// Email contains the email address of the user. This is used to
// populate the email input.
Email string
}
// RegistrationForm writes a registration form to the given writer using
// the given parameters.
func RegistrationForm(ctx context.Context, w http.ResponseWriter, params RegistrationParams, t *template.Template) error {
t = t.Lookup("register")
if t == nil {
errgo.New("registration template not found")
}
w.Header().Set("Content-Type", "text/html;charset=utf-8")
if err := t.Execute(w, params); err != nil {
return errgo.Notef(err, "cannot process registration template")
}
return nil
}
// NameWithDomain builds a name out of name and domain. If domain is
// empty then name is returned unchanged.
func NameWithDomain(name, domain string) string {
if domain == "" {
return name
}
return name + "@" + domain
}
// RedirectCookieName is the name of the cookie used to store
// RedirectState whilst a login is being processed by a third-party
// server.
const RedirectCookieName = "candid-redirect"
// RedirectState holds the incoming return address and state in a
// redirect based login.
type RedirectState struct {
ReturnTo string
State string
}