feat: authentication system - mongo storage (#84)

* - Model - Repo * - fix go mod * - move auth storage logic to usecase\interactor * - fix lint issue * - fix PR comments * implement memory storage for authRequest repo
reearth · Dec 6, 2021 · 3913545 · 3913545
1 parent 532423b
commit 3913545
Show file tree

Hide file tree

Showing 17 changed files with 1,953 additions and 259 deletions.
diff --git a/go.mod b/go.mod
@@ -6,75 +6,60 @@ require (
 	github.com/99designs/gqlgen v0.14.0
 	github.com/99designs/gqlgen-contrib v0.1.1-0.20200601100547-7a955d321bbd
 	github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/trace v0.2.0
-	github.com/HdrHistogram/hdrhistogram-go v1.0.1 // indirect
-	github.com/agnivade/levenshtein v1.1.1 // indirect
-	github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922 // indirect
 	github.com/auth0/go-jwt-middleware v0.0.0-20200507191422-d30d7b9ece63
 	github.com/blang/semver v3.5.1+incompatible
 	github.com/caos/oidc v0.15.11
-	github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
-	github.com/dgryski/trifles v0.0.0-20200705224438-cafc02a1ee2b // indirect
-	github.com/fatih/color v1.12.0 // indirect
-	github.com/gedex/inflector v0.0.0-20170307190818-16278e9db813 // indirect
 	github.com/goccy/go-yaml v1.9.2
 	github.com/golang/gddo v0.0.0-20210115222349-20d68f94ee1f
 	github.com/gorilla/mux v1.8.0
-	github.com/hashicorp/golang-lru v0.5.4 // indirect
 	github.com/iancoleman/strcase v0.1.3
 	github.com/idubinskiy/schematyper v0.0.0-20190118213059-f71b40dac30d
 	github.com/jarcoal/httpmock v1.0.8
 	github.com/joho/godotenv v1.3.0
 	github.com/jonas-p/go-shp v0.1.1
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/kennygrant/sanitize v1.2.4
-	github.com/klauspost/compress v1.10.10 // indirect
 	github.com/labstack/echo/v4 v4.2.1
 	github.com/labstack/gommon v0.3.0
-	github.com/mattn/go-isatty v0.0.13 // indirect
 	github.com/mitchellh/mapstructure v1.4.2
 	github.com/oklog/ulid v1.3.1
-	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/paulmach/go.geojson v1.4.0
 	github.com/pkg/errors v0.9.1
 	github.com/sendgrid/sendgrid-go v3.10.3+incompatible
 	github.com/sirupsen/logrus v1.8.1
-	github.com/smartystreets/assertions v1.1.1 // indirect
 	github.com/spf13/afero v1.6.0
-	github.com/stretchr/objx v0.2.0 // indirect
 	github.com/stretchr/testify v1.7.0
-	github.com/tidwall/pretty v1.0.1 // indirect
 	github.com/twpayne/go-kml v1.5.2
 	github.com/uber/jaeger-client-go v2.25.0+incompatible
 	github.com/uber/jaeger-lib v2.4.1+incompatible
-	github.com/urfave/cli/v2 v2.3.0 // indirect
 	github.com/vektah/dataloaden v0.3.0
 	github.com/vektah/gqlparser/v2 v2.2.0
 	go.mongodb.org/mongo-driver v1.5.1
 	go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo v0.0.0-20200707171851-ae0d272a2deb
 	go.opentelemetry.io/contrib/instrumentation/go.mongodb.org/mongo-driver v0.7.0
 	go.opentelemetry.io/otel v0.7.0
-	go.uber.org/atomic v1.7.0 // indirect
-	golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c // indirect
-	golang.org/x/mod v0.5.0 // indirect
-	golang.org/x/sys v0.0.0-20210915083310-ed5796bab164 // indirect
 	golang.org/x/text v0.3.7
-	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
 	golang.org/x/tools v0.1.5
 	google.golang.org/api v0.51.0
 	gopkg.in/go-playground/colors.v1 v1.2.0
 	gopkg.in/h2non/gock.v1 v1.1.0
 	gopkg.in/square/go-jose.v2 v2.6.0
-	gopkg.in/yaml.v2 v2.4.0 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )
 
 require (
+	github.com/HdrHistogram/hdrhistogram-go v1.0.1 // indirect
+	github.com/agnivade/levenshtein v1.1.1 // indirect
 	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
+	github.com/alecthomas/units v0.0.0-20210912230133-d1bdfacee922 // indirect
 	github.com/aws/aws-sdk-go v1.34.28 // indirect
 	github.com/caos/logging v0.0.2 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/dgryski/trifles v0.0.0-20200705224438-cafc02a1ee2b // indirect
+	github.com/fatih/color v1.12.0 // indirect
 	github.com/felixge/httpsnoop v1.0.1 // indirect
+	github.com/gedex/inflector v0.0.0-20170307190818-16278e9db813 // indirect
 	github.com/go-stack/stack v1.8.0 // indirect
 	github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
@@ -88,29 +73,44 @@ require (
 	github.com/gorilla/securecookie v1.1.1 // indirect
 	github.com/gorilla/websocket v1.4.2 // indirect
 	github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 // indirect
+	github.com/hashicorp/golang-lru v0.5.4 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/jstemmer/go-junit-report v0.9.1 // indirect
+	github.com/klauspost/compress v1.10.10 // indirect
 	github.com/mattn/go-colorable v0.1.8 // indirect
+	github.com/mattn/go-isatty v0.0.13 // indirect
+	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/sendgrid/rest v2.6.5+incompatible // indirect
+	github.com/smartystreets/assertions v1.1.1 // indirect
+	github.com/stretchr/objx v0.2.0 // indirect
+	github.com/tidwall/pretty v1.0.1 // indirect
+	github.com/urfave/cli/v2 v2.3.0 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasttemplate v1.2.1 // indirect
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.0.2 // indirect
 	github.com/xdg-go/stringprep v1.0.2 // indirect
 	github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
 	go.opencensus.io v0.23.0 // indirect
+	go.uber.org/atomic v1.7.0 // indirect
+	golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c // indirect
 	golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect
+	golang.org/x/mod v0.5.0 // indirect
 	golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420 // indirect
 	golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914 // indirect
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
+	golang.org/x/sys v0.0.0-20210915083310-ed5796bab164 // indirect
+	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
 	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea // indirect
 	google.golang.org/grpc v1.39.0 // indirect
 	google.golang.org/protobuf v1.27.1 // indirect
 	gopkg.in/alecthomas/kingpin.v2 v2.2.6 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )
 
 go 1.17
diff --git a/internal/app/appauth/request.go b/internal/app/appauth/request.go
diff --git a/internal/app/auth.go → internal/app/auth_client.go b/internal/app/auth.go → internal/app/auth_client.go
diff --git a/internal/app/auth_server.go b/internal/app/auth_server.go
@@ -9,13 +9,11 @@ import (
 	"strings"
 
 	"github.com/caos/oidc/pkg/op"
+	"github.com/golang/gddo/httputil/header"
 	"github.com/gorilla/mux"
 	"github.com/labstack/echo/v4"
-	"github.com/reearth/reearth-backend/internal/app/appauth"
 	"github.com/reearth/reearth-backend/internal/usecase/interactor"
 	"github.com/reearth/reearth-backend/internal/usecase/interfaces"
-
-	"github.com/golang/gddo/httputil/header"
 )
 
 var (
@@ -40,9 +38,9 @@ func authEndPoints(ctx context.Context, e *echo.Echo, r *echo.Group, cfg *Server
 		GrantTypeRefreshToken: true,
 	}
 
-	var dn *appauth.AuthDNConfig = nil
+	var dn *interactor.AuthDNConfig = nil
 	if cfg.Config.Auth.DN != nil {
-		dn = &appauth.AuthDNConfig{
+		dn = &interactor.AuthDNConfig{
 			CommonName:         cfg.Config.Auth.DN.CN,
 			Organization:       cfg.Config.Auth.DN.O,
 			OrganizationalUnit: cfg.Config.Auth.DN.OU,
@@ -54,12 +52,13 @@ func authEndPoints(ctx context.Context, e *echo.Echo, r *echo.Group, cfg *Server
 		}
 	}
 
-	storage := appauth.NewAuthStorage(
-		&appauth.StorageConfig{
+	storage := interactor.NewAuthStorage(
+		&interactor.StorageConfig{
 			Domain: domain.String(),
 			Debug:  cfg.Debug,
 			DN:     dn,
 		},
+		cfg.Repos.AuthRequest,
 		userUsecase.GetUserBySubject,
 	)
 	handler, err := op.NewOpenIDProvider(
@@ -203,7 +202,7 @@ func login(ctx context.Context, cfg *ServerConfig, storage op.Storage, userUseca
 		}
 
 		// Complete the auth request && set the subject
-		err = storage.(*appauth.Storage).CompleteAuthRequest(ctx, request.AuthRequestID, user.GetAuthByProvider("auth0").Sub)
+		err = storage.(*interactor.AuthStorage).CompleteAuthRequest(ctx, request.AuthRequestID, user.GetAuthByProvider("auth0").Sub)
 		if err != nil {
 			ec.Logger().Error("failed to complete the auth request !")
 			return ec.Redirect(http.StatusFound, redirectURL(authRequest.GetRedirectURI(), !cfg.Debug, request.AuthRequestID, "invalid login"))

diff --git a/internal/infrastructure/memory/auth_request.go b/internal/infrastructure/memory/auth_request.go
@@ -0,0 +1,75 @@
+package memory
+
+import (
+	"context"
+	"sync"
+
+	"github.com/reearth/reearth-backend/internal/usecase/repo"
+	"github.com/reearth/reearth-backend/pkg/auth"
+	"github.com/reearth/reearth-backend/pkg/id"
+	"github.com/reearth/reearth-backend/pkg/rerror"
+)
+
+type AuthRequest struct {
+	lock sync.Mutex
+	data map[id.AuthRequestID]auth.Request
+}
+
+func NewAuthRequest() repo.AuthRequest {
+	return &AuthRequest{
+		data: map[id.AuthRequestID]auth.Request{},
+	}
+}
+
+func (r *AuthRequest) FindByID(_ context.Context, id id.AuthRequestID) (*auth.Request, error) {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	d, ok := r.data[id]
+	if ok {
+		return &d, nil
+	}
+	return &auth.Request{}, rerror.ErrNotFound
+}
+
+func (r *AuthRequest) FindByCode(_ context.Context, s string) (*auth.Request, error) {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	for _, ar := range r.data {
+		if ar.GetCode() == s {
+			return &ar, nil
+		}
+	}
+
+	return &auth.Request{}, rerror.ErrNotFound
+}
+
+func (r *AuthRequest) FindBySubject(_ context.Context, s string) (*auth.Request, error) {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	for _, ar := range r.data {
+		if ar.GetSubject() == s {
+			return &ar, nil
+		}
+	}
+
+	return &auth.Request{}, rerror.ErrNotFound
+}
+
+func (r *AuthRequest) Save(_ context.Context, request *auth.Request) error {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	r.data[request.ID()] = *request
+	return nil
+}
+
+func (r *AuthRequest) Remove(_ context.Context, requestID id.AuthRequestID) error {
+	r.lock.Lock()
+	defer r.lock.Unlock()
+
+	delete(r.data, requestID)
+	return nil
+}