github.com/cs3org/reva/v2@v2.27.7/internal/grpc/services/applicationauth/applicationauth.go (about)

     1  // Copyright 2018-2021 CERN
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  //
    15  // In applying this license, CERN does not waive the privileges and immunities
    16  // granted to it by virtue of its status as an Intergovernmental Organization
    17  // or submit itself to any jurisdiction.
    18  
    19  package applicationauth
    20  
    21  import (
    22  	"context"
    23  
    24  	appauthpb "github.com/cs3org/go-cs3apis/cs3/auth/applications/v1beta1"
    25  	"github.com/cs3org/reva/v2/pkg/appauth"
    26  	"github.com/cs3org/reva/v2/pkg/appauth/manager/registry"
    27  	"github.com/cs3org/reva/v2/pkg/errtypes"
    28  	"github.com/cs3org/reva/v2/pkg/rgrpc"
    29  	"github.com/cs3org/reva/v2/pkg/rgrpc/status"
    30  	"github.com/mitchellh/mapstructure"
    31  	"github.com/pkg/errors"
    32  	"github.com/rs/zerolog"
    33  	"google.golang.org/grpc"
    34  )
    35  
    36  func init() {
    37  	rgrpc.Register("applicationauth", New)
    38  }
    39  
    40  type config struct {
    41  	Driver  string                            `mapstructure:"driver"`
    42  	Drivers map[string]map[string]interface{} `mapstructure:"drivers"`
    43  }
    44  
    45  type service struct {
    46  	conf *config
    47  	am   appauth.Manager
    48  }
    49  
    50  func (c *config) init() {
    51  	if c.Driver == "" {
    52  		c.Driver = "json"
    53  	}
    54  }
    55  
    56  func (s *service) Register(ss *grpc.Server) {
    57  	appauthpb.RegisterApplicationsAPIServer(ss, s)
    58  }
    59  
    60  func getAppAuthManager(c *config) (appauth.Manager, error) {
    61  	if f, ok := registry.NewFuncs[c.Driver]; ok {
    62  		return f(c.Drivers[c.Driver])
    63  	}
    64  	return nil, errtypes.NotFound("driver not found: " + c.Driver)
    65  }
    66  
    67  func parseConfig(m map[string]interface{}) (*config, error) {
    68  	c := &config{}
    69  	if err := mapstructure.Decode(m, c); err != nil {
    70  		err = errors.Wrap(err, "error decoding conf")
    71  		return nil, err
    72  	}
    73  	return c, nil
    74  }
    75  
    76  // New creates a app auth provider svc
    77  func New(m map[string]interface{}, ss *grpc.Server, _ *zerolog.Logger) (rgrpc.Service, error) {
    78  
    79  	c, err := parseConfig(m)
    80  	if err != nil {
    81  		return nil, err
    82  	}
    83  	c.init()
    84  
    85  	am, err := getAppAuthManager(c)
    86  	if err != nil {
    87  		return nil, err
    88  	}
    89  
    90  	service := &service{
    91  		conf: c,
    92  		am:   am,
    93  	}
    94  
    95  	return service, nil
    96  }
    97  
    98  func (s *service) Close() error {
    99  	return nil
   100  }
   101  
   102  func (s *service) UnprotectedEndpoints() []string {
   103  	return []string{"/cs3.auth.applications.v1beta1.ApplicationsAPI/GetAppPassword"}
   104  }
   105  
   106  func (s *service) GenerateAppPassword(ctx context.Context, req *appauthpb.GenerateAppPasswordRequest) (*appauthpb.GenerateAppPasswordResponse, error) {
   107  	pwd, err := s.am.GenerateAppPassword(ctx, req.TokenScope, req.Label, req.Expiration)
   108  	if err != nil {
   109  		return &appauthpb.GenerateAppPasswordResponse{
   110  			Status: status.NewInternal(ctx, "error generating app password"),
   111  		}, nil
   112  	}
   113  
   114  	return &appauthpb.GenerateAppPasswordResponse{
   115  		Status:      status.NewOK(ctx),
   116  		AppPassword: pwd,
   117  	}, nil
   118  }
   119  
   120  func (s *service) ListAppPasswords(ctx context.Context, req *appauthpb.ListAppPasswordsRequest) (*appauthpb.ListAppPasswordsResponse, error) {
   121  	pwds, err := s.am.ListAppPasswords(ctx)
   122  	if err != nil {
   123  		return &appauthpb.ListAppPasswordsResponse{
   124  			Status: status.NewInternal(ctx, "error listing app passwords"),
   125  		}, nil
   126  	}
   127  
   128  	return &appauthpb.ListAppPasswordsResponse{
   129  		Status:       status.NewOK(ctx),
   130  		AppPasswords: pwds,
   131  	}, nil
   132  }
   133  
   134  func (s *service) InvalidateAppPassword(ctx context.Context, req *appauthpb.InvalidateAppPasswordRequest) (*appauthpb.InvalidateAppPasswordResponse, error) {
   135  	err := s.am.InvalidateAppPassword(ctx, req.Password)
   136  	if err != nil {
   137  		return &appauthpb.InvalidateAppPasswordResponse{
   138  			Status: status.NewInternal(ctx, "error invalidating app password"),
   139  		}, nil
   140  	}
   141  
   142  	return &appauthpb.InvalidateAppPasswordResponse{
   143  		Status: status.NewOK(ctx),
   144  	}, nil
   145  }
   146  
   147  func (s *service) GetAppPassword(ctx context.Context, req *appauthpb.GetAppPasswordRequest) (*appauthpb.GetAppPasswordResponse, error) {
   148  	pwd, err := s.am.GetAppPassword(ctx, req.User, req.Password)
   149  	if err != nil {
   150  		return &appauthpb.GetAppPasswordResponse{
   151  			Status: status.NewInternal(ctx, "error getting app password via username/password"),
   152  		}, nil
   153  	}
   154  
   155  	return &appauthpb.GetAppPasswordResponse{
   156  		Status:      status.NewOK(ctx),
   157  		AppPassword: pwd,
   158  	}, nil
   159  }