github.com/cs3org/reva/v2@v2.27.7/pkg/auth/manager/appauth/appauth.go (about)

     1  // Copyright 2018-2021 CERN
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  //
    15  // In applying this license, CERN does not waive the privileges and immunities
    16  // granted to it by virtue of its status as an Intergovernmental Organization
    17  // or submit itself to any jurisdiction.
    18  
    19  package appauth
    20  
    21  import (
    22  	"context"
    23  
    24  	appauthpb "github.com/cs3org/go-cs3apis/cs3/auth/applications/v1beta1"
    25  	authpb "github.com/cs3org/go-cs3apis/cs3/auth/provider/v1beta1"
    26  	user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
    27  	rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
    28  	"github.com/cs3org/reva/v2/pkg/auth"
    29  	"github.com/cs3org/reva/v2/pkg/auth/manager/registry"
    30  	"github.com/cs3org/reva/v2/pkg/errtypes"
    31  	"github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool"
    32  	"github.com/mitchellh/mapstructure"
    33  	"github.com/pkg/errors"
    34  )
    35  
    36  func init() {
    37  	registry.Register("appauth", New)
    38  }
    39  
    40  type manager struct {
    41  	GatewayAddr string `mapstructure:"gateway_addr"`
    42  }
    43  
    44  // New returns a new auth Manager.
    45  func New(m map[string]interface{}) (auth.Manager, error) {
    46  	mgr := &manager{}
    47  	err := mgr.Configure(m)
    48  	if err != nil {
    49  		return nil, err
    50  	}
    51  	return mgr, nil
    52  }
    53  
    54  func (m *manager) Configure(ml map[string]interface{}) error {
    55  	err := mapstructure.Decode(ml, m)
    56  	if err != nil {
    57  		return errors.Wrap(err, "error decoding conf")
    58  	}
    59  	return nil
    60  }
    61  
    62  func (m *manager) Authenticate(ctx context.Context, username, password string) (*user.User, map[string]*authpb.Scope, error) {
    63  	gtw, err := pool.GetGatewayServiceClient(m.GatewayAddr)
    64  	if err != nil {
    65  		return nil, nil, err
    66  	}
    67  
    68  	// get user info
    69  	userResponse, err := gtw.GetUserByClaim(ctx, &user.GetUserByClaimRequest{
    70  		Claim: "username",
    71  		Value: username,
    72  	})
    73  
    74  	switch {
    75  	case err != nil:
    76  		return nil, nil, err
    77  	case userResponse.Status.Code == rpcv1beta1.Code_CODE_NOT_FOUND:
    78  		return nil, nil, errtypes.NotFound(userResponse.Status.Message)
    79  	case userResponse.Status.Code != rpcv1beta1.Code_CODE_OK:
    80  		return nil, nil, errtypes.InternalError(userResponse.Status.Message)
    81  	}
    82  
    83  	// get the app password associated with the user and password
    84  	appAuthResponse, err := gtw.GetAppPassword(ctx, &appauthpb.GetAppPasswordRequest{
    85  		User:     userResponse.GetUser().Id,
    86  		Password: password,
    87  	})
    88  
    89  	switch {
    90  	case err != nil:
    91  		return nil, nil, err
    92  	case appAuthResponse.Status.Code == rpcv1beta1.Code_CODE_NOT_FOUND:
    93  		return nil, nil, errtypes.NotFound(appAuthResponse.Status.Message)
    94  	case appAuthResponse.Status.Code != rpcv1beta1.Code_CODE_OK:
    95  		return nil, nil, errtypes.InternalError(appAuthResponse.Status.Message)
    96  	}
    97  
    98  	return userResponse.GetUser(), appAuthResponse.GetAppPassword().TokenScope, nil
    99  }