github.com/gigforks/mattermost-server@v4.9.1-0.20180619094218-800d97fa55d0+incompatible/model/oauth.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package model 5 6 import ( 7 "encoding/json" 8 "fmt" 9 "io" 10 "net/http" 11 "unicode/utf8" 12 ) 13 14 const ( 15 OAUTH_ACTION_SIGNUP = "signup" 16 OAUTH_ACTION_LOGIN = "login" 17 OAUTH_ACTION_EMAIL_TO_SSO = "email_to_sso" 18 OAUTH_ACTION_SSO_TO_EMAIL = "sso_to_email" 19 OAUTH_ACTION_MOBILE = "mobile" 20 ) 21 22 type OAuthApp struct { 23 Id string `json:"id"` 24 CreatorId string `json:"creator_id"` 25 CreateAt int64 `json:"create_at"` 26 UpdateAt int64 `json:"update_at"` 27 ClientSecret string `json:"client_secret"` 28 Name string `json:"name"` 29 Description string `json:"description"` 30 IconURL string `json:"icon_url"` 31 CallbackUrls StringArray `json:"callback_urls"` 32 Homepage string `json:"homepage"` 33 IsTrusted bool `json:"is_trusted"` 34 } 35 36 // IsValid validates the app and returns an error if it isn't configured 37 // correctly. 38 func (a *OAuthApp) IsValid() *AppError { 39 40 if len(a.Id) != 26 { 41 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.app_id.app_error", nil, "", http.StatusBadRequest) 42 } 43 44 if a.CreateAt == 0 { 45 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.create_at.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 46 } 47 48 if a.UpdateAt == 0 { 49 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.update_at.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 50 } 51 52 if len(a.CreatorId) != 26 { 53 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.creator_id.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 54 } 55 56 if len(a.ClientSecret) == 0 || len(a.ClientSecret) > 128 { 57 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.client_secret.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 58 } 59 60 if len(a.Name) == 0 || len(a.Name) > 64 { 61 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.name.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 62 } 63 64 if len(a.CallbackUrls) == 0 || len(fmt.Sprintf("%s", a.CallbackUrls)) > 1024 { 65 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.callback.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 66 } 67 68 for _, callback := range a.CallbackUrls { 69 if !IsValidHttpUrl(callback) { 70 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.callback.app_error", nil, "", http.StatusBadRequest) 71 } 72 } 73 74 if len(a.Homepage) == 0 || len(a.Homepage) > 256 || !IsValidHttpUrl(a.Homepage) { 75 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.homepage.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 76 } 77 78 if utf8.RuneCountInString(a.Description) > 512 { 79 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.description.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 80 } 81 82 if len(a.IconURL) > 0 { 83 if len(a.IconURL) > 512 || !IsValidHttpUrl(a.IconURL) { 84 return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.icon_url.app_error", nil, "app_id="+a.Id, http.StatusBadRequest) 85 } 86 } 87 88 return nil 89 } 90 91 // PreSave will set the Id and ClientSecret if missing. It will also fill 92 // in the CreateAt, UpdateAt times. It should be run before saving the app to the db. 93 func (a *OAuthApp) PreSave() { 94 if a.Id == "" { 95 a.Id = NewId() 96 } 97 98 if a.ClientSecret == "" { 99 a.ClientSecret = NewId() 100 } 101 102 a.CreateAt = GetMillis() 103 a.UpdateAt = a.CreateAt 104 } 105 106 // PreUpdate should be run before updating the app in the db. 107 func (a *OAuthApp) PreUpdate() { 108 a.UpdateAt = GetMillis() 109 } 110 111 // ToJson convert a User to a json string 112 func (a *OAuthApp) ToJson() string { 113 b, _ := json.Marshal(a) 114 return string(b) 115 } 116 117 // Generate a valid strong etag so the browser can cache the results 118 func (a *OAuthApp) Etag() string { 119 return Etag(a.Id, a.UpdateAt) 120 } 121 122 // Remove any private data from the app object 123 func (a *OAuthApp) Sanitize() { 124 a.ClientSecret = "" 125 } 126 127 func (a *OAuthApp) IsValidRedirectURL(url string) bool { 128 for _, u := range a.CallbackUrls { 129 if u == url { 130 return true 131 } 132 } 133 134 return false 135 } 136 137 // OAuthAppFromJson will decode the input and return a User 138 func OAuthAppFromJson(data io.Reader) *OAuthApp { 139 var app *OAuthApp 140 json.NewDecoder(data).Decode(&app) 141 return app 142 } 143 144 func OAuthAppListToJson(l []*OAuthApp) string { 145 b, _ := json.Marshal(l) 146 return string(b) 147 } 148 149 func OAuthAppListFromJson(data io.Reader) []*OAuthApp { 150 var o []*OAuthApp 151 json.NewDecoder(data).Decode(&o) 152 return o 153 }