github.com/greenpau/go-authcrunch@v1.1.4/pkg/sso/config.go (about) 1 // Copyright 2022 Paul Greenberg greenpau@outlook.com 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package sso 16 17 import ( 18 "encoding/json" 19 "fmt" 20 "github.com/greenpau/go-authcrunch/pkg/errors" 21 ) 22 23 // SingleSignOnProviderConfig represents an identity provider configuration. 24 type SingleSignOnProviderConfig struct { 25 Name string `json:"name,omitempty" xml:"name,omitempty" yaml:"name,omitempty"` 26 Driver string `json:"driver,omitempty" xml:"driver,omitempty" yaml:"driver,omitempty"` 27 EntityID string `json:"entity_id,omitempty" xml:"entity_id,omitempty" yaml:"entity_id,omitempty"` 28 Locations []string `json:"locations,omitempty" xml:"locations,omitempty" yaml:"locations,omitempty"` 29 PrivateKeyPath string `json:"private_key_path,omitempty" xml:"private_key_path,omitempty" yaml:"private_key_path,omitempty"` 30 CertPath string `json:"cert_path,omitempty" xml:"cert_path,omitempty" yaml:"cert_path,omitempty"` 31 } 32 33 // NewSingleSignOnProviderConfig returns SingleSignOnProviderConfig instance. 34 func NewSingleSignOnProviderConfig(data map[string]interface{}) (*SingleSignOnProviderConfig, error) { 35 36 requiredFields := []string{"name", "entity_id", "locations", "private_key_path", "cert_path"} 37 optionalFields := []string{"driver"} 38 39 if err := validateFields(data, requiredFields, optionalFields); err != nil { 40 return nil, errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("input data error", err) 41 } 42 43 b, _ := json.Marshal(data) 44 cfg := &SingleSignOnProviderConfig{} 45 if err := json.Unmarshal(b, cfg); err != nil { 46 return nil, errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("json.Unmarshal error", err) 47 } 48 if err := cfg.Validate(); err != nil { 49 return nil, err 50 } 51 return cfg, nil 52 } 53 54 // Validate validates identity provider config. 55 func (cfg *SingleSignOnProviderConfig) Validate() error { 56 if cfg.Name == "" { 57 return errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("misconfiguration", "empty provider name") 58 } 59 if cfg.EntityID == "" { 60 return errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("misconfiguration", "empty entity id") 61 } 62 if cfg.PrivateKeyPath == "" { 63 return errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("misconfiguration", "empty private key path") 64 } 65 if cfg.CertPath == "" { 66 return errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("misconfiguration", "empty cert path") 67 } 68 if len(cfg.Locations) < 1 { 69 return errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("misconfiguration", "empty locations") 70 } 71 switch cfg.Driver { 72 case "aws": 73 case "": 74 return errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("misconfiguration", "empty driver name") 75 default: 76 return errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("misconfiguration", "unsupported driver name") 77 } 78 return nil 79 } 80 81 func validateFields(m map[string]interface{}, requiredFields, optionalFields []string) error { 82 if m == nil || len(m) == 0 { 83 return fmt.Errorf("empty identity provider parameters") 84 } 85 86 for _, k := range requiredFields { 87 if _, exists := m[k]; !exists { 88 return fmt.Errorf("required field %q not found", k) 89 } 90 } 91 92 allFields := append(optionalFields, requiredFields...) 93 for k := range m { 94 var found bool 95 for _, f := range allFields { 96 if f == k { 97 found = true 98 } 99 } 100 if !found { 101 return fmt.Errorf("found unsupported %q field", k) 102 } 103 } 104 105 return nil 106 }