github.com/greenpau/go-authcrunch@v1.1.4/pkg/sso/provider.go (about) 1 // Copyright 2022 Paul Greenberg greenpau@outlook.com 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package sso 16 17 import ( 18 "crypto/x509" 19 "encoding/json" 20 "encoding/pem" 21 "github.com/greenpau/go-authcrunch/pkg/errors" 22 fileutil "github.com/greenpau/go-authcrunch/pkg/util/file" 23 "go.uber.org/zap" 24 ) 25 26 // SingleSignOnProvider represents sso provider interface. 27 type SingleSignOnProvider interface { 28 GetName() string 29 GetDriver() string 30 GetConfig() map[string]interface{} 31 Configure() error 32 Configured() bool 33 GetMetadata() ([]byte, error) 34 } 35 36 // Provider represents sso provider. 37 type Provider struct { 38 config *SingleSignOnProviderConfig 39 configured bool 40 logger *zap.Logger 41 cert *x509.Certificate 42 privateKey any 43 metadata []byte 44 } 45 46 // GetName return the name associated with sso provider. 47 func (p *Provider) GetName() string { 48 return p.config.Name 49 } 50 51 // GetDriver returns the name of the driver associated with the provider. 52 func (p *Provider) GetDriver() string { 53 return p.config.Driver 54 } 55 56 // GetConfig returns sso provider configuration. 57 func (p *Provider) GetConfig() map[string]interface{} { 58 var m map[string]interface{} 59 j, _ := json.Marshal(p.config) 60 json.Unmarshal(j, &m) 61 return m 62 } 63 64 // Configured returns true if the sso provider was configured. 65 func (p *Provider) Configured() bool { 66 return p.configured 67 } 68 69 // Configure configures sso provider. 70 func (p *Provider) Configure() error { 71 p.configured = true 72 return nil 73 } 74 75 // NewSingleSignOnProvider returns SingleSignOnProvider instance. 76 func NewSingleSignOnProvider(cfg *SingleSignOnProviderConfig, logger *zap.Logger) (SingleSignOnProvider, error) { 77 var p SingleSignOnProvider 78 79 if logger == nil { 80 return nil, errors.ErrSingleSignOnProviderConfigureLoggerNotFound 81 } 82 83 if err := cfg.Validate(); err != nil { 84 return nil, err 85 } 86 87 certBytes, err := fileutil.ReadFileBytes(cfg.CertPath) 88 if err != nil { 89 return nil, errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("cert error", err) 90 } 91 92 certBlock, _ := pem.Decode(certBytes) 93 if certBlock.Type != "CERTIFICATE" { 94 return nil, errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("unexpected block type", certBlock.Type) 95 } 96 97 cert, err := x509.ParseCertificate(certBlock.Bytes) 98 99 pkBytes, err := fileutil.ReadFileBytes(cfg.PrivateKeyPath) 100 if err != nil { 101 return nil, errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("private key error", err) 102 } 103 104 pkBlock, _ := pem.Decode(pkBytes) 105 if pkBlock.Type != "PRIVATE KEY" { 106 return nil, errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("unexpected block type", pkBlock.Type) 107 } 108 109 pk, err := x509.ParsePKCS8PrivateKey(pkBlock.Bytes) 110 if err != nil { 111 return nil, errors.ErrSingleSignOnProviderConfigInvalid.WithArgs("private key parse error", err) 112 } 113 114 prv := &Provider{ 115 config: cfg, 116 logger: logger, 117 cert: cert, 118 privateKey: pk, 119 } 120 121 p = prv 122 123 return p, nil 124 }