github.com/keys-pub/mattermost-server@v4.10.10+incompatible/model/oauth.go

github.com/keys-pub/mattermost-server@v4.10.10+incompatible/model/oauth.go (about)

     1  // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  package model
     5  
     6  import (
     7  	"encoding/json"
     8  	"fmt"
     9  	"io"
    10  	"net/http"
    11  	"unicode/utf8"
    12  )
    13  
    14  const (
    15  	OAUTH_ACTION_SIGNUP       = "signup"
    16  	OAUTH_ACTION_LOGIN        = "login"
    17  	OAUTH_ACTION_EMAIL_TO_SSO = "email_to_sso"
    18  	OAUTH_ACTION_SSO_TO_EMAIL = "sso_to_email"
    19  	OAUTH_ACTION_MOBILE       = "mobile"
    20  )
    21  
    22  type OAuthApp struct {
    23  	Id           string      `json:"id"`
    24  	CreatorId    string      `json:"creator_id"`
    25  	CreateAt     int64       `json:"create_at"`
    26  	UpdateAt     int64       `json:"update_at"`
    27  	ClientSecret string      `json:"client_secret"`
    28  	Name         string      `json:"name"`
    29  	Description  string      `json:"description"`
    30  	IconURL      string      `json:"icon_url"`
    31  	CallbackUrls StringArray `json:"callback_urls"`
    32  	Homepage     string      `json:"homepage"`
    33  	IsTrusted    bool        `json:"is_trusted"`
    34  }
    35  
    36  // IsValid validates the app and returns an error if it isn't configured
    37  // correctly.
    38  func (a *OAuthApp) IsValid() *AppError {
    39  
    40  	if len(a.Id) != 26 {
    41  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.app_id.app_error", nil, "", http.StatusBadRequest)
    42  	}
    43  
    44  	if a.CreateAt == 0 {
    45  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.create_at.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    46  	}
    47  
    48  	if a.UpdateAt == 0 {
    49  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.update_at.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    50  	}
    51  
    52  	if len(a.CreatorId) != 26 {
    53  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.creator_id.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    54  	}
    55  
    56  	if len(a.ClientSecret) == 0 || len(a.ClientSecret) > 128 {
    57  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.client_secret.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    58  	}
    59  
    60  	if len(a.Name) == 0 || len(a.Name) > 64 {
    61  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.name.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    62  	}
    63  
    64  	if len(a.CallbackUrls) == 0 || len(fmt.Sprintf("%s", a.CallbackUrls)) > 1024 {
    65  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.callback.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    66  	}
    67  
    68  	for _, callback := range a.CallbackUrls {
    69  		if !IsValidHttpUrl(callback) {
    70  			return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.callback.app_error", nil, "", http.StatusBadRequest)
    71  		}
    72  	}
    73  
    74  	if len(a.Homepage) == 0 || len(a.Homepage) > 256 || !IsValidHttpUrl(a.Homepage) {
    75  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.homepage.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    76  	}
    77  
    78  	if utf8.RuneCountInString(a.Description) > 512 {
    79  		return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.description.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    80  	}
    81  
    82  	if len(a.IconURL) > 0 {
    83  		if len(a.IconURL) > 512 || !IsValidHttpUrl(a.IconURL) {
    84  			return NewAppError("OAuthApp.IsValid", "model.oauth.is_valid.icon_url.app_error", nil, "app_id="+a.Id, http.StatusBadRequest)
    85  		}
    86  	}
    87  
    88  	return nil
    89  }
    90  
    91  // PreSave will set the Id and ClientSecret if missing.  It will also fill
    92  // in the CreateAt, UpdateAt times. It should be run before saving the app to the db.
    93  func (a *OAuthApp) PreSave() {
    94  	if a.Id == "" {
    95  		a.Id = NewId()
    96  	}
    97  
    98  	if a.ClientSecret == "" {
    99  		a.ClientSecret = NewId()
   100  	}
   101  
   102  	a.CreateAt = GetMillis()
   103  	a.UpdateAt = a.CreateAt
   104  }
   105  
   106  // PreUpdate should be run before updating the app in the db.
   107  func (a *OAuthApp) PreUpdate() {
   108  	a.UpdateAt = GetMillis()
   109  }
   110  
   111  // ToJson convert a User to a json string
   112  func (a *OAuthApp) ToJson() string {
   113  	b, _ := json.Marshal(a)
   114  	return string(b)
   115  }
   116  
   117  // Generate a valid strong etag so the browser can cache the results
   118  func (a *OAuthApp) Etag() string {
   119  	return Etag(a.Id, a.UpdateAt)
   120  }
   121  
   122  // Remove any private data from the app object
   123  func (a *OAuthApp) Sanitize() {
   124  	a.ClientSecret = ""
   125  }
   126  
   127  func (a *OAuthApp) IsValidRedirectURL(url string) bool {
   128  	for _, u := range a.CallbackUrls {
   129  		if u == url {
   130  			return true
   131  		}
   132  	}
   133  
   134  	return false
   135  }
   136  
   137  // OAuthAppFromJson will decode the input and return a User
   138  func OAuthAppFromJson(data io.Reader) *OAuthApp {
   139  	var app *OAuthApp
   140  	json.NewDecoder(data).Decode(&app)
   141  	return app
   142  }
   143  
   144  func OAuthAppListToJson(l []*OAuthApp) string {
   145  	b, _ := json.Marshal(l)
   146  	return string(b)
   147  }
   148  
   149  func OAuthAppListFromJson(data io.Reader) []*OAuthApp {
   150  	var o []*OAuthApp
   151  	json.NewDecoder(data).Decode(&o)
   152  	return o
   153  }