github.com/voedger/voedger@v0.0.0-20240520144910-273e84102129/pkg/registry/impl_issueprincipaltoken.go (about) 1 /* 2 * Copyright (c) 2022-present unTill Pro, Ltd. 3 */ 4 5 package registry 6 7 import ( 8 "context" 9 "fmt" 10 11 "github.com/voedger/voedger/pkg/istructs" 12 "github.com/voedger/voedger/pkg/istructsmem" 13 "github.com/voedger/voedger/pkg/itokens" 14 payloads "github.com/voedger/voedger/pkg/itokens-payloads" 15 "github.com/voedger/voedger/pkg/sys/authnz" 16 ) 17 18 // q.registry.IssuePrincipalToken 19 type iptRR struct { 20 istructs.NullObject 21 principalToken string 22 profileWSID int64 23 profileCreationError string // like wsError 24 } 25 26 func (q *iptRR) AsInt64(string) int64 { return q.profileWSID } 27 func (q *iptRR) AsString(name string) string { 28 if name == authnz.Field_WSError { 29 return q.profileCreationError 30 } 31 return q.principalToken 32 } 33 34 func provideIssuePrincipalTokenExec(itokens itokens.ITokens) istructsmem.ExecQueryClosure { 35 return func(ctx context.Context, args istructs.ExecQueryArgs, callback istructs.ExecQueryCallback) (err error) { 36 login := args.ArgumentObject.AsString(authnz.Field_Login) 37 appName := args.ArgumentObject.AsString(authnz.Field_AppName) 38 39 appQName, err := istructs.ParseAppQName(appName) 40 if err != nil { 41 // notest 42 // validated already on c.registry.CreateLogin 43 return err 44 } 45 46 // TODO: check we're called at our AppWSID? 47 48 cdocLogin, doesLoginExist, err := GetCDocLogin(login, args.State, args.WSID, appName) 49 if err != nil { 50 return err 51 } 52 53 if !doesLoginExist { 54 return errLoginOrPasswordIsIncorrect 55 } 56 57 isPasswordOK, err := CheckPassword(cdocLogin, args.ArgumentObject.AsString(field_Passwrd)) 58 if err != nil { 59 return err 60 } 61 62 if !isPasswordOK { 63 return errLoginOrPasswordIsIncorrect 64 } 65 66 result := &iptRR{ 67 profileWSID: cdocLogin.AsInt64(authnz.Field_WSID), 68 profileCreationError: cdocLogin.AsString(authnz.Field_WSError), 69 } 70 if result.profileWSID == 0 || len(result.profileCreationError) > 0 { 71 return callback(result) 72 } 73 74 // issue principal token 75 principalPayload := payloads.PrincipalPayload{ 76 Login: args.ArgumentObject.AsString(authnz.Field_Login), 77 SubjectKind: istructs.SubjectKindType(cdocLogin.AsInt32(authnz.Field_SubjectKind)), 78 ProfileWSID: istructs.WSID(result.profileWSID), 79 } 80 if result.principalToken, err = itokens.IssueToken(appQName, authnz.DefaultPrincipalTokenExpiration, &principalPayload); err != nil { 81 return fmt.Errorf("principal token issue failed: %w", err) 82 } 83 84 return callback(result) 85 } 86 }