github.com/wgh-/mattermost-server@v4.8.0-rc2+incompatible/model/authorize.go (about)

     1  // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  package model
     5  
     6  import (
     7  	"encoding/json"
     8  	"io"
     9  	"net/http"
    10  )
    11  
    12  const (
    13  	AUTHCODE_EXPIRE_TIME   = 60 * 10 // 10 minutes
    14  	AUTHCODE_RESPONSE_TYPE = "code"
    15  	DEFAULT_SCOPE          = "user"
    16  )
    17  
    18  type AuthData struct {
    19  	ClientId    string `json:"client_id"`
    20  	UserId      string `json:"user_id"`
    21  	Code        string `json:"code"`
    22  	ExpiresIn   int32  `json:"expires_in"`
    23  	CreateAt    int64  `json:"create_at"`
    24  	RedirectUri string `json:"redirect_uri"`
    25  	State       string `json:"state"`
    26  	Scope       string `json:"scope"`
    27  }
    28  
    29  type AuthorizeRequest struct {
    30  	ResponseType string `json:"response_type"`
    31  	ClientId     string `json:"client_id"`
    32  	RedirectUri  string `json:"redirect_uri"`
    33  	Scope        string `json:"scope"`
    34  	State        string `json:"state"`
    35  }
    36  
    37  // IsValid validates the AuthData and returns an error if it isn't configured
    38  // correctly.
    39  func (ad *AuthData) IsValid() *AppError {
    40  
    41  	if len(ad.ClientId) != 26 {
    42  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.client_id.app_error", nil, "", http.StatusBadRequest)
    43  	}
    44  
    45  	if len(ad.UserId) != 26 {
    46  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.user_id.app_error", nil, "", http.StatusBadRequest)
    47  	}
    48  
    49  	if len(ad.Code) == 0 || len(ad.Code) > 128 {
    50  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.auth_code.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
    51  	}
    52  
    53  	if ad.ExpiresIn == 0 {
    54  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.expires.app_error", nil, "", http.StatusBadRequest)
    55  	}
    56  
    57  	if ad.CreateAt <= 0 {
    58  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.create_at.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
    59  	}
    60  
    61  	if len(ad.RedirectUri) == 0 || len(ad.RedirectUri) > 256 || !IsValidHttpUrl(ad.RedirectUri) {
    62  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.redirect_uri.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
    63  	}
    64  
    65  	if len(ad.State) > 1024 {
    66  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.state.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
    67  	}
    68  
    69  	if len(ad.Scope) > 128 {
    70  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.scope.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
    71  	}
    72  
    73  	return nil
    74  }
    75  
    76  // IsValid validates the AuthorizeRequest and returns an error if it isn't configured
    77  // correctly.
    78  func (ar *AuthorizeRequest) IsValid() *AppError {
    79  
    80  	if len(ar.ClientId) != 26 {
    81  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.client_id.app_error", nil, "", http.StatusBadRequest)
    82  	}
    83  
    84  	if len(ar.ResponseType) == 0 {
    85  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.response_type.app_error", nil, "", http.StatusBadRequest)
    86  	}
    87  
    88  	if len(ar.RedirectUri) == 0 || len(ar.RedirectUri) > 256 || !IsValidHttpUrl(ar.RedirectUri) {
    89  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.redirect_uri.app_error", nil, "client_id="+ar.ClientId, http.StatusBadRequest)
    90  	}
    91  
    92  	if len(ar.State) > 128 {
    93  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.state.app_error", nil, "client_id="+ar.ClientId, http.StatusBadRequest)
    94  	}
    95  
    96  	if len(ar.Scope) > 128 {
    97  		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.scope.app_error", nil, "client_id="+ar.ClientId, http.StatusBadRequest)
    98  	}
    99  
   100  	return nil
   101  }
   102  
   103  func (ad *AuthData) PreSave() {
   104  	if ad.ExpiresIn == 0 {
   105  		ad.ExpiresIn = AUTHCODE_EXPIRE_TIME
   106  	}
   107  
   108  	if ad.CreateAt == 0 {
   109  		ad.CreateAt = GetMillis()
   110  	}
   111  
   112  	if len(ad.Scope) == 0 {
   113  		ad.Scope = DEFAULT_SCOPE
   114  	}
   115  }
   116  
   117  func (ad *AuthData) ToJson() string {
   118  	b, _ := json.Marshal(ad)
   119  	return string(b)
   120  }
   121  
   122  func AuthDataFromJson(data io.Reader) *AuthData {
   123  	var ad *AuthData
   124  	json.NewDecoder(data).Decode(&ad)
   125  	return ad
   126  }
   127  
   128  func (ar *AuthorizeRequest) ToJson() string {
   129  	b, _ := json.Marshal(ar)
   130  	return string(b)
   131  }
   132  
   133  func AuthorizeRequestFromJson(data io.Reader) *AuthorizeRequest {
   134  	var ar *AuthorizeRequest
   135  	json.NewDecoder(data).Decode(&ar)
   136  	return ar
   137  }
   138  
   139  func (ad *AuthData) IsExpired() bool {
   140  	return GetMillis() > ad.CreateAt+int64(ad.ExpiresIn*1000)
   141  }