devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

Compare commits

base: devstack:0.21.0
Branches Tags
devstack:discours devstack:main devstack:discours-dev devstack:dev devstack:fix/deactivate-acc devstack:feat/deativate-account devstack:fix-webhook-test-endpoint devstack:fix-db-refs devstack:fix/session-storage devstack:fix/accessibility devstack:fix/add-sub-user-info devstack:feat/add-microsoft-login devstack:fix/neon-db-support devstack:development devstack:feat/surreal-db devstack:fix/oauth-provider devstack:feat/plain-html-editor devstack:fix/build devstack:feat/user-roles-multi-select devstack:chore/update-go-gin-1.18.1 devstack:fix/bool-env-vars-secure-cookie devstack:feat/dyanmo-db-cursor devstack:feat/twitter-login devstack:fix/email-template devstack:fix/dashboard-ui devstack:feat/send-email-based-on-template devstack:feat/2fa devstack:feat/email-template-ui devstack:feat/add-email-template-apis devstack:fix/password-changing devstack:feat/webhook devstack:fix/invalidate-session-token devstack:feat/apple-login devstack:fix/session-invalidation devstack:fix-parallel-access devstack:feat/add-linkedin-login devstack:feat/logging devstack:feat/casandra-db devstack:fix/gateway-based-setup devstack:feat/add-password-validation devstack:feat/invite-member devstack:feat/open-id devstack:feat/add-jwt-algos devstack:fauna-db devstack:fix/organize_dbs
devstack:1.1.70 devstack:1.1.70-beta.1 devstack:1.1.69 devstack:1.1.68 devstack:1.1.67 devstack:1.1.66 devstack:1.1.65 devstack:1.1.64 devstack:1.1.63 devstack:1.1.62 devstack:1.1.61 devstack:1.1.60 devstack:1.1.59 devstack:1.1.58 devstack:1.1.57 devstack:1.1.56 devstack:1.1.55 devstack:1.1.54 devstack:1.1.53 devstack:1.1.52 devstack:1.1.51 devstack:1.1.50 devstack:1.1.49 devstack:1.1.48 devstack:1.1.47 devstack:1.1.46 devstack:1.1.45 devstack:1.1.44 devstack:1.1.43 devstack:1.1.42 devstack:1.1.41 devstack:1.1.40 devstack:1.1.39 devstack:1.1.38 devstack:1.1.37 devstack:1.1.36 devstack:1.1.35 devstack:1.1.34 devstack:1.1.33 devstack:1.1.32 devstack:1.1.31 devstack:1.1.30 devstack:1.1.29 devstack:1.1.28 devstack:1.1.28-rc.5 devstack:1.1.28-rc.4 devstack:1.1.28-rc.3 devstack:1.1.28-rc.2 devstack:1.1.28-rc.1 devstack:1.1.27 devstack:1.1.27-beta.14 devstack:1.1.27-beta.13 devstack:1.1.27-beta.12 devstack:1.1.27-beta.11 devstack:1.1.27-beta.10 devstack:1.1.27-beta.9 devstack:1.1.27-beta.8 devstack:1.1.27-beta.7 devstack:1.1.27-beta.6 devstack:1.1.27-beta.5 devstack:1.1.27-beta.4 devstack:1.1.27-beta.3 devstack:1.1.27-beta.2 devstack:1.1.27-beta.1 devstack:1.1.26 devstack:1.1.25-beta.0 devstack:1.1.25 devstack:1.1.24 devstack:1.1.23 devstack:1.1.22 devstack:1.1.21 devstack:1.1.21.beta.22 devstack:1.1.21.beta.21 devstack:1.1.21.beta.20 devstack:1.1.21.beta.19 devstack:1.1.21.beta.18 devstack:1.1.21.beta.17 devstack:1.1.21.beta.16 devstack:1.1.21.beta.15 devstack:1.1.21.beta.14 devstack:1.1.21.beta.13 devstack:1.1.21.beta.12 devstack:1.1.21.beta.11 devstack:1.1.21.beta.10 devstack:1.1.21.beta.9 devstack:1.1.21.beta.8 devstack:1.1.21.beta.7 devstack:1.1.21.beta.6 devstack:1.1.21.beta.4 devstack:1.1.21.beta.2 devstack:1.1.21.beta.1 devstack:1.1.21.beta.5 devstack:1.1.21.beta.3 devstack:1.1.21.beta.0 devstack:1.1.20 devstack:1.1.20-beta.0 devstack:1.1.9 devstack:1.1.8 devstack:1.1.7 devstack:1.1.6 devstack:1.1.5 devstack:1.1.4 devstack:1.1.3 devstack:1.1.2 devstack:1.1.1 devstack:1.1.0 devstack:1.0.1 devstack:1.0.0 devstack:0.39.0 devstack:0.38.0 devstack:0.37.0 devstack:0.36.0 devstack:0.35.0 devstack:0.34.0 devstack:0.33.0 devstack:0.32.0 devstack:0.32.0-beta.13 devstack:0.32.0-beta.12 devstack:0.32.0-beta.11 devstack:0.32.0-beta.10 devstack:0.32.0-beta.9 devstack:0.32.0-beta.8 devstack:0.32.0-beta.7 devstack:0.32.0-beta.6 devstack:0.32.0-beta.5 devstack:0.32.0-beta.4 devstack:0.32.0-beta.3 devstack:0.32.0-beta.2 devstack:0.32.0-beta.1 devstack:0.31.0 devstack:0.30.0 devstack:0.29.0 devstack:0.29.0.test1 devstack:0.28.0 devstack:0.27.0 devstack:0.26.0 devstack:0.25.0 devstack:0.25.0-beta.2 devstack:0.25.0-beta.1 devstack:0.24.0 devstack:0.24.0-beta.1 devstack:0.23.0 devstack:0.22.2 devstack:0.22.1 devstack:0.22.0 devstack:0.21.0 devstack:0.20.0 devstack:0.19.0 devstack:0.18.1 devstack:0.18.0 devstack:0.17.0 devstack:0.16.0 devstack:0.15.0 devstack:0.14.0 devstack:0.14.0-beta.13 devstack:0.14.0-beta.12 devstack:0.14.0-beta.11 devstack:0.14.0-beta.10 devstack:0.14.0-beta.9 devstack:0.14.0-beta.8 devstack:0.14.0-beta.7 devstack:0.14.0-beta.6 devstack:0.14.0-beta.5 devstack:0.14.0-beta.4 devstack:0.14.0-beta.3 devstack:0.14.0-beta.2 devstack:0.14.0-beta.1 devstack:0.14.0-beta.0 devstack:0.13.1 devstack:0.13.0 devstack:0.12.0 devstack:0.11.0 devstack:0.10.3 devstack:0.10.2 devstack:0.10.1 devstack:0.10.0 devstack:0.9.2 devstack:0.9.1 devstack:0.9.0 devstack:0.8.5 devstack:0.8.4 devstack:0.8.3 devstack:0.8.2 devstack:0.8.1 devstack:0.8.1.test.1 devstack:0.8.0 devstack:0.7.0 devstack:0.6.1 devstack:0.6.0 devstack:0.5.0 devstack:0.4.0 devstack:0.3.0 devstack:0.2.0 devstack:0.1.0 devstack:0.1.0-beta.43 devstack:0.1.0-beta.42 devstack:0.1.0-beta.41 devstack:0.1.0-beta.40 devstack:0.1.0-beta.38 devstack:0.1.0-beta.37 devstack:0.1.0-beta.36 devstack:0.1.0-beta.35 devstack:0.1.0-beta.34 devstack:0.1.0-beta.33 devstack:0.1.0-beta.32 devstack:0.1.0-beta.31 devstack:0.1.0-beta.30 devstack:0.1.0-beta.29 devstack:0.1.0-beta.28 devstack:0.1.0-beta.27 devstack:0.1.0-beta.26 devstack:0.1.0-beta.25 devstack:0.1.0-beta.24 devstack:0.1.0-beta.23 devstack:0.1.0-beta.22 devstack:0.1.0-beta.21 devstack:0.1.0-beta.20 devstack:0.1.0-beta.19 devstack:0.1.0-beta.18 devstack:0.1.0-beta.17 devstack:0.1.0-beta.16 devstack:0.1.0-alpha31 devstack:0.1.0-alpha30 devstack:0.1.0-alpha29 devstack:0.1.0-alpha28 devstack:0.1.0-alpha27 devstack:0.1.0-alpha26 devstack:0.1.0-alpha25 devstack:0.1.0-alpha24 devstack:0.1.0-alpha23 devstack:0.1.0-alpha22 devstack:0.1.0-alpha21 devstack:0.1.0-alpha20 devstack:0.1.0-alpha19 devstack:0.1.0-alpha18 devstack:0.1.0-alpha17 devstack:0.1.0-alpha16 devstack:0.1.0-alpha15 devstack:0.1.0-alpha14 devstack:0.1.0-alpha13 devstack:0.1.0-alpha12 devstack:0.1.0-alpha11 devstack:0.1.0-alpha10 devstack:0.1.0-alpha9 devstack:0.1.0-alpha8 devstack:0.1.0-alpha7 devstack:0.1.0-alpha6 devstack:0.1.0-alpha5 devstack:0.1.0-alpha4 devstack:0.1.0-alpha3 devstack:0.1.0-alpha2 devstack:0.1.0-alpha1
...
compare: devstack:0.24.0
Branches Tags
devstack:discours devstack:main devstack:discours-dev devstack:dev devstack:fix/deactivate-acc devstack:feat/deativate-account devstack:fix-webhook-test-endpoint devstack:fix-db-refs devstack:fix/session-storage devstack:fix/accessibility devstack:fix/add-sub-user-info devstack:feat/add-microsoft-login devstack:fix/neon-db-support devstack:development devstack:feat/surreal-db devstack:fix/oauth-provider devstack:feat/plain-html-editor devstack:fix/build devstack:feat/user-roles-multi-select devstack:chore/update-go-gin-1.18.1 devstack:fix/bool-env-vars-secure-cookie devstack:feat/dyanmo-db-cursor devstack:feat/twitter-login devstack:fix/email-template devstack:fix/dashboard-ui devstack:feat/send-email-based-on-template devstack:feat/2fa devstack:feat/email-template-ui devstack:feat/add-email-template-apis devstack:fix/password-changing devstack:feat/webhook devstack:fix/invalidate-session-token devstack:feat/apple-login devstack:fix/session-invalidation devstack:fix-parallel-access devstack:feat/add-linkedin-login devstack:feat/logging devstack:feat/casandra-db devstack:fix/gateway-based-setup devstack:feat/add-password-validation devstack:feat/invite-member devstack:feat/open-id devstack:feat/add-jwt-algos devstack:fauna-db devstack:fix/organize_dbs
devstack:1.1.70 devstack:1.1.70-beta.1 devstack:1.1.69 devstack:1.1.68 devstack:1.1.67 devstack:1.1.66 devstack:1.1.65 devstack:1.1.64 devstack:1.1.63 devstack:1.1.62 devstack:1.1.61 devstack:1.1.60 devstack:1.1.59 devstack:1.1.58 devstack:1.1.57 devstack:1.1.56 devstack:1.1.55 devstack:1.1.54 devstack:1.1.53 devstack:1.1.52 devstack:1.1.51 devstack:1.1.50 devstack:1.1.49 devstack:1.1.48 devstack:1.1.47 devstack:1.1.46 devstack:1.1.45 devstack:1.1.44 devstack:1.1.43 devstack:1.1.42 devstack:1.1.41 devstack:1.1.40 devstack:1.1.39 devstack:1.1.38 devstack:1.1.37 devstack:1.1.36 devstack:1.1.35 devstack:1.1.34 devstack:1.1.33 devstack:1.1.32 devstack:1.1.31 devstack:1.1.30 devstack:1.1.29 devstack:1.1.28 devstack:1.1.28-rc.5 devstack:1.1.28-rc.4 devstack:1.1.28-rc.3 devstack:1.1.28-rc.2 devstack:1.1.28-rc.1 devstack:1.1.27 devstack:1.1.27-beta.14 devstack:1.1.27-beta.13 devstack:1.1.27-beta.12 devstack:1.1.27-beta.11 devstack:1.1.27-beta.10 devstack:1.1.27-beta.9 devstack:1.1.27-beta.8 devstack:1.1.27-beta.7 devstack:1.1.27-beta.6 devstack:1.1.27-beta.5 devstack:1.1.27-beta.4 devstack:1.1.27-beta.3 devstack:1.1.27-beta.2 devstack:1.1.27-beta.1 devstack:1.1.26 devstack:1.1.25-beta.0 devstack:1.1.25 devstack:1.1.24 devstack:1.1.23 devstack:1.1.22 devstack:1.1.21 devstack:1.1.21.beta.22 devstack:1.1.21.beta.21 devstack:1.1.21.beta.20 devstack:1.1.21.beta.19 devstack:1.1.21.beta.18 devstack:1.1.21.beta.17 devstack:1.1.21.beta.16 devstack:1.1.21.beta.15 devstack:1.1.21.beta.14 devstack:1.1.21.beta.13 devstack:1.1.21.beta.12 devstack:1.1.21.beta.11 devstack:1.1.21.beta.10 devstack:1.1.21.beta.9 devstack:1.1.21.beta.8 devstack:1.1.21.beta.7 devstack:1.1.21.beta.6 devstack:1.1.21.beta.4 devstack:1.1.21.beta.2 devstack:1.1.21.beta.1 devstack:1.1.21.beta.5 devstack:1.1.21.beta.3 devstack:1.1.21.beta.0 devstack:1.1.20 devstack:1.1.20-beta.0 devstack:1.1.9 devstack:1.1.8 devstack:1.1.7 devstack:1.1.6 devstack:1.1.5 devstack:1.1.4 devstack:1.1.3 devstack:1.1.2 devstack:1.1.1 devstack:1.1.0 devstack:1.0.1 devstack:1.0.0 devstack:0.39.0 devstack:0.38.0 devstack:0.37.0 devstack:0.36.0 devstack:0.35.0 devstack:0.34.0 devstack:0.33.0 devstack:0.32.0 devstack:0.32.0-beta.13 devstack:0.32.0-beta.12 devstack:0.32.0-beta.11 devstack:0.32.0-beta.10 devstack:0.32.0-beta.9 devstack:0.32.0-beta.8 devstack:0.32.0-beta.7 devstack:0.32.0-beta.6 devstack:0.32.0-beta.5 devstack:0.32.0-beta.4 devstack:0.32.0-beta.3 devstack:0.32.0-beta.2 devstack:0.32.0-beta.1 devstack:0.31.0 devstack:0.30.0 devstack:0.29.0 devstack:0.29.0.test1 devstack:0.28.0 devstack:0.27.0 devstack:0.26.0 devstack:0.25.0 devstack:0.25.0-beta.2 devstack:0.25.0-beta.1 devstack:0.24.0 devstack:0.24.0-beta.1 devstack:0.23.0 devstack:0.22.2 devstack:0.22.1 devstack:0.22.0 devstack:0.21.0 devstack:0.20.0 devstack:0.19.0 devstack:0.18.1 devstack:0.18.0 devstack:0.17.0 devstack:0.16.0 devstack:0.15.0 devstack:0.14.0 devstack:0.14.0-beta.13 devstack:0.14.0-beta.12 devstack:0.14.0-beta.11 devstack:0.14.0-beta.10 devstack:0.14.0-beta.9 devstack:0.14.0-beta.8 devstack:0.14.0-beta.7 devstack:0.14.0-beta.6 devstack:0.14.0-beta.5 devstack:0.14.0-beta.4 devstack:0.14.0-beta.3 devstack:0.14.0-beta.2 devstack:0.14.0-beta.1 devstack:0.14.0-beta.0 devstack:0.13.1 devstack:0.13.0 devstack:0.12.0 devstack:0.11.0 devstack:0.10.3 devstack:0.10.2 devstack:0.10.1 devstack:0.10.0 devstack:0.9.2 devstack:0.9.1 devstack:0.9.0 devstack:0.8.5 devstack:0.8.4 devstack:0.8.3 devstack:0.8.2 devstack:0.8.1 devstack:0.8.1.test.1 devstack:0.8.0 devstack:0.7.0 devstack:0.6.1 devstack:0.6.0 devstack:0.5.0 devstack:0.4.0 devstack:0.3.0 devstack:0.2.0 devstack:0.1.0 devstack:0.1.0-beta.43 devstack:0.1.0-beta.42 devstack:0.1.0-beta.41 devstack:0.1.0-beta.40 devstack:0.1.0-beta.38 devstack:0.1.0-beta.37 devstack:0.1.0-beta.36 devstack:0.1.0-beta.35 devstack:0.1.0-beta.34 devstack:0.1.0-beta.33 devstack:0.1.0-beta.32 devstack:0.1.0-beta.31 devstack:0.1.0-beta.30 devstack:0.1.0-beta.29 devstack:0.1.0-beta.28 devstack:0.1.0-beta.27 devstack:0.1.0-beta.26 devstack:0.1.0-beta.25 devstack:0.1.0-beta.24 devstack:0.1.0-beta.23 devstack:0.1.0-beta.22 devstack:0.1.0-beta.21 devstack:0.1.0-beta.20 devstack:0.1.0-beta.19 devstack:0.1.0-beta.18 devstack:0.1.0-beta.17 devstack:0.1.0-beta.16 devstack:0.1.0-alpha31 devstack:0.1.0-alpha30 devstack:0.1.0-alpha29 devstack:0.1.0-alpha28 devstack:0.1.0-alpha27 devstack:0.1.0-alpha26 devstack:0.1.0-alpha25 devstack:0.1.0-alpha24 devstack:0.1.0-alpha23 devstack:0.1.0-alpha22 devstack:0.1.0-alpha21 devstack:0.1.0-alpha20 devstack:0.1.0-alpha19 devstack:0.1.0-alpha18 devstack:0.1.0-alpha17 devstack:0.1.0-alpha16 devstack:0.1.0-alpha15 devstack:0.1.0-alpha14 devstack:0.1.0-alpha13 devstack:0.1.0-alpha12 devstack:0.1.0-alpha11 devstack:0.1.0-alpha10 devstack:0.1.0-alpha9 devstack:0.1.0-alpha8 devstack:0.1.0-alpha7 devstack:0.1.0-alpha6 devstack:0.1.0-alpha5 devstack:0.1.0-alpha4 devstack:0.1.0-alpha3 devstack:0.1.0-alpha2 devstack:0.1.0-alpha1

54 Commits
0.21.0 ... 0.24.0

Author SHA1 Message Date
Lakhan Samani
d1e1e287db Merge pull request #174 from authorizerdev/fix/memory-store 
fix: replica cache consistency
 2022-06-01 23:47:55 +05:30
Lakhan Samani
a7f04f8754 fix: fix mutex for testing purpose 2022-05-31 15:06:53 +05:30
Lakhan Samani
69b56c9912 fix: disable mutex for testing purpose 2022-05-31 15:00:11 +05:30
Lakhan Samani
98015708a2 fix: bool flag for redis 2022-05-31 13:27:43 +05:30
Lakhan Samani
1b5a7b8fb0 fix: don't allow redis disabling from dashboard 2022-05-31 13:26:03 +05:30
Lakhan Samani
8b9bcdfdbe fix: message 2022-05-31 13:24:24 +05:30
Lakhan Samani
ba429da05f fix: env query 2022-05-31 13:18:42 +05:30
Lakhan Samani
7c7bb42003 fix: message 2022-05-31 13:14:08 +05:30
Lakhan Samani
eeff88c853 fix: env saving 2022-05-31 13:11:54 +05:30
Lakhan Samani
cf8762b7a0 fix: slice envs 2022-05-31 08:14:03 +05:30
Lakhan Samani
c61c3024ec fix: upgrade tests 2022-05-30 12:47:50 +05:30
Lakhan Samani
7e3bd6a721 fix: import cycle issues 2022-05-30 11:54:16 +05:30
Lakhan Samani
1146468a03 fix: memory store upgrade in token helpers 2022-05-30 11:00:00 +05:30
Lakhan Samani
268b22ffb2 fix: memory store upgrade in resolvers 2022-05-30 09:19:55 +05:30
Lakhan Samani
43359f1dba fix: update store method till handlers 2022-05-29 17:22:46 +05:30
Lakhan Samani
1941cf4299 fix: move sessionstore -> memstore 2022-05-27 23:20:38 +05:30
Lakhan Samani
7b13034081 fix: dashboard 2022-05-25 16:34:54 +05:30
Lakhan Samani
7c16900618 Merge pull request #168 from anik-ghosh-au7/fix/app-routes 
update: separate routes for login and signup added
 2022-05-25 16:07:15 +05:30
Lakhan Samani
d722fe258d Merge pull request #173 from authorizerdev/feat/logging 
feat: add logging system
 2022-05-25 15:07:28 +05:30
Lakhan Samani
99dc5ee572 fix: remove unused code 2022-05-25 15:05:51 +05:30
Lakhan Samani
8bee421d0a feat: add flag for log level 2022-05-25 15:04:26 +05:30
Lakhan Samani
714b79e4ab fix: format logs 2022-05-25 12:30:22 +05:30
Lakhan Samani
d886d780b4 fix: replace all logs 2022-05-24 12:50:33 +05:30
Lakhan Samani
d7bb10fd21 feat: add loggging to all resolvers 2022-05-24 12:42:29 +05:30
Lakhan Samani
f5515bec28 fix: merge conflict 2022-05-23 11:54:46 +05:30
Lakhan Samani
b35d86fd40 feat: add logs for http handlers 2022-05-23 11:52:51 +05:30
anik-ghosh-au7
a638f02014 update: seperate routes for login and signup added 2022-05-18 20:04:29 +05:30
Lakhan Samani
2c4bc9adb6 Merge pull request #161 from akash-dutta-au7/fix/env-page-new 
Update Dashboard UI
 2022-05-15 17:11:13 +05:30
Lakhan Samani
5884802e60 Merge pull request #166 from Vicg853/fix/role-update 
Fix/role update
 2022-05-15 17:04:42 +05:30
Vicg853
241f977b2a Fixing related files 2022-05-14 23:21:45 -03:00
anik-ghosh-au7
ed855a274a fix: app style remove unnecessary code 2022-05-14 20:20:21 +05:30
Vicg853
049ea64475 Merge branch 'main' of github.com:Vicg853/authorizer into fix/role-update 2022-05-14 05:07:13 -03:00
Vicg853
5e4f34c889 Fixing login isValidRole usage 2022-05-14 04:37:36 -03:00
Lakhan Samani
ab717d956a fix: update role test 2022-05-13 07:49:45 +05:30
Lakhan Samani
6209c4d506 Merge pull request #165 from Vicg853/fix/role-update 
Unable to update user role fix
 2022-05-13 07:38:45 +05:30
Lakhan Samani
2bc4c74930 fix: remove old logs 2022-05-13 07:28:31 +05:30
Vicg853
1efa419cdf Clean up 2022-05-12 16:43:07 -03:00
Vicg853
4ceb6db4ba Adding possible test error cause comment 2022-05-12 16:40:49 -03:00
Vicg853
9edc8d0fb5 Inverted userRoles by role fix. Roles can now be updated 2022-05-12 16:40:19 -03:00
Lakhan Samani
da0fcb109b feat: setup logours for logging 2022-05-13 00:47:01 +05:30
akash.dutta
3e51a7bd01 login page vertically responsive 2022-05-12 17:06:18 +05:30
akash.dutta
28bed69b2e login page vertically responsive 2022-05-12 15:10:24 +05:30
anik-ghosh-au7
0433d64737 fix: dom nesting bugs 2022-05-12 12:27:25 +05:30
Lakhan Samani
773213e5a4 fix: clean test data 2022-05-11 20:25:57 +05:30
akash.dutta
de44c40de5 login page fixed 2022-05-09 15:46:42 +05:30
akash.dutta
a7fa988bf0 tooltiip added to Invite member button 2022-05-08 12:48:26 +05:30
akash.dutta
538a2d0b59 tooltiip added to Invite member button 2022-05-08 12:43:52 +05:30
akash.dutta
f519f0eb0e tooltiip added to Invite member button 2022-05-08 09:35:50 +05:30
akash.dutta
d5ad4a6e55 blue border on navlink removed 2022-05-07 22:34:26 +05:30
akash.dutta
d9b49ca932 login page responsive 2022-05-07 22:18:04 +05:30
akash.dutta
7c5aab7bf3 all components updated, uncontrolled input error handled 2022-05-07 22:10:29 +05:30
akash.dutta
c783e101d5 test-pull req 2022-05-03 19:53:21 +05:30
akash.dutta
ebccfb18cd test-pull req 2022-05-03 19:50:01 +05:30
Lakhan Samani
b7aeff57af fixes #160 2022-04-30 12:45:08 +05:30
174 changed files with 5306 additions and 2729 deletions
Expand all files Collapse all files

1
.env.sample
View File

@@ -1,3 +1,4 @@
ENV=production
DATABASE_URL=data.db DATABASE_URL=data.db
DATABASE_TYPE=sqlite DATABASE_TYPE=sqlite
CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}" CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}"

9
.env.test Normal file
View File

@@ -0,0 +1,9 @@
ENV=test
DATABASE_URL=test.db
DATABASE_TYPE=sqlite
CUSTOM_ACCESS_TOKEN_SCRIPT="function(user,tokenPayload){var data = tokenPayload;data.extra = {'x-extra-id': user.id};return data;}"
SMTP_HOST=smtp.mailtrap.io
SMTP_PORT=2525
SMTP_USERNAME=test
SMTP_PASSWORD=test
SENDER_EMAIL="info@authorizer.dev"

1
.gitignore vendored
View File

@@ -8,6 +8,7 @@ dashboard/build
build build
.env .env
data.db data.db
test.db
.DS_Store .DS_Store
.env.local .env.local
*.tar.gz *.tar.gz

2
Makefile
View File

@@ -10,7 +10,7 @@ build-dashboard:
clean: clean:
rm -rf build rm -rf build
test: test:
cd server && go clean --testcache && go test -v ./test rm -rf server/test/test.db && rm -rf test.db && cd server && go clean --testcache && go test -p 1 -v ./test
generate: generate:
cd server && go get github.com/99designs/gqlgen/cmd@v0.14.0 && go run github.com/99designs/gqlgen generate cd server && go get github.com/99designs/gqlgen/cmd@v0.14.0 && go run github.com/99designs/gqlgen generate

46
app/package-lock.json generated
View File

@@ -17,10 +17,12 @@
"react-dom": "^17.0.2", "react-dom": "^17.0.2",
"react-is": "^17.0.2", "react-is": "^17.0.2",
"react-router-dom": "^5.2.0", "react-router-dom": "^5.2.0",
"styled-components": "^5.3.0",
"typescript": "^4.3.5" "typescript": "^4.3.5"
}, },
"devDependencies": { "devDependencies": {
"@types/react-router-dom": "^5.1.8" "@types/react-router-dom": "^5.1.8",
"@types/styled-components": "^5.1.11"
} }
}, },
"node_modules/@authorizerdev/authorizer-js": { "node_modules/@authorizerdev/authorizer-js": {
@@ -271,6 +273,16 @@
"integrity": "sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ==", "integrity": "sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ==",
"dev": true "dev": true
}, },
"node_modules/@types/hoist-non-react-statics": {
"version": "3.3.1",
"resolved": "https://registry.npmjs.org/@types/hoist-non-react-statics/-/hoist-non-react-statics-3.3.1.tgz",
"integrity": "sha512-iMIqiko6ooLrTh1joXodJK5X9xeEALT1kM5G3ZLhD3hszxBdIEd5C75U834D9mLcINgD4OyZf5uQXjkuYydWvA==",
"dev": true,
"dependencies": {
"@types/react": "*",
"hoist-non-react-statics": "^3.3.0"
}
},
"node_modules/@types/prop-types": { "node_modules/@types/prop-types": {
"version": "15.7.4", "version": "15.7.4",
"resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz", "resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz",
@@ -320,6 +332,17 @@
"resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz", "resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz",
"integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==" "integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew=="
}, },
"node_modules/@types/styled-components": {
"version": "5.1.25",
"resolved": "https://registry.npmjs.org/@types/styled-components/-/styled-components-5.1.25.tgz",
"integrity": "sha512-fgwl+0Pa8pdkwXRoVPP9JbqF0Ivo9llnmsm+7TCI330kbPIFd9qv1Lrhr37shf4tnxCOSu+/IgqM7uJXLWZZNQ==",
"dev": true,
"dependencies": {
"@types/hoist-non-react-statics": "*",
"@types/react": "*",
"csstype": "^3.0.2"
}
},
"node_modules/ansi-styles": { "node_modules/ansi-styles": {
"version": "3.2.1", "version": "3.2.1",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
@@ -1016,6 +1039,16 @@
"integrity": "sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ==", "integrity": "sha512-MUc6zSmU3tEVnkQ78q0peeEjKWPUADMlC/t++2bI8WnAG2tvYRPIgHG8lWkXwqc8MsUF6Z2MOf+Mh5sazOmhiQ==",
"dev": true "dev": true
}, },
"@types/hoist-non-react-statics": {
"version": "3.3.1",
"resolved": "https://registry.npmjs.org/@types/hoist-non-react-statics/-/hoist-non-react-statics-3.3.1.tgz",
"integrity": "sha512-iMIqiko6ooLrTh1joXodJK5X9xeEALT1kM5G3ZLhD3hszxBdIEd5C75U834D9mLcINgD4OyZf5uQXjkuYydWvA==",
"dev": true,
"requires": {
"@types/react": "*",
"hoist-non-react-statics": "^3.3.0"
}
},
"@types/prop-types": { "@types/prop-types": {
"version": "15.7.4", "version": "15.7.4",
"resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz", "resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz",
@@ -1065,6 +1098,17 @@
"resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz", "resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz",
"integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==" "integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew=="
}, },
"@types/styled-components": {
"version": "5.1.25",
"resolved": "https://registry.npmjs.org/@types/styled-components/-/styled-components-5.1.25.tgz",
"integrity": "sha512-fgwl+0Pa8pdkwXRoVPP9JbqF0Ivo9llnmsm+7TCI330kbPIFd9qv1Lrhr37shf4tnxCOSu+/IgqM7uJXLWZZNQ==",
"dev": true,
"requires": {
"@types/hoist-non-react-statics": "*",
"@types/react": "*",
"csstype": "^3.0.2"
}
},
"ansi-styles": { "ansi-styles": {
"version": "3.2.1", "version": "3.2.1",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",

6
app/package.json
View File

@@ -19,9 +19,11 @@
"react-dom": "^17.0.2", "react-dom": "^17.0.2",
"react-is": "^17.0.2", "react-is": "^17.0.2",
"react-router-dom": "^5.2.0", "react-router-dom": "^5.2.0",
"typescript": "^4.3.5" "typescript": "^4.3.5",
"styled-components": "^5.3.0"
}, },
"devDependencies": { "devDependencies": {
"@types/react-router-dom": "^5.1.8" "@types/react-router-dom": "^5.1.8",
"@types/styled-components": "^5.1.11"
} }
} }

69
app/src/Root.tsx
View File

@@ -1,11 +1,28 @@
import React, { useEffect, lazy, Suspense } from 'react'; import React, { useEffect, lazy, Suspense } from 'react';
import { Switch, Route } from 'react-router-dom'; import { Switch, Route } from 'react-router-dom';
import { useAuthorizer } from '@authorizerdev/authorizer-react'; import { useAuthorizer } from '@authorizerdev/authorizer-react';
import styled, { ThemeProvider } from 'styled-components';
import SetupPassword from './pages/setup-password'; import SetupPassword from './pages/setup-password';
import { hasWindow, createRandomString } from './utils/common';
import { theme } from './theme';
const ResetPassword = lazy(() => import('./pages/rest-password')); const ResetPassword = lazy(() => import('./pages/rest-password'));
const Login = lazy(() => import('./pages/login')); const Login = lazy(() => import('./pages/login'));
const Dashboard = lazy(() => import('./pages/dashboard')); const Dashboard = lazy(() => import('./pages/dashboard'));
const SignUp = lazy(() => import('./pages/signup'));
const Wrapper = styled.div`
font-family: ${(props) => props.theme.fonts.fontStack};
color: ${(props) => props.theme.colors.textColor};
font-size: ${(props) => props.theme.fonts.mediumText};
box-sizing: border-box;
*,
*:before,
*:after {
box-sizing: inherit;
}
`;
export default function Root({ export default function Root({
globalState, globalState,
@@ -14,6 +31,29 @@ export default function Root({
}) { }) {
const { token, loading, config } = useAuthorizer(); const { token, loading, config } = useAuthorizer();
const searchParams = new URLSearchParams(
hasWindow() ? window.location.search : ``
);
const state = searchParams.get('state') || createRandomString();
const scope = searchParams.get('scope')
? searchParams.get('scope')?.toString().split(' ')
: ['openid', 'profile', 'email'];
const urlProps: Record<string, any> = {
state,
scope,
};
const redirectURL =
searchParams.get('redirect_uri') || searchParams.get('redirectURL');
if (redirectURL) {
urlProps.redirectURL = redirectURL;
} else {
urlProps.redirectURL = hasWindow() ? window.location.origin : redirectURL;
}
urlProps.redirect_uri = urlProps.redirectURL;
useEffect(() => { useEffect(() => {
if (token) { if (token) {
let redirectURL = config.redirectURL || '/app'; let redirectURL = config.redirectURL || '/app';
@@ -54,17 +94,24 @@ export default function Root({
return ( return (
<Suspense fallback={<></>}> <Suspense fallback={<></>}>
<Switch> <ThemeProvider theme={theme}>
<Route path="/app" exact> <Wrapper>
<Login /> <Switch>
</Route> <Route path="/app" exact>
<Route path="/app/reset-password"> <Login urlProps={urlProps} />
<ResetPassword /> </Route>
</Route> <Route path="/app/signup" exact>
<Route path="/app/setup-password"> <SignUp urlProps={urlProps} />
<SetupPassword /> </Route>
</Route> <Route path="/app/reset-password">
</Switch> <ResetPassword />
</Route>
<Route path="/app/setup-password">
<SetupPassword />
</Route>
</Switch>
</Wrapper>
</ThemeProvider>
</Suspense> </Suspense>
); );
} }

80
app/src/pages/login.tsx
View File

@@ -1,10 +1,82 @@
import React, { Fragment } from 'react'; import React, { Fragment, useState } from 'react';
import { Authorizer } from '@authorizerdev/authorizer-react'; import {
AuthorizerBasicAuthLogin,
AuthorizerForgotPassword,
AuthorizerMagicLinkLogin,
AuthorizerSocialLogin,
useAuthorizer,
} from '@authorizerdev/authorizer-react';
import styled from 'styled-components';
import { Link } from 'react-router-dom';
export default function Login() { const enum VIEW_TYPES {
LOGIN = 'login',
FORGOT_PASSWORD = 'forgot-password',
}
const Footer = styled.div`
display: flex;
flex-direction: column;
justify-content: center;
align-items: center;
margin-top: 15px;
`;
const FooterContent = styled.div`
display: flex;
justify-content: center;
align-items: center;
margin-top: 10px;
`;
export default function Login({ urlProps }: { urlProps: Record<string, any> }) {
const { config } = useAuthorizer();
const [view, setView] = useState<VIEW_TYPES>(VIEW_TYPES.LOGIN);
return ( return (
<Fragment> <Fragment>
<Authorizer /> {view === VIEW_TYPES.LOGIN && (
<Fragment>
<h1 style={{ textAlign: 'center' }}>Login</h1>
<br />
<AuthorizerSocialLogin urlProps={urlProps} />
{config.is_basic_authentication_enabled &&
!config.is_magic_link_login_enabled && (
<AuthorizerBasicAuthLogin urlProps={urlProps} />
)}
{config.is_magic_link_login_enabled && (
<AuthorizerMagicLinkLogin urlProps={urlProps} />
)}
<Footer>
<Link
to="#"
onClick={() => setView(VIEW_TYPES.FORGOT_PASSWORD)}
style={{ marginBottom: 10 }}
>
Forgot Password?
</Link>
</Footer>
</Fragment>
)}
{view === VIEW_TYPES.FORGOT_PASSWORD && (
<Fragment>
<h1 style={{ textAlign: 'center' }}>Forgot Password</h1>
<AuthorizerForgotPassword urlProps={urlProps} />
<Footer>
<Link
to="#"
onClick={() => setView(VIEW_TYPES.LOGIN)}
style={{ marginBottom: 10 }}
>
Back
</Link>
</Footer>
</Fragment>
)}
{config.is_sign_up_enabled && (
<FooterContent>
Don't have an account? <Link to="/app/signup"> Sign Up</Link>
</FooterContent>
)}
</Fragment> </Fragment>
); );
} }

28
app/src/pages/signup.tsx Normal file
View File

@@ -0,0 +1,28 @@
import React, { Fragment } from 'react';
import { AuthorizerSignup } from '@authorizerdev/authorizer-react';
import styled from 'styled-components';
import { Link } from 'react-router-dom';
const FooterContent = styled.div`
display: flex;
justify-content: center;
align-items: center;
margin-top: 20px;
`;
export default function SignUp({
urlProps,
}: {
urlProps: Record<string, any>;
}) {
return (
<Fragment>
<h1 style={{ textAlign: 'center' }}>Sign Up</h1>
<br />
<AuthorizerSignup urlProps={urlProps} />
<FooterContent>
Already have an account? <Link to="/app"> Login</Link>
</FooterContent>
</Fragment>
);
}

28
app/src/theme.ts Normal file
View File

@@ -0,0 +1,28 @@
// colors: https://tailwindcss.com/docs/customizing-colors
export const theme = {
colors: {
primary: '#3B82F6',
primaryDisabled: '#60A5FA',
gray: '#D1D5DB',
danger: '#DC2626',
success: '#10B981',
textColor: '#374151',
},
fonts: {
// typography
fontStack: '-apple-system, system-ui, sans-serif',
// font sizes
largeText: '18px',
mediumText: '14px',
smallText: '12px',
tinyText: '10px',
},
radius: {
card: '5px',
button: '5px',
input: '5px',
},
};

2
app/src/utils/common.ts
View File

@@ -20,3 +20,5 @@ export const createQueryParams = (params: any) => {
.map((k) => encodeURIComponent(k) + '=' + encodeURIComponent(params[k])) .map((k) => encodeURIComponent(k) + '=' + encodeURIComponent(params[k]))
.join('&'); .join('&');
}; };
export const hasWindow = (): boolean => typeof window !== 'undefined';

34
dashboard/package-lock.json generated
View File

@@ -10,6 +10,7 @@
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"@chakra-ui/react": "^1.7.3", "@chakra-ui/react": "^1.7.3",
"@emotion/core": "^11.0.0",
"@emotion/react": "^11.7.1", "@emotion/react": "^11.7.1",
"@emotion/styled": "^11.6.0", "@emotion/styled": "^11.6.0",
"@types/react": "^17.0.38", "@types/react": "^17.0.38",
@@ -17,6 +18,7 @@
"@types/react-router-dom": "^5.3.2", "@types/react-router-dom": "^5.3.2",
"dayjs": "^1.10.7", "dayjs": "^1.10.7",
"esbuild": "^0.14.9", "esbuild": "^0.14.9",
"focus-visible": "^5.2.0",
"framer-motion": "^5.5.5", "framer-motion": "^5.5.5",
"graphql": "^16.2.0", "graphql": "^16.2.0",
"lodash": "^4.17.21", "lodash": "^4.17.21",
@@ -978,6 +980,11 @@
"stylis": "4.0.13" "stylis": "4.0.13"
} }
}, },
"node_modules/@emotion/core": {
"version": "11.0.0",
"resolved": "https://registry.npmjs.org/@emotion/core/-/core-11.0.0.tgz",
"integrity": "sha512-w4sE3AmHmyG6RDKf6mIbtHpgJUSJ2uGvPQb8VXFL7hFjMPibE8IiehG8cMX3Ztm4svfCQV6KqusQbeIOkurBcA=="
},
"node_modules/@emotion/hash": { "node_modules/@emotion/hash": {
"version": "0.8.0", "version": "0.8.0",
"resolved": "https://registry.npmjs.org/@emotion/hash/-/hash-0.8.0.tgz", "resolved": "https://registry.npmjs.org/@emotion/hash/-/hash-0.8.0.tgz",
@@ -1667,6 +1674,11 @@
"node": ">=10" "node": ">=10"
} }
}, },
"node_modules/focus-visible": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/focus-visible/-/focus-visible-5.2.0.tgz",
"integrity": "sha512-Rwix9pBtC1Nuy5wysTmKy+UjbDJpIfg8eHjw0rjZ1mX4GNLz1Bmd16uDpI3Gk1i70Fgcs8Csg2lPm8HULFg9DQ=="
},
"node_modules/framer-motion": { "node_modules/framer-motion": {
"version": "5.5.5", "version": "5.5.5",
"resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-5.5.5.tgz", "resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-5.5.5.tgz",
@@ -2517,8 +2529,7 @@
"@chakra-ui/css-reset": { "@chakra-ui/css-reset": {
"version": "1.1.1", "version": "1.1.1",
"resolved": "https://registry.npmjs.org/@chakra-ui/css-reset/-/css-reset-1.1.1.tgz", "resolved": "https://registry.npmjs.org/@chakra-ui/css-reset/-/css-reset-1.1.1.tgz",
"integrity": "sha512-+KNNHL4OWqeKia5SL858K3Qbd8WxMij9mWIilBzLD4j2KFrl/+aWFw8syMKth3NmgIibrjsljo+PU3fy2o50dg==", "integrity": "sha512-+KNNHL4OWqeKia5SL858K3Qbd8WxMij9mWIilBzLD4j2KFrl/+aWFw8syMKth3NmgIibrjsljo+PU3fy2o50dg=="
"requires": {}
}, },
"@chakra-ui/descendant": { "@chakra-ui/descendant": {
"version": "2.1.1", "version": "2.1.1",
@@ -3038,6 +3049,11 @@
"stylis": "4.0.13" "stylis": "4.0.13"
} }
}, },
"@emotion/core": {
"version": "11.0.0",
"resolved": "https://registry.npmjs.org/@emotion/core/-/core-11.0.0.tgz",
"integrity": "sha512-w4sE3AmHmyG6RDKf6mIbtHpgJUSJ2uGvPQb8VXFL7hFjMPibE8IiehG8cMX3Ztm4svfCQV6KqusQbeIOkurBcA=="
},
"@emotion/hash": { "@emotion/hash": {
"version": "0.8.0", "version": "0.8.0",
"resolved": "https://registry.npmjs.org/@emotion/hash/-/hash-0.8.0.tgz", "resolved": "https://registry.npmjs.org/@emotion/hash/-/hash-0.8.0.tgz",
@@ -3117,8 +3133,7 @@
"@graphql-typed-document-node/core": { "@graphql-typed-document-node/core": {
"version": "3.1.1", "version": "3.1.1",
"resolved": "https://registry.npmjs.org/@graphql-typed-document-node/core/-/core-3.1.1.tgz", "resolved": "https://registry.npmjs.org/@graphql-typed-document-node/core/-/core-3.1.1.tgz",
"integrity": "sha512-NQ17ii0rK1b34VZonlmT2QMJFI70m0TRwbknO/ihlbatXyaktDhN/98vBiUU6kNBPljqGqyIrl2T4nY2RpFANg==", "integrity": "sha512-NQ17ii0rK1b34VZonlmT2QMJFI70m0TRwbknO/ihlbatXyaktDhN/98vBiUU6kNBPljqGqyIrl2T4nY2RpFANg=="
"requires": {}
}, },
"@popperjs/core": { "@popperjs/core": {
"version": "2.11.0", "version": "2.11.0",
@@ -3540,6 +3555,11 @@
"tslib": "^2.0.3" "tslib": "^2.0.3"
} }
}, },
"focus-visible": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/focus-visible/-/focus-visible-5.2.0.tgz",
"integrity": "sha512-Rwix9pBtC1Nuy5wysTmKy+UjbDJpIfg8eHjw0rjZ1mX4GNLz1Bmd16uDpI3Gk1i70Fgcs8Csg2lPm8HULFg9DQ=="
},
"framer-motion": { "framer-motion": {
"version": "5.5.5", "version": "5.5.5",
"resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-5.5.5.tgz", "resolved": "https://registry.npmjs.org/framer-motion/-/framer-motion-5.5.5.tgz",
@@ -3823,8 +3843,7 @@
"react-icons": { "react-icons": {
"version": "4.3.1", "version": "4.3.1",
"resolved": "https://registry.npmjs.org/react-icons/-/react-icons-4.3.1.tgz", "resolved": "https://registry.npmjs.org/react-icons/-/react-icons-4.3.1.tgz",
"integrity": "sha512-cB10MXLTs3gVuXimblAdI71jrJx8njrJZmNMEMC+sQu5B/BIOmlsAjskdqpn81y8UBVEGuHODd7/ci5DvoSzTQ==", "integrity": "sha512-cB10MXLTs3gVuXimblAdI71jrJx8njrJZmNMEMC+sQu5B/BIOmlsAjskdqpn81y8UBVEGuHODd7/ci5DvoSzTQ=="
"requires": {}
}, },
"react-is": { "react-is": {
"version": "16.13.1", "version": "16.13.1",
@@ -4010,8 +4029,7 @@
"use-callback-ref": { "use-callback-ref": {
"version": "1.2.5", "version": "1.2.5",
"resolved": "https://registry.npmjs.org/use-callback-ref/-/use-callback-ref-1.2.5.tgz", "resolved": "https://registry.npmjs.org/use-callback-ref/-/use-callback-ref-1.2.5.tgz",
"integrity": "sha512-gN3vgMISAgacF7sqsLPByqoePooY3n2emTH59Ur5d/M8eg4WTWu1xp8i8DHjohftIyEx0S08RiYxbffr4j8Peg==", "integrity": "sha512-gN3vgMISAgacF7sqsLPByqoePooY3n2emTH59Ur5d/M8eg4WTWu1xp8i8DHjohftIyEx0S08RiYxbffr4j8Peg=="
"requires": {}
}, },
"use-sidecar": { "use-sidecar": {
"version": "1.0.5", "version": "1.0.5",

2
dashboard/package.json
View File

@@ -12,6 +12,7 @@
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"@chakra-ui/react": "^1.7.3", "@chakra-ui/react": "^1.7.3",
"@emotion/core": "^11.0.0",
"@emotion/react": "^11.7.1", "@emotion/react": "^11.7.1",
"@emotion/styled": "^11.6.0", "@emotion/styled": "^11.6.0",
"@types/react": "^17.0.38", "@types/react": "^17.0.38",
@@ -19,6 +20,7 @@
"@types/react-router-dom": "^5.3.2", "@types/react-router-dom": "^5.3.2",
"dayjs": "^1.10.7", "dayjs": "^1.10.7",
"esbuild": "^0.14.9", "esbuild": "^0.14.9",
"focus-visible": "^5.2.0",
"framer-motion": "^5.5.5", "framer-motion": "^5.5.5",
"graphql": "^16.2.0", "graphql": "^16.2.0",
"lodash": "^4.17.21", "lodash": "^4.17.21",

23
dashboard/src/App.tsx
View File

@@ -1,4 +1,5 @@
import * as React from 'react'; import * as React from 'react';
import { Fragment } from 'react';
import { ChakraProvider, extendTheme } from '@chakra-ui/react'; import { ChakraProvider, extendTheme } from '@chakra-ui/react';
import { BrowserRouter } from 'react-router-dom'; import { BrowserRouter } from 'react-router-dom';
import { createClient, Provider } from 'urql'; import { createClient, Provider } from 'urql';
@@ -22,8 +23,8 @@ const theme = extendTheme({
styles: { styles: {
global: { global: {
'html, body, #root': { 'html, body, #root': {
fontFamily: 'Avenir, Helvetica, Arial, sans-serif',
height: '100%', height: '100%',
outline: 'none',
}, },
}, },
}, },
@@ -36,14 +37,16 @@ const theme = extendTheme({
export default function App() { export default function App() {
return ( return (
<ChakraProvider theme={theme}> <Fragment>
<Provider value={queryClient}> <ChakraProvider theme={theme}>
<BrowserRouter basename="/dashboard"> <Provider value={queryClient}>
<AuthContextProvider> <BrowserRouter basename="/dashboard">
<AppRoutes /> <AuthContextProvider>
</AuthContextProvider> <AppRoutes />
</BrowserRouter> </AuthContextProvider>
</Provider> </BrowserRouter>
</ChakraProvider> </Provider>
</ChakraProvider>
</Fragment>
); );
} }

65
dashboard/src/components/EnvComponents/AccessToken.tsx Normal file
View File

@@ -0,0 +1,65 @@
import React from "react";
import { Flex, Stack, Text, useMediaQuery } from "@chakra-ui/react";
import InputField from "../../components/InputField";
import { TextInputType, TextAreaInputType } from "../../constants";
const AccessToken = ({ variables, setVariables }: any) => {
const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
return (
<div>
{" "}
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
Access Token
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex
w={isNotSmallerScreen ? "30%" : "50%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">Access Token Expiry Time:</Text>
</Flex>
<Flex
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.ACCESS_TOKEN_EXPIRY_TIME}
placeholder="0h15m0s"
/>
</Flex>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex
w={isNotSmallerScreen ? "30%" : "60%"}
justifyContent="start"
direction="column"
>
<Text fontSize="sm">Custom Scripts:</Text>
<Text fontSize="xs" color="blackAlpha.500">
(Used to add custom fields in ID token)
</Text>
</Flex>
<Flex
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
variables={variables}
setVariables={setVariables}
inputType={TextAreaInputType.CUSTOM_ACCESS_TOKEN_SCRIPT}
placeholder="Add script here"
minH="25vh"
/>
</Flex>
</Flex>
</Stack>
</div>
);
};
export default AccessToken;

89
dashboard/src/components/EnvComponents/DatabaseCredentials.tsx Normal file
View File

@@ -0,0 +1,89 @@
import React from 'react';
import { Flex, Stack, Center, Text, useMediaQuery } from '@chakra-ui/react';
import InputField from '../../components/InputField';
import { TextInputType } from '../../constants';
const DatabaseCredentials = ({ variables, setVariables }: any) => {
const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
return (
<div>
{' '}
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Database Credentials
</Text>
<Stack spacing={6} padding="3% 0">
<Text fontStyle="italic" fontSize="sm" color="blackAlpha.500" mt={3}>
Note: Database related environment variables cannot be updated from
dashboard. Please use .env file or OS environment variables to update
it.
</Text>
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Flex
w={isNotSmallerScreen ? '30%' : '40%'}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">DataBase Name:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.DATABASE_NAME}
isDisabled={true}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Flex
w={isNotSmallerScreen ? '30%' : '40%'}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">DataBase Type:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.DATABASE_TYPE}
isDisabled={true}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Flex
w={isNotSmallerScreen ? '30%' : '40%'}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">DataBase URL:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.DATABASE_URL}
isDisabled={true}
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default DatabaseCredentials;

35
dashboard/src/components/EnvComponents/DomainWhitelisting.tsx Normal file
View File

@@ -0,0 +1,35 @@
import React from "react";
import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
import InputField from "../../components/InputField";
import { ArrayInputType} from "../../constants";
const DomainWhiteListing = ({ variables, setVariables }: any) => {
const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
return (
<div>
{" "}
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
Domain White Listing
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Allowed Origins:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
variables={variables}
setVariables={setVariables}
inputType={ArrayInputType.ALLOWED_ORIGINS}
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default DomainWhiteListing;

114
dashboard/src/components/EnvComponents/EmailConfiguration.tsx Normal file
View File

@@ -0,0 +1,114 @@
import React from "react";
import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
import InputField from "../../components/InputField";
import { TextInputType, HiddenInputType} from "../../constants";
const EmailConfigurations = ({
variables,
setVariables,
fieldVisibility,
setFieldVisibility,
}: any) => {
const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
return (
<div>
{" "}
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
Email Configurations
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">SMTP Host:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.SMTP_HOST}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">SMTP Port:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.SMTP_PORT}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex
w={isNotSmallerScreen ? "30%" : "40%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">SMTP Username:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.SMTP_USERNAME}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex
w={isNotSmallerScreen ? "30%" : "40%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">SMTP Password:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.SMTP_PASSWORD}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">From Email:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.SENDER_EMAIL}
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default EmailConfigurations;

79
dashboard/src/components/EnvComponents/Features.tsx Normal file
View File

@@ -0,0 +1,79 @@
import React from 'react';
import { Flex, Stack, Text } from '@chakra-ui/react';
import InputField from '../InputField';
import { SwitchInputType } from '../../constants';
const Features = ({ variables, setVariables }: any) => {
return (
<div>
{' '}
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
Disable Features
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="100%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Login Page:</Text>
</Flex>
<Flex justifyContent="start">
<InputField
variables={variables}
setVariables={setVariables}
inputType={SwitchInputType.DISABLE_LOGIN_PAGE}
/>
</Flex>
</Flex>
<Flex>
<Flex w="100%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Email Verification:</Text>
</Flex>
<Flex justifyContent="start">
<InputField
variables={variables}
setVariables={setVariables}
inputType={SwitchInputType.DISABLE_EMAIL_VERIFICATION}
/>
</Flex>
</Flex>
<Flex>
<Flex w="100%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Magic Login Link:</Text>
</Flex>
<Flex justifyContent="start">
<InputField
variables={variables}
setVariables={setVariables}
inputType={SwitchInputType.DISABLE_MAGIC_LINK_LOGIN}
/>
</Flex>
</Flex>
<Flex>
<Flex w="100%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Basic Authentication:</Text>
</Flex>
<Flex justifyContent="start">
<InputField
variables={variables}
setVariables={setVariables}
inputType={SwitchInputType.DISABLE_BASIC_AUTHENTICATION}
/>
</Flex>
</Flex>
<Flex>
<Flex w="100%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Sign Up:</Text>
</Flex>
<Flex justifyContent="start" mb={3}>
<InputField
variables={variables}
setVariables={setVariables}
inputType={SwitchInputType.DISABLE_SIGN_UP}
/>
</Flex>
</Flex>
</Stack>
</div>
);
};
export default Features;

154
dashboard/src/components/EnvComponents/JWTConfiguration.tsx Normal file
View File

@@ -0,0 +1,154 @@
import React from "react";
import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
import {
HiddenInputType,
TextInputType,
TextAreaInputType,
} from "../../constants";
import GenerateKeysModal from "../GenerateKeysModal";
import InputField from "../InputField";
const JSTConfigurations = ({
variables,
setVariables,
fieldVisibility,
setFieldVisibility,
SelectInputType,
getData,
HMACEncryptionType,
RSAEncryptionType,
ECDSAEncryptionType,
}: any) => {
const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
return (
<div>
{" "}
<Flex
borderRadius={5}
width="100%"
justifyContent="space-between"
alignItems="center"
paddingTop="2%"
>
<Text
fontSize={isNotSmallerScreen ? "md" : "sm"}
fontWeight="bold"
mb={5}
>
JWT (JSON Web Tokens) Configurations
</Text>
<Flex mb={7}>
<GenerateKeysModal jwtType={variables.JWT_TYPE} getData={getData} />
</Flex>
</Flex>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">JWT Type:</Text>
</Flex>
<Flex
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={SelectInputType}
value={SelectInputType}
options={{
...HMACEncryptionType,
...RSAEncryptionType,
...ECDSAEncryptionType,
}}
/>
</Flex>
</Flex>
{Object.values(HMACEncryptionType).includes(variables.JWT_TYPE) ? (
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">JWT Secret</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.JWT_SECRET}
/>
</Center>
</Flex>
) : (
<>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Public Key</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextAreaInputType.JWT_PUBLIC_KEY}
placeholder="Add public key here"
minH="25vh"
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Private Key</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextAreaInputType.JWT_PRIVATE_KEY}
placeholder="Add private key here"
minH="25vh"
/>
</Center>
</Flex>
</>
)}
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex
w={isNotSmallerScreen ? "30%" : "40%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm" orientation="vertical">
JWT Role Claim:
</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.JWT_ROLE_CLAIM}
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default JSTConfigurations;

191
dashboard/src/components/EnvComponents/OAuthConfig.tsx Normal file
View File

@@ -0,0 +1,191 @@
import React from 'react';
import InputField from '../InputField';
import {
Flex,
Stack,
Center,
Text,
Box,
Divider,
useMediaQuery,
} from '@chakra-ui/react';
import { FaGoogle, FaGithub, FaFacebookF } from 'react-icons/fa';
import { TextInputType, HiddenInputType } from '../../constants';
const OAuthConfig = ({
envVariables,
setVariables,
fieldVisibility,
setFieldVisibility,
}: any) => {
const [isNotSmallerScreen] = useMediaQuery('(min-width:667px)');
return (
<div>
<Box>
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={6}>
Authorizer Config
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Client ID</Text>
</Flex>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
variables={envVariables}
setVariables={() => {}}
inputType={TextInputType.CLIENT_ID}
placeholder="Client ID"
readOnly={true}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Client Secret</Text>
</Flex>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
variables={envVariables}
setVariables={setVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.CLIENT_SECRET}
placeholder="Client Secret"
readOnly={true}
/>
</Center>
</Flex>
</Stack>
<Divider mt={5} mb={2} color="blackAlpha.700" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={4}>
Social Media Logins
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Center
w={isNotSmallerScreen ? '55px' : '35px'}
h="35px"
marginRight="1.5%"
border="1px solid #ff3e30"
borderRadius="5px"
>
<FaGoogle style={{ color: '#ff3e30' }} />
</Center>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
marginRight="1.5%"
>
<InputField
borderRadius={5}
variables={envVariables}
setVariables={setVariables}
inputType={TextInputType.GOOGLE_CLIENT_ID}
placeholder="Google Client ID"
/>
</Center>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
borderRadius={5}
variables={envVariables}
setVariables={setVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.GOOGLE_CLIENT_SECRET}
placeholder="Google Secret"
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Center
w={isNotSmallerScreen ? '55px' : '35px'}
h="35px"
marginRight="1.5%"
border="1px solid #171515"
borderRadius="5px"
>
<FaGithub style={{ color: '#171515' }} />
</Center>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
marginRight="1.5%"
>
<InputField
borderRadius={5}
variables={envVariables}
setVariables={setVariables}
inputType={TextInputType.GITHUB_CLIENT_ID}
placeholder="Github Client ID"
/>
</Center>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
borderRadius={5}
variables={envVariables}
setVariables={setVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.GITHUB_CLIENT_SECRET}
placeholder="Github Secret"
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Center
w={isNotSmallerScreen ? '55px' : '35px'}
h="35px"
marginRight="1.5%"
border="1px solid #3b5998"
borderRadius="5px"
>
<FaFacebookF style={{ color: '#3b5998' }} />
</Center>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
marginRight="1.5%"
>
<InputField
borderRadius={5}
variables={envVariables}
setVariables={setVariables}
inputType={TextInputType.FACEBOOK_CLIENT_ID}
placeholder="Facebook Client ID"
/>
</Center>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
borderRadius={5}
variables={envVariables}
setVariables={setVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.FACEBOOK_CLIENT_SECRET}
placeholder="Facebook Secret"
/>
</Center>
</Flex>
</Stack>
</Box>
</div>
);
};
export default OAuthConfig;

60
dashboard/src/components/EnvComponents/OrganizationInfo.tsx Normal file
View File

@@ -0,0 +1,60 @@
import React from "react";
import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
import InputField from "../InputField";
import { TextInputType } from "../../constants";
const OrganizationInfo = ({ variables, setVariables }: any) => {
const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
return (
<div>
{" "}
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
Organization Information
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex
w={isNotSmallerScreen ? "30%" : "40%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">Organization Name:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.ORGANIZATION_NAME}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex
w={isNotSmallerScreen ? "30%" : "40%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">Organization Logo:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={TextInputType.ORGANIZATION_LOGO}
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default OrganizationInfo;

67
dashboard/src/components/EnvComponents/Roles.tsx Normal file
View File

@@ -0,0 +1,67 @@
import React from "react";
import { Flex, Stack, Center, Text, useMediaQuery } from "@chakra-ui/react";
import { ArrayInputType } from "../../constants";
import InputField from "../InputField";
const Roles = ({ variables, setVariables }: any) => {
const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
return (
<div>
{" "}
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
Roles
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Roles:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
overflow="hidden"
>
<InputField
borderRadius={7}
variables={variables}
setVariables={setVariables}
inputType={ArrayInputType.ROLES}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Default Roles:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
>
<InputField
variables={variables}
setVariables={setVariables}
inputType={ArrayInputType.DEFAULT_ROLES}
/>
</Center>
</Flex>
<Flex direction={isNotSmallerScreen ? "row" : "column"}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Protected Roles:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "2"}
>
<InputField
variables={variables}
setVariables={setVariables}
inputType={ArrayInputType.PROTECTED_ROLES}
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default Roles;

138
dashboard/src/components/EnvComponents/SecurityAdminSecret.tsx Normal file
View File

@@ -0,0 +1,138 @@
import React from "react";
import {
Flex,
Stack,
Center,
Text,
Input,
InputGroup,
InputRightElement,
useMediaQuery,
} from "@chakra-ui/react";
import { FaRegEyeSlash, FaRegEye } from "react-icons/fa";
import InputField from "../InputField";
import { HiddenInputType } from "../../constants";
const SecurityAdminSecret = ({
variables,
setVariables,
fieldVisibility,
setFieldVisibility,
validateAdminSecretHandler,
adminSecret,
}: any) => {
const [isNotSmallerScreen] = useMediaQuery("(min-width:600px)");
return (
<div>
{" "}
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Security (Admin Secret)
</Text>
<Stack
spacing={6}
padding="0 5%"
marginTop="3%"
border="1px solid #ff7875"
borderRadius="5px"
>
<Flex
marginTop={isNotSmallerScreen ? "3%" : "5%"}
direction={isNotSmallerScreen ? "row" : "column"}
>
<Flex
mt={3}
w={isNotSmallerScreen ? "30%" : "40%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">Old Admin Secret:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputGroup size="sm">
<Input
borderRadius={5}
size="sm"
placeholder="Enter Old Admin Secret"
value={adminSecret.value as string}
onChange={(event: any) => validateAdminSecretHandler(event)}
type={
!fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET]
? "password"
: "text"
}
/>
<InputRightElement
right="5px"
children={
<Flex>
{fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET] ? (
<Center
w="25px"
margin="0 1.5%"
cursor="pointer"
onClick={() =>
setFieldVisibility({
...fieldVisibility,
[HiddenInputType.OLD_ADMIN_SECRET]: false,
})
}
>
<FaRegEyeSlash color="#bfbfbf" />
</Center>
) : (
<Center
w="25px"
margin="0 1.5%"
cursor="pointer"
onClick={() =>
setFieldVisibility({
...fieldVisibility,
[HiddenInputType.OLD_ADMIN_SECRET]: true,
})
}
>
<FaRegEye color="#bfbfbf" />
</Center>
)}
</Flex>
}
/>
</InputGroup>
</Center>
</Flex>
<Flex
paddingBottom="3%"
direction={isNotSmallerScreen ? "row" : "column"}
>
<Flex
w={isNotSmallerScreen ? "30%" : "50%"}
justifyContent="start"
alignItems="center"
>
<Text fontSize="sm">New Admin Secret:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? "70%" : "100%"}
mt={isNotSmallerScreen ? "0" : "3"}
>
<InputField
borderRadius={5}
mb={3}
variables={variables}
setVariables={setVariables}
inputType={HiddenInputType.ADMIN_SECRET}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
isDisabled={adminSecret.disableInputField}
placeholder="Enter New Admin Secret"
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default SecurityAdminSecret;

42
dashboard/src/components/EnvComponents/SessionStorage.tsx Normal file
View File

@@ -0,0 +1,42 @@
import React from 'react';
import { Flex, Stack, Center, Text, useMediaQuery } from '@chakra-ui/react';
import InputField from '../InputField';
const SessionStorage = ({ variables, setVariables, RedisURL }: any) => {
const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
return (
<div>
{' '}
<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
Session Storage
</Text>
<Text fontStyle="italic" fontSize="sm" color="blackAlpha.500" mt={3}>
Note: Redis related environment variables cannot be updated from
dashboard. Please use .env file or OS environment variables to update
it.
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex direction={isNotSmallerScreen ? 'row' : 'column'}>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Redis URL:</Text>
</Flex>
<Center
w={isNotSmallerScreen ? '70%' : '100%'}
mt={isNotSmallerScreen ? '0' : '3'}
>
<InputField
disabled
borderRadius={5}
variables={variables}
setVariables={setVariables}
inputType={RedisURL}
placeholder="Redis URL"
/>
</Center>
</Flex>
</Stack>
</div>
);
};
export default SessionStorage;

16
dashboard/src/components/InputField.tsx
View File

@@ -13,6 +13,7 @@ import {
Textarea, Textarea,
Switch, Switch,
Code, Code,
Text,
} from '@chakra-ui/react'; } from '@chakra-ui/react';
import { import {
FaRegClone, FaRegClone,
@@ -116,7 +117,7 @@ const InputField = ({
<InputGroup size="sm"> <InputGroup size="sm">
<Input <Input
{...props} {...props}
value={variables[inputType]} value={variables[inputType] ?? ''}
onChange={( onChange={(
event: Event & { event: Event & {
target: HTMLInputElement; target: HTMLInputElement;
@@ -181,8 +182,9 @@ const InputField = ({
<Flex <Flex
border="1px solid #e2e8f0" border="1px solid #e2e8f0"
w="100%" w="100%"
borderRadius={5}
paddingTop="0.5%" paddingTop="0.5%"
overflowX="scroll" overflowX={variables[inputType].length > 3 ? 'scroll' : 'hidden'}
overflowY="hidden" overflowY="hidden"
justifyContent="start" justifyContent="start"
alignItems="center" alignItems="center"
@@ -220,7 +222,7 @@ const InputField = ({
size="xs" size="xs"
minW="150px" minW="150px"
placeholder="add a new value" placeholder="add a new value"
value={inputData[inputType]} value={inputData[inputType] ?? ''}
onChange={(e: any) => { onChange={(e: any) => {
setInputData({ ...inputData, [inputType]: e.target.value }); setInputData({ ...inputData, [inputType]: e.target.value });
}} }}
@@ -300,7 +302,9 @@ const InputField = ({
if (Object.values(SwitchInputType).includes(inputType)) { if (Object.values(SwitchInputType).includes(inputType)) {
return ( return (
<Flex w="25%" justifyContent="space-between"> <Flex w="25%" justifyContent="space-between">
<Code h="75%">Off</Code> <Text h="75%" fontWeight="bold" marginRight="2">
Off
</Text>
<Switch <Switch
size="md" size="md"
isChecked={variables[inputType]} isChecked={variables[inputType]}
@@ -311,7 +315,9 @@ const InputField = ({
}); });
}} }}
/> />
<Code h="75%">On</Code> <Text h="75%" fontWeight="bold" marginLeft="2">
On
</Text>
</Flex> </Flex>
); );
} }

18
dashboard/src/components/InviteMembersModal.tsx
View File

@@ -22,6 +22,7 @@ import {
InputRightElement, InputRightElement,
Text, Text,
Link, Link,
Tooltip,
} from '@chakra-ui/react'; } from '@chakra-ui/react';
import { useClient } from 'urql'; import { useClient } from 'urql';
import { FaUserPlus, FaMinusCircle, FaPlus, FaUpload } from 'react-icons/fa'; import { FaUserPlus, FaMinusCircle, FaPlus, FaUpload } from 'react-icons/fa';
@@ -186,7 +187,22 @@ const InviteMembersModal = ({
isDisabled={disabled} isDisabled={disabled}
size="sm" size="sm"
> >
<Center h="100%">Invite Members</Center> <Center h="100%">
{disabled ? (
<Tooltip
mr={8}
mt={1}
hasArrow
bg="gray.300"
color="black"
label="Email verification is disabled, refer to 'Features' tab within 'Environment' to enable it."
>
Invite Members
</Tooltip>
) : (
'Invite Members'
)}
</Center>{' '}
</Button> </Button>
<Modal isOpen={isOpen} onClose={closeModalHandler} size="xl"> <Modal isOpen={isOpen} onClose={closeModalHandler} size="xl">
<ModalOverlay /> <ModalOverlay />

217
dashboard/src/components/Menu.tsx
View File

@@ -1,4 +1,4 @@
import React, { ReactNode } from 'react'; import React, { Fragment, ReactNode } from 'react';
import { import {
IconButton, IconButton,
Box, Box,
@@ -17,16 +17,27 @@ import {
MenuButton, MenuButton,
MenuItem, MenuItem,
MenuList, MenuList,
Accordion,
AccordionButton,
AccordionPanel,
AccordionItem,
useMediaQuery,
} from '@chakra-ui/react'; } from '@chakra-ui/react';
import { import {
FiHome, FiUser,
FiCode, FiCode,
FiSettings, FiSettings,
FiMenu, FiMenu,
FiUser,
FiUsers, FiUsers,
FiChevronDown, FiChevronDown,
} from 'react-icons/fi'; } from 'react-icons/fi';
import { BiCustomize } from 'react-icons/bi';
import { AiOutlineKey } from 'react-icons/ai';
import { SiOpenaccess, SiJsonwebtokens } from 'react-icons/si';
import { MdSecurity } from 'react-icons/md';
import { RiDatabase2Line } from 'react-icons/ri';
import { BsCheck2Circle } from 'react-icons/bs';
import { HiOutlineMail, HiOutlineOfficeBuilding } from 'react-icons/hi';
import { IconType } from 'react-icons'; import { IconType } from 'react-icons';
import { ReactText } from 'react'; import { ReactText } from 'react';
import { useMutation, useQuery } from 'urql'; import { useMutation, useQuery } from 'urql';
@@ -35,14 +46,70 @@ import { useAuthContext } from '../contexts/AuthContext';
import { AdminLogout } from '../graphql/mutation'; import { AdminLogout } from '../graphql/mutation';
import { MetaQuery } from '../graphql/queries'; import { MetaQuery } from '../graphql/queries';
interface LinkItemProps { interface SubRoutes {
name: string; name: string;
icon: IconType; icon: IconType;
route: string; route: string;
} }
interface LinkItemProps {
name: string;
icon: IconType;
route: string;
subRoutes?: SubRoutes[];
}
const LinkItems: Array<LinkItemProps> = [ const LinkItems: Array<LinkItemProps> = [
// { name: 'Home', icon: FiHome, route: '/' }, {
{ name: 'Environment Variables', icon: FiSettings, route: '/' }, name: 'Environment ',
icon: FiSettings,
route: '/',
subRoutes: [
{
name: 'OAuth Config',
icon: AiOutlineKey,
route: '/oauth-setting',
},
{ name: 'Roles', icon: FiUser, route: '/roles' },
{
name: 'JWT Secrets',
icon: SiJsonwebtokens,
route: '/jwt-config',
},
{
name: 'Session Storage',
icon: RiDatabase2Line,
route: '/session-storage',
},
{
name: 'Email Configurations',
icon: HiOutlineMail,
route: '/email-config',
},
{
name: 'Domain White Listing',
icon: BsCheck2Circle,
route: '/whitelist-variables',
},
{
name: 'Organization Info',
icon: HiOutlineOfficeBuilding,
route: '/organization-info',
},
{ name: 'Access Token', icon: SiOpenaccess, route: '/access-token' },
{
name: 'Features',
icon: BiCustomize,
route: '/features',
},
{ name: 'Database', icon: RiDatabase2Line, route: '/db-cred' },
{
name: ' Security',
icon: MdSecurity,
route: '/admin-secret',
},
],
},
{ name: 'Users', icon: FiUsers, route: '/users' }, { name: 'Users', icon: FiUsers, route: '/users' },
]; ];
@@ -52,21 +119,28 @@ interface SidebarProps extends BoxProps {
export const Sidebar = ({ onClose, ...rest }: SidebarProps) => { export const Sidebar = ({ onClose, ...rest }: SidebarProps) => {
const { pathname } = useLocation(); const { pathname } = useLocation();
const [{ fetching, data }] = useQuery({ query: MetaQuery }); const [{ data }] = useQuery({ query: MetaQuery });
const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
return ( return (
<Box <Box
transition="3s ease" transition="3s ease"
bg={useColorModeValue('white', 'gray.900')} bg={useColorModeValue('white', 'gray.900')}
borderRight="1px" borderRight="1px"
borderRightColor={useColorModeValue('gray.200', 'gray.700')} borderRightColor={useColorModeValue('gray.200', 'gray.700')}
w={{ base: 'full', md: 60 }} w={{ base: 'full', md: '64' }}
pos="fixed" pos="fixed"
h="full" h="full"
{...rest} {...rest}
> >
<Flex h="20" alignItems="center" mx="8" justifyContent="space-between"> <Flex
h="20"
alignItems="center"
mx="18"
justifyContent="space-between"
flexDirection="row"
>
<NavLink to="/"> <NavLink to="/">
<Flex alignItems="center"> <Flex alignItems="center" mt="6">
<Image <Image
src="https://authorizer.dev/images/logo.png" src="https://authorizer.dev/images/logo.png"
alt="logo" alt="logo"
@@ -79,39 +153,96 @@ export const Sidebar = ({ onClose, ...rest }: SidebarProps) => {
</NavLink> </NavLink>
<CloseButton display={{ base: 'flex', md: 'none' }} onClick={onClose} /> <CloseButton display={{ base: 'flex', md: 'none' }} onClick={onClose} />
</Flex> </Flex>
{LinkItems.map((link) => (
<NavLink key={link.name} to={link.route}>
<NavItem
icon={link.icon}
color={pathname === link.route ? 'blue.500' : ''}
>
{link.name}
</NavItem>
</NavLink>
))}
<Link <Accordion defaultIndex={[0]} allowMultiple>
href="/playground" <AccordionItem textAlign="center" border="none" w="100%">
target="_blank" {LinkItems.map((link) =>
style={{ link?.subRoutes ? (
textDecoration: 'none', <div key={link.name}>
}} <AccordionButton _focus={{ boxShadow: 'none' }}>
_focus={{ _boxShadow: 'none' }} <Text as="div" fontSize="md">
> <NavItem
<NavItem icon={FiCode}>API Playground</NavItem> icon={link.icon}
</Link> color={pathname === link.route ? 'blue.500' : ''}
style={{ outline: 'unset' }}
height={12}
ml={-1}
mb={isNotSmallerScreen ? -1 : -4}
w={isNotSmallerScreen ? '100%' : '310%'}
>
<Fragment>
{link.name}
<Box display={{ base: 'none', md: 'flex' }} ml={12}>
<FiChevronDown />
</Box>
</Fragment>
</NavItem>
</Text>
</AccordionButton>
<AccordionPanel>
{link.subRoutes?.map((sublink) => (
<NavLink
key={sublink.name}
to={sublink.route}
onClick={onClose}
>
{' '}
<Text as="div" fontSize="xs" ml={2}>
<NavItem
icon={sublink.icon}
color={pathname === sublink.route ? 'blue.500' : ''}
height={8}
>
{sublink.name}
</NavItem>{' '}
</Text>
</NavLink>
))}
</AccordionPanel>
</div>
) : (
<NavLink key={link.name} to={link.route}>
{' '}
<Text as="div" fontSize="md" w="100%" mt={-2}>
<NavItem
icon={link.icon}
color={pathname === link.route ? 'blue.500' : ''}
height={12}
onClick={onClose}
>
{link.name}
</NavItem>{' '}
</Text>
</NavLink>
)
)}
<Link
href="/playground"
target="_blank"
style={{
textDecoration: 'none',
}}
_focus={{ _boxShadow: 'none' }}
>
<NavItem icon={FiCode}>API Playground</NavItem>
</Link>
</AccordionItem>
</Accordion>
{data?.meta?.version && ( {data?.meta?.version && (
<Text <Flex alignContent="center">
color="gray.600" {' '}
fontSize="sm" <Text
textAlign="center" color="gray.400"
position="absolute" fontSize="sm"
bottom="5" textAlign="center"
left="7" position="absolute"
> bottom="5"
Current Version: {data.meta.version} left="7"
</Text> >
Current Version: {data.meta.version}
</Text>
</Flex>
)} )}
</Box> </Box>
); );
@@ -119,7 +250,7 @@ export const Sidebar = ({ onClose, ...rest }: SidebarProps) => {
interface NavItemProps extends FlexProps { interface NavItemProps extends FlexProps {
icon: IconType; icon: IconType;
children: ReactText; children: ReactText | JSX.Element | JSX.Element[];
} }
export const NavItem = ({ icon, children, ...rest }: NavItemProps) => { export const NavItem = ({ icon, children, ...rest }: NavItemProps) => {
return ( return (
@@ -167,7 +298,7 @@ export const MobileNav = ({ onOpen, ...rest }: MobileProps) => {
return ( return (
<Flex <Flex
ml={{ base: 0, md: 60 }} ml={{ base: 0, md: 64 }}
px={{ base: 4, md: 4 }} px={{ base: 4, md: 4 }}
height="20" height="20"
position="fixed" position="fixed"
@@ -204,7 +335,7 @@ export const MobileNav = ({ onOpen, ...rest }: MobileProps) => {
transition="all 0.3s" transition="all 0.3s"
_focus={{ boxShadow: 'none' }} _focus={{ boxShadow: 'none' }}
> >
<HStack> <HStack mr={5}>
<FiUser /> <FiUser />
<VStack <VStack
display={{ base: 'none', md: 'flex' }} display={{ base: 'none', md: 'flex' }}

15
dashboard/src/constants.ts
View File

@@ -62,6 +62,7 @@ export const SwitchInputType = {
DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION', DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION',
DISABLE_BASIC_AUTHENTICATION: 'DISABLE_BASIC_AUTHENTICATION', DISABLE_BASIC_AUTHENTICATION: 'DISABLE_BASIC_AUTHENTICATION',
DISABLE_SIGN_UP: 'DISABLE_SIGN_UP', DISABLE_SIGN_UP: 'DISABLE_SIGN_UP',
DISABLE_REDIS_FOR_ENV: 'DISABLE_REDIS_FOR_ENV',
}; };
export const DateInputType = { export const DateInputType = {
@@ -128,3 +129,17 @@ export interface envVarTypes {
DATABASE_URL: string; DATABASE_URL: string;
ACCESS_TOKEN_EXPIRY_TIME: string; ACCESS_TOKEN_EXPIRY_TIME: string;
} }
export const envSubViews = {
INSTANCE_INFO: 'instance-info',
ROLES: 'roles',
JWT_CONFIG: 'jwt-config',
SESSION_STORAGE: 'session-storage',
EMAIL_CONFIG: 'email-config',
WHITELIST_VARIABLES: 'whitelist-variables',
ORGANIZATION_INFO: 'organization-info',
ACCESS_TOKEN: 'access-token',
FEATURES: 'features',
ADMIN_SECRET: 'admin-secret',
DB_CRED: 'db-cred',
};

1
dashboard/src/graphql/queries/index.ts
View File

@@ -49,6 +49,7 @@ export const EnvVariablesQuery = `
DISABLE_EMAIL_VERIFICATION, DISABLE_EMAIL_VERIFICATION,
DISABLE_BASIC_AUTHENTICATION, DISABLE_BASIC_AUTHENTICATION,
DISABLE_SIGN_UP, DISABLE_SIGN_UP,
DISABLE_REDIS_FOR_ENV,
CUSTOM_ACCESS_TOKEN_SCRIPT, CUSTOM_ACCESS_TOKEN_SCRIPT,
DATABASE_NAME, DATABASE_NAME,
DATABASE_TYPE, DATABASE_TYPE,

7
dashboard/src/index.tsx
View File

@@ -2,4 +2,9 @@ import React from 'react';
import ReactDOM from 'react-dom'; import ReactDOM from 'react-dom';
import App from './App'; import App from './App';
ReactDOM.render(<App />, document.getElementById('root')); ReactDOM.render(
<div>
<App />
</div>,
document.getElementById('root')
);

28
dashboard/src/layouts/AuthLayout.tsx
View File

@@ -1,20 +1,28 @@
import { Box, Flex, Image, Text, Spinner } from '@chakra-ui/react'; import {
Box,
Flex,
Image,
Text,
Spinner,
useMediaQuery,
} from '@chakra-ui/react';
import React from 'react'; import React from 'react';
import { useQuery } from 'urql'; import { useQuery } from 'urql';
import { MetaQuery } from '../graphql/queries'; import { MetaQuery } from '../graphql/queries';
export function AuthLayout({ children }: { children: React.ReactNode }) { export function AuthLayout({ children }: { children: React.ReactNode }) {
const [{ fetching, data }] = useQuery({ query: MetaQuery }); const [{ fetching, data }] = useQuery({ query: MetaQuery });
const [isNotSmallerScreen] = useMediaQuery('(min-width:600px)');
return ( return (
<Flex <Flex
flexWrap="wrap" h="100vh"
h="100%"
bg="gray.100" bg="gray.100"
alignItems="center" alignItems="center"
justifyContent="center" justifyContent="center"
flexDirection="column" direction={['column', 'column']}
padding={['2%', '2%', '2%', '2%']}
> >
<Flex alignItems="center"> <Flex alignItems="center" maxW="100%">
<Image <Image
src="https://authorizer.dev/images/logo.png" src="https://authorizer.dev/images/logo.png"
alt="logo" alt="logo"
@@ -29,7 +37,15 @@ export function AuthLayout({ children }: { children: React.ReactNode }) {
<Spinner /> <Spinner />
) : ( ) : (
<> <>
<Box p="6" m="5" rounded="5" bg="white" w="500px" shadow="xl"> <Box
p="6"
m="5"
rounded="5"
bg="white"
w={isNotSmallerScreen ? '500px' : '450px'}
shadow="xl"
maxW="100%"
>
{children} {children}
</Box> </Box>
<Text color="gray.600" fontSize="sm"> <Text color="gray.600" fontSize="sm">

2
dashboard/src/layouts/DashboardLayout.tsx
View File

@@ -31,7 +31,7 @@ export function DashboardLayout({ children }: { children: ReactNode }) {
</Drawer> </Drawer>
{/* mobilenav */} {/* mobilenav */}
<MobileNav onOpen={onOpen} /> <MobileNav onOpen={onOpen} />
<Box ml={{ base: 0, md: 60 }} p="4" pt="24"> <Box ml={{ base: 0, md: '64' }} p="4" pt="24">
{children} {children}
</Box> </Box>
</Box> </Box>

2
dashboard/src/pages/Auth.tsx
View File

@@ -101,10 +101,10 @@ export default function Auth() {
</FormControl> </FormControl>
<Button <Button
isLoading={signUpResult.fetching || loginResult.fetching} isLoading={signUpResult.fetching || loginResult.fetching}
loadingText="Submitting"
colorScheme="blue" colorScheme="blue"
size="lg" size="lg"
w="100%" w="100%"
d="block"
type="submit" type="submit"
> >
{isLogin ? 'Login' : 'Sign up'} {isLogin ? 'Login' : 'Sign up'}

782
dashboard/src/pages/Environment.tsx
View File

@@ -1,46 +1,35 @@
import React, { useEffect } from 'react'; import React, { useEffect } from 'react';
import { import { useParams } from 'react-router-dom';
Box, import { Box, Flex, Stack, Button, useToast } from '@chakra-ui/react';
Divider,
Flex,
Stack,
Center,
Text,
Button,
Input,
InputGroup,
InputRightElement,
useToast,
} from '@chakra-ui/react';
import { useClient } from 'urql'; import { useClient } from 'urql';
import { import { FaSave } from 'react-icons/fa';
FaGoogle,
FaGithub,
FaFacebookF,
FaSave,
FaRegEyeSlash,
FaRegEye,
} from 'react-icons/fa';
import _ from 'lodash'; import _ from 'lodash';
import InputField from '../components/InputField';
import { EnvVariablesQuery } from '../graphql/queries'; import { EnvVariablesQuery } from '../graphql/queries';
import { import {
ArrayInputType,
SelectInputType, SelectInputType,
HiddenInputType, HiddenInputType,
TextInputType, TextInputType,
TextAreaInputType,
SwitchInputType,
HMACEncryptionType, HMACEncryptionType,
RSAEncryptionType, RSAEncryptionType,
ECDSAEncryptionType, ECDSAEncryptionType,
envVarTypes, envVarTypes,
envSubViews,
} from '../constants'; } from '../constants';
import { UpdateEnvVariables } from '../graphql/mutation'; import { UpdateEnvVariables } from '../graphql/mutation';
import { getObjectDiff, capitalizeFirstLetter } from '../utils'; import { getObjectDiff, capitalizeFirstLetter } from '../utils';
import GenerateKeysModal from '../components/GenerateKeysModal'; import OAuthConfig from '../components/EnvComponents/OAuthConfig';
import Roles from '../components/EnvComponents/Roles';
import JWTConfigurations from '../components/EnvComponents/JWTConfiguration';
import SessionStorage from '../components/EnvComponents/SessionStorage';
import EmailConfigurations from '../components/EnvComponents/EmailConfiguration';
import DomainWhiteListing from '../components/EnvComponents/DomainWhitelisting';
import OrganizationInfo from '../components/EnvComponents/OrganizationInfo';
import AccessToken from '../components/EnvComponents/AccessToken';
import Features from '../components/EnvComponents/Features';
import SecurityAdminSecret from '../components/EnvComponents/SecurityAdminSecret';
import DatabaseCredentials from '../components/EnvComponents/DatabaseCredentials';
export default function Environment() { const Environment = () => {
const client = useClient(); const client = useClient();
const toast = useToast(); const toast = useToast();
const [adminSecret, setAdminSecret] = React.useState< const [adminSecret, setAdminSecret] = React.useState<
@@ -100,11 +89,14 @@ export default function Environment() {
OLD_ADMIN_SECRET: false, OLD_ADMIN_SECRET: false,
}); });
const { sec } = useParams();
async function getData() { async function getData() {
const { const {
data: { _env: envData }, data: { _env: envData },
} = await client.query(EnvVariablesQuery).toPromise(); } = await client.query(EnvVariablesQuery).toPromise();
setLoading(false); setLoading(false);
setEnvVariables({ setEnvVariables({
...envData, ...envData,
OLD_ADMIN_SECRET: envData.ADMIN_SECRET, OLD_ADMIN_SECRET: envData.ADMIN_SECRET,
@@ -118,7 +110,7 @@ export default function Environment() {
useEffect(() => { useEffect(() => {
getData(); getData();
}, []); }, [sec]);
const validateAdminSecretHandler = (event: any) => { const validateAdminSecretHandler = (event: any) => {
if (envVariables.OLD_ADMIN_SECRET === event.target.value) { if (envVariables.OLD_ADMIN_SECRET === event.target.value) {
@@ -200,636 +192,110 @@ export default function Environment() {
}); });
}; };
return ( const renderComponent = (tab: any) => {
<Box m="5" py="5" px="10" bg="white" rounded="md"> switch (tab) {
<Text fontSize="md" paddingTop="2%" fontWeight="bold"> case envSubViews.INSTANCE_INFO:
Your instance information return (
</Text> <OAuthConfig
<Stack spacing={6} padding="2% 0%"> envVariables={envVariables}
<Flex> setVariables={setEnvVariables}
<Flex w="30%" justifyContent="start" alignItems="center"> fieldVisibility={fieldVisibility}
<Text fontSize="sm">Client ID</Text> setFieldVisibility={setFieldVisibility}
</Flex> />
<Center w="70%"> );
<InputField case envSubViews.ROLES:
variables={envVariables} return (
setVariables={() => {}} <Roles variables={envVariables} setVariables={setEnvVariables} />
inputType={TextInputType.CLIENT_ID} );
placeholder="Client ID" case envSubViews.JWT_CONFIG:
readOnly={true} return (
/> <JWTConfigurations
</Center> variables={envVariables}
</Flex> setVariables={setEnvVariables}
<Flex> fieldVisibility={fieldVisibility}
<Flex w="30%" justifyContent="start" alignItems="center"> setFieldVisibility={setFieldVisibility}
<Text fontSize="sm">Client Secret</Text> SelectInputType={SelectInputType.JWT_TYPE}
</Flex> HMACEncryptionType={HMACEncryptionType}
<Center w="70%"> RSAEncryptionType={RSAEncryptionType}
<InputField ECDSAEncryptionType={ECDSAEncryptionType}
variables={envVariables}
setVariables={setEnvVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.CLIENT_SECRET}
placeholder="Client Secret"
readOnly={true}
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Social Media Logins
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Center
w="50px"
marginRight="1.5%"
border="1px solid #e2e8f0"
borderRadius="5px"
>
<FaGoogle style={{ color: '#8c8c8c' }} />
</Center>
<Center w="45%" marginRight="1.5%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.GOOGLE_CLIENT_ID}
placeholder="Google Client ID"
/>
</Center>
<Center w="45%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.GOOGLE_CLIENT_SECRET}
placeholder="Google Secret"
/>
</Center>
</Flex>
<Flex>
<Center
w="50px"
marginRight="1.5%"
border="1px solid #e2e8f0"
borderRadius="5px"
>
<FaGithub style={{ color: '#8c8c8c' }} />
</Center>
<Center w="45%" marginRight="1.5%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.GITHUB_CLIENT_ID}
placeholder="Github Client ID"
/>
</Center>
<Center w="45%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.GITHUB_CLIENT_SECRET}
placeholder="Github Secret"
/>
</Center>
</Flex>
<Flex>
<Center
w="50px"
marginRight="1.5%"
border="1px solid #e2e8f0"
borderRadius="5px"
>
<FaFacebookF style={{ color: '#8c8c8c' }} />
</Center>
<Center w="45%" marginRight="1.5%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.FACEBOOK_CLIENT_ID}
placeholder="Facebook Client ID"
/>
</Center>
<Center w="45%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.FACEBOOK_CLIENT_SECRET}
placeholder="Facebook Secret"
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Roles
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Roles:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={ArrayInputType.ROLES}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Default Roles:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={ArrayInputType.DEFAULT_ROLES}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Protected Roles:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={ArrayInputType.PROTECTED_ROLES}
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Flex
width="100%"
justifyContent="space-between"
alignItems="center"
paddingTop="2%"
>
<Text fontSize="md" fontWeight="bold">
JWT (JSON Web Tokens) Configurations
</Text>
<Flex>
<GenerateKeysModal
jwtType={envVariables.JWT_TYPE}
getData={getData} getData={getData}
/> />
</Flex> );
</Flex> case envSubViews.SESSION_STORAGE:
<Stack spacing={6} padding="2% 0%"> return (
<Flex> <SessionStorage
<Flex w="30%" justifyContent="start" alignItems="center"> variables={envVariables}
<Text fontSize="sm">JWT Type:</Text> setVariables={setEnvVariables}
</Flex> RedisURL={TextInputType.REDIS_URL}
<Flex w="70%"> />
<InputField );
variables={envVariables} case envSubViews.EMAIL_CONFIG:
setVariables={setEnvVariables} return (
inputType={SelectInputType.JWT_TYPE} <EmailConfigurations
value={SelectInputType.JWT_TYPE} variables={envVariables}
options={{ setVariables={setEnvVariables}
...HMACEncryptionType, fieldVisibility={fieldVisibility}
...RSAEncryptionType, setFieldVisibility={setFieldVisibility}
...ECDSAEncryptionType, />
}} );
/> case envSubViews.WHITELIST_VARIABLES:
</Flex> return (
</Flex> <DomainWhiteListing
{Object.values(HMACEncryptionType).includes(envVariables.JWT_TYPE) ? ( variables={envVariables}
<Flex> setVariables={setEnvVariables}
<Flex w="30%" justifyContent="start" alignItems="center"> />
<Text fontSize="sm">JWT Secret</Text> );
</Flex> case envSubViews.ORGANIZATION_INFO:
<Center w="70%"> return (
<InputField <OrganizationInfo
variables={envVariables} variables={envVariables}
setVariables={setEnvVariables} setVariables={setEnvVariables}
fieldVisibility={fieldVisibility} />
setFieldVisibility={setFieldVisibility} );
inputType={HiddenInputType.JWT_SECRET} case envSubViews.ACCESS_TOKEN:
/> return (
</Center> <AccessToken
</Flex> variables={envVariables}
) : ( setVariables={setEnvVariables}
<> />
<Flex> );
<Flex w="30%" justifyContent="start" alignItems="center"> case envSubViews.FEATURES:
<Text fontSize="sm">Public Key</Text> return (
</Flex> <Features variables={envVariables} setVariables={setEnvVariables} />
<Center w="70%"> );
<InputField case envSubViews.ADMIN_SECRET:
variables={envVariables} return (
setVariables={setEnvVariables} <SecurityAdminSecret
inputType={TextAreaInputType.JWT_PUBLIC_KEY} variables={envVariables}
placeholder="Add public key here" setVariables={setEnvVariables}
minH="25vh" fieldVisibility={fieldVisibility}
/> setFieldVisibility={setFieldVisibility}
</Center> validateAdminSecretHandler={validateAdminSecretHandler}
</Flex> adminSecret={adminSecret}
<Flex> />
<Flex w="30%" justifyContent="start" alignItems="center"> );
<Text fontSize="sm">Private Key</Text> case envSubViews.DB_CRED:
</Flex> return (
<Center w="70%"> <DatabaseCredentials
<InputField variables={envVariables}
variables={envVariables} setVariables={setEnvVariables}
setVariables={setEnvVariables} />
inputType={TextAreaInputType.JWT_PRIVATE_KEY} );
placeholder="Add private key here" default:
minH="25vh" return (
/> <OAuthConfig
</Center> envVariables={envVariables}
</Flex> setVariables={setEnvVariables}
</> fieldVisibility={fieldVisibility}
)} setFieldVisibility={setFieldVisibility}
<Flex> />
<Flex w="30%" justifyContent="start" alignItems="center"> );
<Text fontSize="sm">JWT Role Claim:</Text> }
</Flex> };
<Center w="70%"> return (
<InputField <Box m="5" py="5" px="10" bg="white" rounded="md">
variables={envVariables} {renderComponent(sec)}
setVariables={setEnvVariables} <Stack spacing={6} padding="1% 0" mt={4}>
inputType={TextInputType.JWT_ROLE_CLAIM}
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Session Storage
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Redis URL:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.REDIS_URL}
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Email Configurations
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">SMTP Host:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.SMTP_HOST}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">SMTP Port:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.SMTP_PORT}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">SMTP Username:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.SMTP_USERNAME}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">SMTP Password:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
inputType={HiddenInputType.SMTP_PASSWORD}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">From Email:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.SENDER_EMAIL}
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
White Listing
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Allowed Origins:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={ArrayInputType.ALLOWED_ORIGINS}
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Organization Information
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Organization Name:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.ORGANIZATION_NAME}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Organization Logo:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.ORGANIZATION_LOGO}
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Access Token
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Access Token Expiry Time:</Text>
</Flex>
<Flex w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.ACCESS_TOKEN_EXPIRY_TIME}
placeholder="0h15m0s"
/>
</Flex>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" direction="column">
<Text fontSize="sm">Custom Scripts:</Text>
<Text fontSize="sm">Used to add custom fields in ID token</Text>
</Flex>
<Flex w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextAreaInputType.CUSTOM_ACCESS_TOKEN_SCRIPT}
placeholder="Add script here"
minH="25vh"
/>
</Flex>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Disable Features
</Text>
<Stack spacing={6} padding="2% 0%">
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Login Page:</Text>
</Flex>
<Flex justifyContent="start" w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={SwitchInputType.DISABLE_LOGIN_PAGE}
/>
</Flex>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Email Verification:</Text>
</Flex>
<Flex justifyContent="start" w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={SwitchInputType.DISABLE_EMAIL_VERIFICATION}
/>
</Flex>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Magic Login Link:</Text>
</Flex>
<Flex justifyContent="start" w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={SwitchInputType.DISABLE_MAGIC_LINK_LOGIN}
/>
</Flex>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Basic Authentication:</Text>
</Flex>
<Flex justifyContent="start" w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={SwitchInputType.DISABLE_BASIC_AUTHENTICATION}
/>
</Flex>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Disable Sign Up:</Text>
</Flex>
<Flex justifyContent="start" w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={SwitchInputType.DISABLE_SIGN_UP}
/>
</Flex>
</Flex>
</Stack>
<Divider marginTop="2%" marginBottom="2%" />
<Text fontSize="md" paddingTop="2%" fontWeight="bold">
Danger
</Text>
<Stack
spacing={6}
padding="0 5%"
marginTop="3%"
border="1px solid #ff7875"
borderRadius="5px"
>
<Stack spacing={6} padding="3% 0">
<Text fontStyle="italic" fontSize="sm" color="gray.600">
Note: Database related environment variables cannot be updated from
dashboard :(
</Text>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">DataBase Name:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.DATABASE_NAME}
isDisabled={true}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">DataBase Type:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.DATABASE_TYPE}
isDisabled={true}
/>
</Center>
</Flex>
<Flex>
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">DataBase URL:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={TextInputType.DATABASE_URL}
isDisabled={true}
/>
</Center>
</Flex>
</Stack>
<Flex marginTop="3%">
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">Old Admin Secret:</Text>
</Flex>
<Center w="70%">
<InputGroup size="sm">
<Input
size="sm"
placeholder="Enter Old Admin Secret"
value={adminSecret.value as string}
onChange={(event: any) => validateAdminSecretHandler(event)}
type={
!fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET]
? 'password'
: 'text'
}
/>
<InputRightElement
right="5px"
children={
<Flex>
{fieldVisibility[HiddenInputType.OLD_ADMIN_SECRET] ? (
<Center
w="25px"
margin="0 1.5%"
cursor="pointer"
onClick={() =>
setFieldVisibility({
...fieldVisibility,
[HiddenInputType.OLD_ADMIN_SECRET]: false,
})
}
>
<FaRegEyeSlash color="#bfbfbf" />
</Center>
) : (
<Center
w="25px"
margin="0 1.5%"
cursor="pointer"
onClick={() =>
setFieldVisibility({
...fieldVisibility,
[HiddenInputType.OLD_ADMIN_SECRET]: true,
})
}
>
<FaRegEye color="#bfbfbf" />
</Center>
)}
</Flex>
}
/>
</InputGroup>
</Center>
</Flex>
<Flex paddingBottom="3%">
<Flex w="30%" justifyContent="start" alignItems="center">
<Text fontSize="sm">New Admin Secret:</Text>
</Flex>
<Center w="70%">
<InputField
variables={envVariables}
setVariables={setEnvVariables}
inputType={HiddenInputType.ADMIN_SECRET}
fieldVisibility={fieldVisibility}
setFieldVisibility={setFieldVisibility}
isDisabled={adminSecret.disableInputField}
placeholder="Enter New Admin Secret"
/>
</Center>
</Flex>
</Stack>
<Divider marginTop="5%" marginBottom="2%" />
<Stack spacing={6} padding="1% 0">
<Flex justifyContent="end" alignItems="center"> <Flex justifyContent="end" alignItems="center">
<Button <Button
leftIcon={<FaSave />} leftIcon={<FaSave />}
@@ -844,4 +310,6 @@ export default function Environment() {
</Stack> </Stack>
</Box> </Box>
); );
} };
export default Environment;

12
dashboard/src/routes/index.tsx
View File

@@ -14,6 +14,7 @@ export const AppRoutes = () => {
if (isLoggedIn) { if (isLoggedIn) {
return ( return (
<div>
<Suspense fallback={<></>}> <Suspense fallback={<></>}>
<Routes> <Routes>
<Route <Route
@@ -23,13 +24,16 @@ export const AppRoutes = () => {
</DashboardLayout> </DashboardLayout>
} }
> >
<Route path="/" element={<Environment />} /> <Route path="/" element={<Outlet />}>
<Route path="users" element={<Users />} /> <Route index element={<Environment />} />
<Route path="environment" element={<Environment />} /> <Route path="/:sec" element={<Environment />} />
<Route path="*" element={<Home />} /> </Route>
<Route path="users" element={<Users />} />
<Route path="*" element={<Home />} />
</Route> </Route>
</Routes> </Routes>
</Suspense> </Suspense>
</div>
); );
} }
return ( return (

14
server/cli/cli.go Normal file
View File

@@ -0,0 +1,14 @@
package cli
var (
// ARG_DB_URL is the cli arg variable for the database url
ARG_DB_URL *string
// ARG_DB_TYPE is the cli arg variable for the database type
ARG_DB_TYPE *string
// ARG_ENV_FILE is the cli arg variable for the env file
ARG_ENV_FILE *string
// ARG_LOG_LEVEL is the cli arg variable for the log level
ARG_LOG_LEVEL *string
// ARG_REDIS_URL is the cli arg variable for the redis url
ARG_REDIS_URL *string
)

8
server/constants/cookie.go Normal file
View File

@@ -0,0 +1,8 @@
package constants
const (
// AppCookieName is the name of the cookie that is used to store the application token
AppCookieName = "cookie"
// AdminCookieName is the name of the cookie that is used to store the admin token
AdminCookieName = "authorizer-admin"
)

57
server/constants/env.go
View File

@@ -5,11 +5,11 @@ var VERSION = "0.0.1"
const ( const (
// Envstore identifier // Envstore identifier
// StringStore string store identifier // StringStore string store identifier
StringStoreIdentifier = "stringStore" // StringStoreIdentifier = "stringStore"
// BoolStore bool store identifier // // BoolStore bool store identifier
BoolStoreIdentifier = "boolStore" // BoolStoreIdentifier = "boolStore"
// SliceStore slice store identifier // // SliceStore slice store identifier
SliceStoreIdentifier = "sliceStore" // SliceStoreIdentifier = "sliceStore"
// EnvKeyEnv key for env variable ENV // EnvKeyEnv key for env variable ENV
EnvKeyEnv = "ENV" EnvKeyEnv = "ENV"
@@ -19,7 +19,6 @@ const (
EnvKeyAuthorizerURL = "AUTHORIZER_URL" EnvKeyAuthorizerURL = "AUTHORIZER_URL"
// EnvKeyPort key for env variable PORT // EnvKeyPort key for env variable PORT
EnvKeyPort = "PORT" EnvKeyPort = "PORT"
// EnvKeyAccessTokenExpiryTime key for env variable ACCESS_TOKEN_EXPIRY_TIME // EnvKeyAccessTokenExpiryTime key for env variable ACCESS_TOKEN_EXPIRY_TIME
EnvKeyAccessTokenExpiryTime = "ACCESS_TOKEN_EXPIRY_TIME" EnvKeyAccessTokenExpiryTime = "ACCESS_TOKEN_EXPIRY_TIME"
// EnvKeyAdminSecret key for env variable ADMIN_SECRET // EnvKeyAdminSecret key for env variable ADMIN_SECRET
@@ -62,34 +61,12 @@ const (
EnvKeyJwtPrivateKey = "JWT_PRIVATE_KEY" EnvKeyJwtPrivateKey = "JWT_PRIVATE_KEY"
// EnvKeyJwtPublicKey key for env variable JWT_PUBLIC_KEY // EnvKeyJwtPublicKey key for env variable JWT_PUBLIC_KEY
EnvKeyJwtPublicKey = "JWT_PUBLIC_KEY" EnvKeyJwtPublicKey = "JWT_PUBLIC_KEY"
// EnvKeyAllowedOrigins key for env variable ALLOWED_ORIGINS
EnvKeyAllowedOrigins = "ALLOWED_ORIGINS"
// EnvKeyAppURL key for env variable APP_URL // EnvKeyAppURL key for env variable APP_URL
EnvKeyAppURL = "APP_URL" EnvKeyAppURL = "APP_URL"
// EnvKeyRedisURL key for env variable REDIS_URL // EnvKeyRedisURL key for env variable REDIS_URL
EnvKeyRedisURL = "REDIS_URL" EnvKeyRedisURL = "REDIS_URL"
// EnvKeyCookieName key for env variable COOKIE_NAME
EnvKeyCookieName = "COOKIE_NAME"
// EnvKeyAdminCookieName key for env variable ADMIN_COOKIE_NAME
EnvKeyAdminCookieName = "ADMIN_COOKIE_NAME"
// EnvKeyResetPasswordURL key for env variable RESET_PASSWORD_URL // EnvKeyResetPasswordURL key for env variable RESET_PASSWORD_URL
EnvKeyResetPasswordURL = "RESET_PASSWORD_URL" EnvKeyResetPasswordURL = "RESET_PASSWORD_URL"
// EnvKeyDisableEmailVerification key for env variable DISABLE_EMAIL_VERIFICATION
EnvKeyDisableEmailVerification = "DISABLE_EMAIL_VERIFICATION"
// EnvKeyDisableBasicAuthentication key for env variable DISABLE_BASIC_AUTH
EnvKeyDisableBasicAuthentication = "DISABLE_BASIC_AUTHENTICATION"
// EnvKeyDisableMagicLinkLogin key for env variable DISABLE_MAGIC_LINK_LOGIN
EnvKeyDisableMagicLinkLogin = "DISABLE_MAGIC_LINK_LOGIN"
// EnvKeyDisableLoginPage key for env variable DISABLE_LOGIN_PAGE
EnvKeyDisableLoginPage = "DISABLE_LOGIN_PAGE"
// EnvKeyDisableSignUp key for env variable DISABLE_SIGN_UP
EnvKeyDisableSignUp = "DISABLE_SIGN_UP"
// EnvKeyRoles key for env variable ROLES
EnvKeyRoles = "ROLES"
// EnvKeyProtectedRoles key for env variable PROTECTED_ROLES
EnvKeyProtectedRoles = "PROTECTED_ROLES"
// EnvKeyDefaultRoles key for env variable DEFAULT_ROLES
EnvKeyDefaultRoles = "DEFAULT_ROLES"
// EnvKeyJwtRoleClaim key for env variable JWT_ROLE_CLAIM // EnvKeyJwtRoleClaim key for env variable JWT_ROLE_CLAIM
EnvKeyJwtRoleClaim = "JWT_ROLE_CLAIM" EnvKeyJwtRoleClaim = "JWT_ROLE_CLAIM"
// EnvKeyGoogleClientID key for env variable GOOGLE_CLIENT_ID // EnvKeyGoogleClientID key for env variable GOOGLE_CLIENT_ID
@@ -120,6 +97,30 @@ const (
EnvKeyEncryptionKey = "ENCRYPTION_KEY" EnvKeyEncryptionKey = "ENCRYPTION_KEY"
// EnvKeyJWK key for env variable JWK // EnvKeyJWK key for env variable JWK
EnvKeyJWK = "JWK" EnvKeyJWK = "JWK"
// Boolean variables
// EnvKeyIsProd key for env variable IS_PROD // EnvKeyIsProd key for env variable IS_PROD
EnvKeyIsProd = "IS_PROD" EnvKeyIsProd = "IS_PROD"
// EnvKeyDisableEmailVerification key for env variable DISABLE_EMAIL_VERIFICATION
EnvKeyDisableEmailVerification = "DISABLE_EMAIL_VERIFICATION"
// EnvKeyDisableBasicAuthentication key for env variable DISABLE_BASIC_AUTH
EnvKeyDisableBasicAuthentication = "DISABLE_BASIC_AUTHENTICATION"
// EnvKeyDisableMagicLinkLogin key for env variable DISABLE_MAGIC_LINK_LOGIN
EnvKeyDisableMagicLinkLogin = "DISABLE_MAGIC_LINK_LOGIN"
// EnvKeyDisableLoginPage key for env variable DISABLE_LOGIN_PAGE
EnvKeyDisableLoginPage = "DISABLE_LOGIN_PAGE"
// EnvKeyDisableSignUp key for env variable DISABLE_SIGN_UP
EnvKeyDisableSignUp = "DISABLE_SIGN_UP"
// EnvKeyDisableRedisForEnv key for env variable DISABLE_REDIS_FOR_ENV
EnvKeyDisableRedisForEnv = "DISABLE_REDIS_FOR_ENV"
// Slice variables
// EnvKeyRoles key for env variable ROLES
EnvKeyRoles = "ROLES"
// EnvKeyProtectedRoles key for env variable PROTECTED_ROLES
EnvKeyProtectedRoles = "PROTECTED_ROLES"
// EnvKeyDefaultRoles key for env variable DEFAULT_ROLES
EnvKeyDefaultRoles = "DEFAULT_ROLES"
// EnvKeyAllowedOrigins key for env variable ALLOWED_ORIGINS
EnvKeyAllowedOrigins = "ALLOWED_ORIGINS"
) )

19
server/cookie/admin_cookie.go
View File

@@ -4,8 +4,7 @@ import (
"net/url" "net/url"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/parsers"
"github.com/authorizerdev/authorizer/server/utils"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@@ -13,15 +12,14 @@ import (
func SetAdminCookie(gc *gin.Context, token string) { func SetAdminCookie(gc *gin.Context, token string) {
secure := true secure := true
httpOnly := true httpOnly := true
hostname := utils.GetHost(gc) hostname := parsers.GetHost(gc)
host, _ := utils.GetHostParts(hostname) host, _ := parsers.GetHostParts(hostname)
gc.SetCookie(constants.AdminCookieName, token, 3600, "/", host, secure, httpOnly)
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), token, 3600, "/", host, secure, httpOnly)
} }
// GetAdminCookie gets the admin cookie from the request // GetAdminCookie gets the admin cookie from the request
func GetAdminCookie(gc *gin.Context) (string, error) { func GetAdminCookie(gc *gin.Context) (string, error) {
cookie, err := gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName)) cookie, err := gc.Request.Cookie(constants.AdminCookieName)
if err != nil { if err != nil {
return "", err return "", err
} }
@@ -39,8 +37,7 @@ func GetAdminCookie(gc *gin.Context) (string, error) {
func DeleteAdminCookie(gc *gin.Context) { func DeleteAdminCookie(gc *gin.Context) {
secure := true secure := true
httpOnly := true httpOnly := true
hostname := utils.GetHost(gc) hostname := parsers.GetHost(gc)
host, _ := utils.GetHostParts(hostname) host, _ := parsers.GetHostParts(hostname)
gc.SetCookie(constants.AdminCookieName, "", -1, "/", host, secure, httpOnly)
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), "", -1, "/", host, secure, httpOnly)
} }

27
server/cookie/cookie.go
View File

@@ -5,8 +5,7 @@ import (
"net/url" "net/url"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/parsers"
"github.com/authorizerdev/authorizer/server/utils"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@@ -14,9 +13,9 @@ import (
func SetSession(gc *gin.Context, sessionID string) { func SetSession(gc *gin.Context, sessionID string) {
secure := true secure := true
httpOnly := true httpOnly := true
hostname := utils.GetHost(gc) hostname := parsers.GetHost(gc)
host, _ := utils.GetHostParts(hostname) host, _ := parsers.GetHostParts(hostname)
domain := utils.GetDomainName(hostname) domain := parsers.GetDomainName(hostname)
if domain != "localhost" { if domain != "localhost" {
domain = "." + domain domain = "." + domain
} }
@@ -25,33 +24,33 @@ func SetSession(gc *gin.Context, sessionID string) {
year := 60 * 60 * 24 * 365 year := 60 * 60 * 24 * 365
gc.SetSameSite(http.SameSiteNoneMode) gc.SetSameSite(http.SameSiteNoneMode)
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", sessionID, year, "/", host, secure, httpOnly) gc.SetCookie(constants.AppCookieName+"_session", sessionID, year, "/", host, secure, httpOnly)
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session_domain", sessionID, year, "/", domain, secure, httpOnly) gc.SetCookie(constants.AppCookieName+"_session_domain", sessionID, year, "/", domain, secure, httpOnly)
} }
// DeleteSession sets session cookies to expire // DeleteSession sets session cookies to expire
func DeleteSession(gc *gin.Context) { func DeleteSession(gc *gin.Context) {
secure := true secure := true
httpOnly := true httpOnly := true
hostname := utils.GetHost(gc) hostname := parsers.GetHost(gc)
host, _ := utils.GetHostParts(hostname) host, _ := parsers.GetHostParts(hostname)
domain := utils.GetDomainName(hostname) domain := parsers.GetDomainName(hostname)
if domain != "localhost" { if domain != "localhost" {
domain = "." + domain domain = "." + domain
} }
gc.SetSameSite(http.SameSiteNoneMode) gc.SetSameSite(http.SameSiteNoneMode)
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", "", -1, "/", host, secure, httpOnly) gc.SetCookie(constants.AppCookieName+"_session", "", -1, "/", host, secure, httpOnly)
gc.SetCookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session_domain", "", -1, "/", domain, secure, httpOnly) gc.SetCookie(constants.AppCookieName+"_session_domain", "", -1, "/", domain, secure, httpOnly)
} }
// GetSession gets the session cookie from context // GetSession gets the session cookie from context
func GetSession(gc *gin.Context) (string, error) { func GetSession(gc *gin.Context) (string, error) {
var cookie *http.Cookie var cookie *http.Cookie
var err error var err error
cookie, err = gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + "_session") cookie, err = gc.Request.Cookie(constants.AppCookieName + "_session")
if err != nil { if err != nil {
cookie, err = gc.Request.Cookie(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + "_session_domain") cookie, err = gc.Request.Cookie(constants.AppCookieName + "_session_domain")
if err != nil { if err != nil {
return "", err return "", err
} }

30
server/crypto/aes.go
View File

@@ -7,14 +7,18 @@ import (
"io" "io"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
) )
var bytes = []byte{35, 46, 57, 24, 85, 35, 24, 74, 87, 35, 88, 98, 66, 32, 14, 0o5} var bytes = []byte{35, 46, 57, 24, 85, 35, 24, 74, 87, 35, 88, 98, 66, 32, 14, 0o5}
// EncryptAES method is to encrypt or hide any classified text // EncryptAES method is to encrypt or hide any classified text
func EncryptAES(text string) (string, error) { func EncryptAES(text string) (string, error) {
key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)) k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
if err != nil {
return "", err
}
key := []byte(k)
block, err := aes.NewCipher(key) block, err := aes.NewCipher(key)
if err != nil { if err != nil {
return "", err return "", err
@@ -28,7 +32,11 @@ func EncryptAES(text string) (string, error) {
// DecryptAES method is to extract back the encrypted text // DecryptAES method is to extract back the encrypted text
func DecryptAES(text string) (string, error) { func DecryptAES(text string) (string, error) {
key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)) k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
if err != nil {
return "", err
}
key := []byte(k)
block, err := aes.NewCipher(key) block, err := aes.NewCipher(key)
if err != nil { if err != nil {
return "", err return "", err
@@ -46,9 +54,13 @@ func DecryptAES(text string) (string, error) {
// EncryptAESEnv encrypts data using AES algorithm // EncryptAESEnv encrypts data using AES algorithm
// kept for the backward compatibility of env data encryption // kept for the backward compatibility of env data encryption
func EncryptAESEnv(text []byte) ([]byte, error) { func EncryptAESEnv(text []byte) ([]byte, error) {
key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
c, err := aes.NewCipher(key)
var res []byte var res []byte
k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
if err != nil {
return res, err
}
key := []byte(k)
c, err := aes.NewCipher(key)
if err != nil { if err != nil {
return res, err return res, err
} }
@@ -81,9 +93,13 @@ func EncryptAESEnv(text []byte) ([]byte, error) {
// DecryptAES decrypts data using AES algorithm // DecryptAES decrypts data using AES algorithm
// Kept for the backward compatibility of env data decryption // Kept for the backward compatibility of env data decryption
func DecryptAESEnv(ciphertext []byte) ([]byte, error) { func DecryptAESEnv(ciphertext []byte) ([]byte, error) {
key := []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey))
c, err := aes.NewCipher(key)
var res []byte var res []byte
k, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEncryptionKey)
if err != nil {
return res, err
}
key := []byte(k)
c, err := aes.NewCipher(key)
if err != nil { if err != nil {
return res, err return res, err
} }

40
server/crypto/common.go
View File

@@ -5,7 +5,7 @@ import (
"encoding/json" "encoding/json"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
"gopkg.in/square/go-jose.v2" "gopkg.in/square/go-jose.v2"
) )
@@ -37,20 +37,35 @@ func GetPubJWK(algo, keyID string, publicKey interface{}) (string, error) {
// this is called while initializing app / when env is updated // this is called while initializing app / when env is updated
func GenerateJWKBasedOnEnv() (string, error) { func GenerateJWKBasedOnEnv() (string, error) {
jwk := "" jwk := ""
algo := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType) algo, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
clientID := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) if err != nil {
return jwk, err
}
clientID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID)
if err != nil {
return jwk, err
}
jwtSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)
if err != nil {
return jwk, err
}
var err error
// check if jwt secret is provided // check if jwt secret is provided
if IsHMACA(algo) { if IsHMACA(algo) {
jwk, err = GetPubJWK(algo, clientID, []byte(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret))) jwk, err = GetPubJWK(algo, clientID, []byte(jwtSecret))
if err != nil { if err != nil {
return "", err return "", err
} }
} }
jwtPublicKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)
if err != nil {
return jwk, err
}
if IsRSA(algo) { if IsRSA(algo) {
publicKeyInstance, err := ParseRsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)) publicKeyInstance, err := ParseRsaPublicKeyFromPemStr(jwtPublicKey)
if err != nil { if err != nil {
return "", err return "", err
} }
@@ -62,7 +77,11 @@ func GenerateJWKBasedOnEnv() (string, error) {
} }
if IsECDSA(algo) { if IsECDSA(algo) {
publicKeyInstance, err := ParseEcdsaPublicKeyFromPemStr(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)) jwtPublicKey, err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey)
if err != nil {
return jwk, err
}
publicKeyInstance, err := ParseEcdsaPublicKeyFromPemStr(jwtPublicKey)
if err != nil { if err != nil {
return "", err return "", err
} }
@@ -77,13 +96,16 @@ func GenerateJWKBasedOnEnv() (string, error) {
} }
// EncryptEnvData is used to encrypt the env data // EncryptEnvData is used to encrypt the env data
func EncryptEnvData(data envstore.Store) (string, error) { func EncryptEnvData(data map[string]interface{}) (string, error) {
jsonBytes, err := json.Marshal(data) jsonBytes, err := json.Marshal(data)
if err != nil { if err != nil {
return "", err return "", err
} }
storeData := envstore.EnvStoreObj.GetEnvStoreClone() storeData, err := memorystore.Provider.GetEnvStore()
if err != nil {
return "", err
}
err = json.Unmarshal(jsonBytes, &storeData) err = json.Unmarshal(jsonBytes, &storeData)
if err != nil { if err != nil {

22
server/db/db.go
View File

@@ -1,13 +1,15 @@
package db package db
import ( import (
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/providers" "github.com/authorizerdev/authorizer/server/db/providers"
"github.com/authorizerdev/authorizer/server/db/providers/arangodb" "github.com/authorizerdev/authorizer/server/db/providers/arangodb"
"github.com/authorizerdev/authorizer/server/db/providers/cassandradb" "github.com/authorizerdev/authorizer/server/db/providers/cassandradb"
"github.com/authorizerdev/authorizer/server/db/providers/mongodb" "github.com/authorizerdev/authorizer/server/db/providers/mongodb"
"github.com/authorizerdev/authorizer/server/db/providers/sql" "github.com/authorizerdev/authorizer/server/db/providers/sql"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
) )
// Provider returns the current database provider // Provider returns the current database provider
@@ -16,35 +18,45 @@ var Provider providers.Provider
func InitDB() error { func InitDB() error {
var err error var err error
isSQL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeArangodb && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeMongodb && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) != constants.DbTypeCassandraDB envs := memorystore.RequiredEnvStoreObj.GetRequiredEnv()
isArangoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeArangodb
isMongoDB := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeMongodb isSQL := envs.DatabaseType != constants.DbTypeArangodb && envs.DatabaseType != constants.DbTypeMongodb && envs.DatabaseType != constants.DbTypeCassandraDB
isCassandra := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) == constants.DbTypeCassandraDB isArangoDB := envs.DatabaseType == constants.DbTypeArangodb
isMongoDB := envs.DatabaseType == constants.DbTypeMongodb
isCassandra := envs.DatabaseType == constants.DbTypeCassandraDB
if isSQL { if isSQL {
log.Info("Initializing SQL Driver for: ", envs.DatabaseType)
Provider, err = sql.NewProvider() Provider, err = sql.NewProvider()
if err != nil { if err != nil {
log.Fatal("Failed to initialize SQL driver: ", err)
return err return err
} }
} }
if isArangoDB { if isArangoDB {
log.Info("Initializing ArangoDB Driver")
Provider, err = arangodb.NewProvider() Provider, err = arangodb.NewProvider()
if err != nil { if err != nil {
log.Fatal("Failed to initialize ArangoDB driver: ", err)
return err return err
} }
} }
if isMongoDB { if isMongoDB {
log.Info("Initializing MongoDB Driver")
Provider, err = mongodb.NewProvider() Provider, err = mongodb.NewProvider()
if err != nil { if err != nil {
log.Fatal("Failed to initialize MongoDB driver: ", err)
return err return err
} }
} }
if isCassandra { if isCassandra {
log.Info("Initializing CassandraDB Driver")
Provider, err = cassandradb.NewProvider() Provider, err = cassandradb.NewProvider()
if err != nil { if err != nil {
log.Fatal("Failed to initialize CassandraDB driver: ", err)
return err return err
} }
} }

3
server/db/providers/arangodb/env.go
View File

@@ -2,7 +2,6 @@ package arangodb
import ( import (
"fmt" "fmt"
"log"
"time" "time"
arangoDriver "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver"
@@ -22,7 +21,6 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
configCollection, _ := p.db.Collection(nil, models.Collections.Env) configCollection, _ := p.db.Collection(nil, models.Collections.Env)
meta, err := configCollection.CreateDocument(arangoDriver.WithOverwrite(nil), env) meta, err := configCollection.CreateDocument(arangoDriver.WithOverwrite(nil), env)
if err != nil { if err != nil {
log.Println("error adding config:", err)
return env, err return env, err
} }
env.Key = meta.Key env.Key = meta.Key
@@ -36,7 +34,6 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
collection, _ := p.db.Collection(nil, models.Collections.Env) collection, _ := p.db.Collection(nil, models.Collections.Env)
meta, err := collection.UpdateDocument(nil, env.Key, env) meta, err := collection.UpdateDocument(nil, env.Key, env)
if err != nil { if err != nil {
log.Println("error updating config:", err)
return env, err return env, err
} }

40
server/db/providers/arangodb/provider.go
View File

@@ -2,14 +2,12 @@ package arangodb
import ( import (
"context" "context"
"log"
"github.com/arangodb/go-driver" "github.com/arangodb/go-driver"
arangoDriver "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver"
"github.com/arangodb/go-driver/http" "github.com/arangodb/go-driver/http"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
) )
type provider struct { type provider struct {
@@ -23,8 +21,9 @@ type provider struct {
// NewProvider to initialize arangodb connection // NewProvider to initialize arangodb connection
func NewProvider() (*provider, error) { func NewProvider() (*provider, error) {
ctx := context.Background() ctx := context.Background()
dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
conn, err := http.NewConnection(http.ConnectionConfig{ conn, err := http.NewConnection(http.ConnectionConfig{
Endpoints: []string{envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)}, Endpoints: []string{dbURL},
}) })
if err != nil { if err != nil {
return nil, err return nil, err
@@ -38,29 +37,26 @@ func NewProvider() (*provider, error) {
} }
var arangodb driver.Database var arangodb driver.Database
dbName := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName
arangodb_exists, err := arangoClient.DatabaseExists(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName)) arangodb_exists, err := arangoClient.DatabaseExists(nil, dbName)
if arangodb_exists { if arangodb_exists {
log.Println(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName) + " db exists already") arangodb, err = arangoClient.Database(nil, dbName)
arangodb, err = arangoClient.Database(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName))
if err != nil { if err != nil {
return nil, err return nil, err
} }
} else { } else {
arangodb, err = arangoClient.CreateDatabase(nil, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), nil) arangodb, err = arangoClient.CreateDatabase(nil, dbName, nil)
if err != nil { if err != nil {
return nil, err return nil, err
} }
} }
userCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.User) userCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.User)
if userCollectionExists { if !userCollectionExists {
log.Println(models.Collections.User + " collection exists already")
} else {
_, err = arangodb.CreateCollection(ctx, models.Collections.User, nil) _, err = arangodb.CreateCollection(ctx, models.Collections.User, nil)
if err != nil { if err != nil {
log.Println("error creating collection("+models.Collections.User+"):", err) return nil, err
} }
} }
userCollection, _ := arangodb.Collection(nil, models.Collections.User) userCollection, _ := arangodb.Collection(nil, models.Collections.User)
@@ -74,12 +70,10 @@ func NewProvider() (*provider, error) {
}) })
verificationRequestCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.VerificationRequest) verificationRequestCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.VerificationRequest)
if verificationRequestCollectionExists { if !verificationRequestCollectionExists {
log.Println(models.Collections.VerificationRequest + " collection exists already")
} else {
_, err = arangodb.CreateCollection(ctx, models.Collections.VerificationRequest, nil) _, err = arangodb.CreateCollection(ctx, models.Collections.VerificationRequest, nil)
if err != nil { if err != nil {
log.Println("error creating collection("+models.Collections.VerificationRequest+"):", err) return nil, err
} }
} }
@@ -93,12 +87,10 @@ func NewProvider() (*provider, error) {
}) })
sessionCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Session) sessionCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Session)
if sessionCollectionExists { if !sessionCollectionExists {
log.Println(models.Collections.Session + " collection exists already")
} else {
_, err = arangodb.CreateCollection(ctx, models.Collections.Session, nil) _, err = arangodb.CreateCollection(ctx, models.Collections.Session, nil)
if err != nil { if err != nil {
log.Println("error creating collection("+models.Collections.Session+"):", err) return nil, err
} }
} }
@@ -108,12 +100,10 @@ func NewProvider() (*provider, error) {
}) })
configCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Env) configCollectionExists, err := arangodb.CollectionExists(ctx, models.Collections.Env)
if configCollectionExists { if !configCollectionExists {
log.Println(models.Collections.Env + " collection exists already")
} else {
_, err = arangodb.CreateCollection(ctx, models.Collections.Env, nil) _, err = arangodb.CreateCollection(ctx, models.Collections.Env, nil)
if err != nil { if err != nil {
log.Println("error creating collection("+models.Collections.Env+"):", err) return nil, err
} }
} }

2
server/db/providers/arangodb/session.go
View File

@@ -2,7 +2,6 @@ package arangodb
import ( import (
"fmt" "fmt"
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -20,7 +19,6 @@ func (p *provider) AddSession(session models.Session) error {
sessionCollection, _ := p.db.Collection(nil, models.Collections.Session) sessionCollection, _ := p.db.Collection(nil, models.Collections.Session)
_, err := sessionCollection.CreateDocument(nil, session) _, err := sessionCollection.CreateDocument(nil, session)
if err != nil { if err != nil {
log.Println(`error saving session`, err)
return err return err
} }
return nil return nil

13
server/db/providers/arangodb/user.go
View File

@@ -3,16 +3,14 @@ package arangodb
import ( import (
"context" "context"
"fmt" "fmt"
"log"
"strings"
"time" "time"
"github.com/arangodb/go-driver" "github.com/arangodb/go-driver"
arangoDriver "github.com/arangodb/go-driver" arangoDriver "github.com/arangodb/go-driver"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/graph/model"
"github.com/authorizerdev/authorizer/server/memorystore"
"github.com/google/uuid" "github.com/google/uuid"
) )
@@ -23,7 +21,11 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
} }
if user.Roles == "" { if user.Roles == "" {
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",") defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
if err != nil {
return user, err
}
user.Roles = defaultRoles
} }
user.CreatedAt = time.Now().Unix() user.CreatedAt = time.Now().Unix()
@@ -31,7 +33,6 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
userCollection, _ := p.db.Collection(nil, models.Collections.User) userCollection, _ := p.db.Collection(nil, models.Collections.User)
meta, err := userCollection.CreateDocument(arangoDriver.WithOverwrite(nil), user) meta, err := userCollection.CreateDocument(arangoDriver.WithOverwrite(nil), user)
if err != nil { if err != nil {
log.Println("error adding user:", err)
return user, err return user, err
} }
user.Key = meta.Key user.Key = meta.Key
@@ -46,7 +47,6 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
collection, _ := p.db.Collection(nil, models.Collections.User) collection, _ := p.db.Collection(nil, models.Collections.User)
meta, err := collection.UpdateDocument(nil, user.Key, user) meta, err := collection.UpdateDocument(nil, user.Key, user)
if err != nil { if err != nil {
log.Println("error updating user:", err)
return user, err return user, err
} }
@@ -60,7 +60,6 @@ func (p *provider) DeleteUser(user models.User) error {
collection, _ := p.db.Collection(nil, models.Collections.User) collection, _ := p.db.Collection(nil, models.Collections.User)
_, err := collection.RemoveDocument(nil, user.Key) _, err := collection.RemoveDocument(nil, user.Key)
if err != nil { if err != nil {
log.Println(`error deleting user:`, err)
return err return err
} }

3
server/db/providers/arangodb/verification_requests.go
View File

@@ -3,7 +3,6 @@ package arangodb
import ( import (
"context" "context"
"fmt" "fmt"
"log"
"time" "time"
"github.com/arangodb/go-driver" "github.com/arangodb/go-driver"
@@ -23,7 +22,6 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
verificationRequestRequestCollection, _ := p.db.Collection(nil, models.Collections.VerificationRequest) verificationRequestRequestCollection, _ := p.db.Collection(nil, models.Collections.VerificationRequest)
meta, err := verificationRequestRequestCollection.CreateDocument(nil, verificationRequest) meta, err := verificationRequestRequestCollection.CreateDocument(nil, verificationRequest)
if err != nil { if err != nil {
log.Println("error saving verificationRequest record:", err)
return verificationRequest, err return verificationRequest, err
} }
verificationRequest.Key = meta.Key verificationRequest.Key = meta.Key
@@ -136,7 +134,6 @@ func (p *provider) DeleteVerificationRequest(verificationRequest models.Verifica
collection, _ := p.db.Collection(nil, models.Collections.VerificationRequest) collection, _ := p.db.Collection(nil, models.Collections.VerificationRequest)
_, err := collection.RemoveDocument(nil, verificationRequest.Key) _, err := collection.RemoveDocument(nil, verificationRequest.Key)
if err != nil { if err != nil {
log.Println(`error deleting verification request:`, err)
return err return err
} }
return nil return nil

48
server/db/providers/cassandradb/provider.go
View File

@@ -4,13 +4,12 @@ import (
"crypto/tls" "crypto/tls"
"crypto/x509" "crypto/x509"
"fmt" "fmt"
"log"
"strings" "strings"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/crypto"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/gocql/gocql" "github.com/gocql/gocql"
cansandraDriver "github.com/gocql/gocql" cansandraDriver "github.com/gocql/gocql"
) )
@@ -24,15 +23,19 @@ var KeySpace string
// NewProvider to initialize arangodb connection // NewProvider to initialize arangodb connection
func NewProvider() (*provider, error) { func NewProvider() (*provider, error) {
dbURL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL) dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
if dbURL == "" { if dbURL == "" {
dbURL = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseHost) dbHost := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseHost
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePort) != "" { dbPort := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabasePort
dbURL = fmt.Sprintf("%s:%s", dbURL, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePort)) if dbPort != "" && dbHost != "" {
dbURL = fmt.Sprintf("%s:%s", dbHost, dbPort)
} }
} }
KeySpace = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName) KeySpace = memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName
if KeySpace == "" {
KeySpace = constants.EnvKeyDatabaseName
}
clusterURL := []string{} clusterURL := []string{}
if strings.Contains(dbURL, ",") { if strings.Contains(dbURL, ",") {
clusterURL = strings.Split(dbURL, ",") clusterURL = strings.Split(dbURL, ",")
@@ -40,25 +43,31 @@ func NewProvider() (*provider, error) {
clusterURL = append(clusterURL, dbURL) clusterURL = append(clusterURL, dbURL)
} }
cassandraClient := cansandraDriver.NewCluster(clusterURL...) cassandraClient := cansandraDriver.NewCluster(clusterURL...)
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseUsername) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePassword) != "" { dbUsername := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseUsername
dbPassword := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabasePassword
if dbUsername != "" && dbPassword != "" {
cassandraClient.Authenticator = &cansandraDriver.PasswordAuthenticator{ cassandraClient.Authenticator = &cansandraDriver.PasswordAuthenticator{
Username: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseUsername), Username: dbUsername,
Password: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabasePassword), Password: dbPassword,
} }
} }
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCert) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCACert) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCertKey) != "" { dbCert := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseCert
certString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCert)) dbCACert := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseCACert
dbCertKey := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseCertKey
if dbCert != "" && dbCACert != "" && dbCertKey != "" {
certString, err := crypto.DecryptB64(dbCert)
if err != nil { if err != nil {
return nil, err return nil, err
} }
keyString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCertKey)) keyString, err := crypto.DecryptB64(dbCertKey)
if err != nil { if err != nil {
return nil, err return nil, err
} }
caString, err := crypto.DecryptB64(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseCACert)) caString, err := crypto.DecryptB64(dbCACert)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -88,7 +97,6 @@ func NewProvider() (*provider, error) {
session, err := cassandraClient.CreateSession() session, err := cassandraClient.CreateSession()
if err != nil { if err != nil {
log.Println("Error while creating connection to cassandra db", err)
return nil, err return nil, err
} }
@@ -101,7 +109,6 @@ func NewProvider() (*provider, error) {
var keySpace string var keySpace string
err := scanner.Scan(&keySpace) err := scanner.Scan(&keySpace)
if err != nil { if err != nil {
log.Println("Error while getting keyspace information", err)
return nil, err return nil, err
} }
if keySpace == KeySpace { if keySpace == KeySpace {
@@ -114,7 +121,6 @@ func NewProvider() (*provider, error) {
createKeySpaceQuery := fmt.Sprintf("CREATE KEYSPACE %s WITH REPLICATION = {'class': 'SimpleStrategy', 'replication_factor': 1};", KeySpace) createKeySpaceQuery := fmt.Sprintf("CREATE KEYSPACE %s WITH REPLICATION = {'class': 'SimpleStrategy', 'replication_factor': 1};", KeySpace)
err = session.Query(createKeySpaceQuery).Exec() err = session.Query(createKeySpaceQuery).Exec()
if err != nil { if err != nil {
log.Println("Error while creating keyspace", err)
return nil, err return nil, err
} }
} }
@@ -124,27 +130,23 @@ func NewProvider() (*provider, error) {
KeySpace, models.Collections.Env) KeySpace, models.Collections.Env)
err = session.Query(envCollectionQuery).Exec() err = session.Query(envCollectionQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create env collection:", err)
return nil, err return nil, err
} }
sessionCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, user_id text, user_agent text, ip text, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Session) sessionCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, user_id text, user_agent text, ip text, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Session)
err = session.Query(sessionCollectionQuery).Exec() err = session.Query(sessionCollectionQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create session collection:", err)
return nil, err return nil, err
} }
userCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, email text, email_verified_at bigint, password text, signup_methods text, given_name text, family_name text, middle_name text, nickname text, gender text, birthdate text, phone_number text, phone_number_verified_at bigint, picture text, roles text, updated_at bigint, created_at bigint, revoked_timestamp bigint, PRIMARY KEY (id))", KeySpace, models.Collections.User) userCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, email text, email_verified_at bigint, password text, signup_methods text, given_name text, family_name text, middle_name text, nickname text, gender text, birthdate text, phone_number text, phone_number_verified_at bigint, picture text, roles text, updated_at bigint, created_at bigint, revoked_timestamp bigint, PRIMARY KEY (id))", KeySpace, models.Collections.User)
err = session.Query(userCollectionQuery).Exec() err = session.Query(userCollectionQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create user collection:", err)
return nil, err return nil, err
} }
userIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_user_email ON %s.%s (email)", KeySpace, models.Collections.User) userIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_user_email ON %s.%s (email)", KeySpace, models.Collections.User)
err = session.Query(userIndexQuery).Exec() err = session.Query(userIndexQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create user index:", err)
return nil, err return nil, err
} }
@@ -152,25 +154,21 @@ func NewProvider() (*provider, error) {
verificationRequestCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, jwt_token text, identifier text, expires_at bigint, email text, nonce text, redirect_uri text, created_at bigint, updated_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.VerificationRequest) verificationRequestCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, jwt_token text, identifier text, expires_at bigint, email text, nonce text, redirect_uri text, created_at bigint, updated_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.VerificationRequest)
err = session.Query(verificationRequestCollectionQuery).Exec() err = session.Query(verificationRequestCollectionQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create verification request collection:", err)
return nil, err return nil, err
} }
verificationRequestIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_email ON %s.%s (email)", KeySpace, models.Collections.VerificationRequest) verificationRequestIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_email ON %s.%s (email)", KeySpace, models.Collections.VerificationRequest)
err = session.Query(verificationRequestIndexQuery).Exec() err = session.Query(verificationRequestIndexQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create verification_requests index:", err)
return nil, err return nil, err
} }
verificationRequestIndexQuery = fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_identifier ON %s.%s (identifier)", KeySpace, models.Collections.VerificationRequest) verificationRequestIndexQuery = fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_identifier ON %s.%s (identifier)", KeySpace, models.Collections.VerificationRequest)
err = session.Query(verificationRequestIndexQuery).Exec() err = session.Query(verificationRequestIndexQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create verification_requests index:", err)
return nil, err return nil, err
} }
verificationRequestIndexQuery = fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_jwt_token ON %s.%s (jwt_token)", KeySpace, models.Collections.VerificationRequest) verificationRequestIndexQuery = fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_verification_request_jwt_token ON %s.%s (jwt_token)", KeySpace, models.Collections.VerificationRequest)
err = session.Query(verificationRequestIndexQuery).Exec() err = session.Query(verificationRequestIndexQuery).Exec()
if err != nil { if err != nil {
log.Println("Unable to create verification_requests index:", err)
return nil, err return nil, err
} }

8
server/db/providers/cassandradb/user.go
View File

@@ -9,8 +9,8 @@ import (
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/graph/model"
"github.com/authorizerdev/authorizer/server/memorystore"
"github.com/gocql/gocql" "github.com/gocql/gocql"
"github.com/google/uuid" "github.com/google/uuid"
) )
@@ -22,7 +22,11 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
} }
if user.Roles == "" { if user.Roles == "" {
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",") defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
if err != nil {
return user, err
}
user.Roles = defaultRoles
} }
user.CreatedAt = time.Now().Unix() user.CreatedAt = time.Now().Unix()

3
server/db/providers/cassandradb/verification_requests.go
View File

@@ -2,7 +2,6 @@ package cassandradb
import ( import (
"fmt" "fmt"
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -61,7 +60,6 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.VerificationRequest) totalCountQuery := fmt.Sprintf(`SELECT COUNT(*) FROM %s`, KeySpace+"."+models.Collections.VerificationRequest)
err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total) err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)
if err != nil { if err != nil {
log.Println("Error while quering verification request", err)
return nil, err return nil, err
} }
@@ -77,7 +75,6 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
var verificationRequest models.VerificationRequest var verificationRequest models.VerificationRequest
err := scanner.Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt) err := scanner.Scan(&verificationRequest.ID, &verificationRequest.Token, &verificationRequest.Identifier, &verificationRequest.ExpiresAt, &verificationRequest.Email, &verificationRequest.Nonce, &verificationRequest.RedirectURI, &verificationRequest.CreatedAt, &verificationRequest.UpdatedAt)
if err != nil { if err != nil {
log.Println("Error while parsing verification request", err)
return nil, err return nil, err
} }
verificationRequests = append(verificationRequests, verificationRequest.AsAPIVerificationRequest()) verificationRequests = append(verificationRequests, verificationRequest.AsAPIVerificationRequest())

3
server/db/providers/mongodb/env.go
View File

@@ -2,7 +2,6 @@ package mongodb
import ( import (
"fmt" "fmt"
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -23,7 +22,6 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
configCollection := p.db.Collection(models.Collections.Env, options.Collection()) configCollection := p.db.Collection(models.Collections.Env, options.Collection())
_, err := configCollection.InsertOne(nil, env) _, err := configCollection.InsertOne(nil, env)
if err != nil { if err != nil {
log.Println("error adding config:", err)
return env, err return env, err
} }
return env, nil return env, nil
@@ -35,7 +33,6 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
configCollection := p.db.Collection(models.Collections.Env, options.Collection()) configCollection := p.db.Collection(models.Collections.Env, options.Collection())
_, err := configCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions()) _, err := configCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions())
if err != nil { if err != nil {
log.Println("error updating config:", err)
return env, err return env, err
} }
return env, nil return env, nil

19
server/db/providers/mongodb/provider.go
View File

@@ -4,9 +4,8 @@ import (
"context" "context"
"time" "time"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"go.mongodb.org/mongo-driver/bson" "go.mongodb.org/mongo-driver/bson"
"go.mongodb.org/mongo-driver/mongo" "go.mongodb.org/mongo-driver/mongo"
"go.mongodb.org/mongo-driver/mongo/options" "go.mongodb.org/mongo-driver/mongo/options"
@@ -19,7 +18,8 @@ type provider struct {
// NewProvider to initialize mongodb connection // NewProvider to initialize mongodb connection
func NewProvider() (*provider, error) { func NewProvider() (*provider, error) {
mongodbOptions := options.Client().ApplyURI(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)) dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
mongodbOptions := options.Client().ApplyURI(dbURL)
maxWait := time.Duration(5 * time.Second) maxWait := time.Duration(5 * time.Second)
mongodbOptions.ConnectTimeout = &maxWait mongodbOptions.ConnectTimeout = &maxWait
mongoClient, err := mongo.NewClient(mongodbOptions) mongoClient, err := mongo.NewClient(mongodbOptions)
@@ -37,18 +37,19 @@ func NewProvider() (*provider, error) {
return nil, err return nil, err
} }
mongodb := mongoClient.Database(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseName), options.Database()) dbName := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseName
mongodb := mongoClient.Database(dbName, options.Database())
mongodb.CreateCollection(ctx, models.Collections.User, options.CreateCollection()) mongodb.CreateCollection(ctx, models.Collections.User, options.CreateCollection())
userCollection := mongodb.Collection(models.Collections.User, options.Collection()) userCollection := mongodb.Collection(models.Collections.User, options.Collection())
userCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{ userCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
mongo.IndexModel{ {
Keys: bson.M{"email": 1}, Keys: bson.M{"email": 1},
Options: options.Index().SetUnique(true).SetSparse(true), Options: options.Index().SetUnique(true).SetSparse(true),
}, },
}, options.CreateIndexes()) }, options.CreateIndexes())
userCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{ userCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
mongo.IndexModel{ {
Keys: bson.M{"phone_number": 1}, Keys: bson.M{"phone_number": 1},
Options: options.Index().SetUnique(true).SetSparse(true).SetPartialFilterExpression(map[string]interface{}{ Options: options.Index().SetUnique(true).SetSparse(true).SetPartialFilterExpression(map[string]interface{}{
"phone_number": map[string]string{"$type": "string"}, "phone_number": map[string]string{"$type": "string"},
@@ -59,13 +60,13 @@ func NewProvider() (*provider, error) {
mongodb.CreateCollection(ctx, models.Collections.VerificationRequest, options.CreateCollection()) mongodb.CreateCollection(ctx, models.Collections.VerificationRequest, options.CreateCollection())
verificationRequestCollection := mongodb.Collection(models.Collections.VerificationRequest, options.Collection()) verificationRequestCollection := mongodb.Collection(models.Collections.VerificationRequest, options.Collection())
verificationRequestCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{ verificationRequestCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
mongo.IndexModel{ {
Keys: bson.M{"email": 1, "identifier": 1}, Keys: bson.M{"email": 1, "identifier": 1},
Options: options.Index().SetUnique(true).SetSparse(true), Options: options.Index().SetUnique(true).SetSparse(true),
}, },
}, options.CreateIndexes()) }, options.CreateIndexes())
verificationRequestCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{ verificationRequestCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
mongo.IndexModel{ {
Keys: bson.M{"token": 1}, Keys: bson.M{"token": 1},
Options: options.Index().SetSparse(true), Options: options.Index().SetSparse(true),
}, },
@@ -74,7 +75,7 @@ func NewProvider() (*provider, error) {
mongodb.CreateCollection(ctx, models.Collections.Session, options.CreateCollection()) mongodb.CreateCollection(ctx, models.Collections.Session, options.CreateCollection())
sessionCollection := mongodb.Collection(models.Collections.Session, options.Collection()) sessionCollection := mongodb.Collection(models.Collections.Session, options.Collection())
sessionCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{ sessionCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
mongo.IndexModel{ {
Keys: bson.M{"user_id": 1}, Keys: bson.M{"user_id": 1},
Options: options.Index().SetSparse(true), Options: options.Index().SetSparse(true),
}, },

3
server/db/providers/mongodb/session.go
View File

@@ -1,7 +1,6 @@
package mongodb package mongodb
import ( import (
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -22,7 +21,6 @@ func (p *provider) AddSession(session models.Session) error {
sessionCollection := p.db.Collection(models.Collections.Session, options.Collection()) sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
_, err := sessionCollection.InsertOne(nil, session) _, err := sessionCollection.InsertOne(nil, session)
if err != nil { if err != nil {
log.Println(`error saving session`, err)
return err return err
} }
return nil return nil
@@ -33,7 +31,6 @@ func (p *provider) DeleteSession(userId string) error {
sessionCollection := p.db.Collection(models.Collections.Session, options.Collection()) sessionCollection := p.db.Collection(models.Collections.Session, options.Collection())
_, err := sessionCollection.DeleteMany(nil, bson.M{"user_id": userId}, options.Delete()) _, err := sessionCollection.DeleteMany(nil, bson.M{"user_id": userId}, options.Delete())
if err != nil { if err != nil {
log.Println("error deleting session:", err)
return err return err
} }
return nil return nil

15
server/db/providers/mongodb/user.go
View File

@@ -1,14 +1,12 @@
package mongodb package mongodb
import ( import (
"log"
"strings"
"time" "time"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/graph/model"
"github.com/authorizerdev/authorizer/server/memorystore"
"github.com/google/uuid" "github.com/google/uuid"
"go.mongodb.org/mongo-driver/bson" "go.mongodb.org/mongo-driver/bson"
"go.mongodb.org/mongo-driver/mongo/options" "go.mongodb.org/mongo-driver/mongo/options"
@@ -21,7 +19,11 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
} }
if user.Roles == "" { if user.Roles == "" {
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",") defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
if err != nil {
return user, err
}
user.Roles = defaultRoles
} }
user.CreatedAt = time.Now().Unix() user.CreatedAt = time.Now().Unix()
user.UpdatedAt = time.Now().Unix() user.UpdatedAt = time.Now().Unix()
@@ -29,7 +31,6 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
userCollection := p.db.Collection(models.Collections.User, options.Collection()) userCollection := p.db.Collection(models.Collections.User, options.Collection())
_, err := userCollection.InsertOne(nil, user) _, err := userCollection.InsertOne(nil, user)
if err != nil { if err != nil {
log.Println("error adding user:", err)
return user, err return user, err
} }
@@ -42,7 +43,6 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
userCollection := p.db.Collection(models.Collections.User, options.Collection()) userCollection := p.db.Collection(models.Collections.User, options.Collection())
_, err := userCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions()) _, err := userCollection.UpdateOne(nil, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions())
if err != nil { if err != nil {
log.Println("error updating user:", err)
return user, err return user, err
} }
return user, nil return user, nil
@@ -53,7 +53,6 @@ func (p *provider) DeleteUser(user models.User) error {
userCollection := p.db.Collection(models.Collections.User, options.Collection()) userCollection := p.db.Collection(models.Collections.User, options.Collection())
_, err := userCollection.DeleteOne(nil, bson.M{"_id": user.ID}, options.Delete()) _, err := userCollection.DeleteOne(nil, bson.M{"_id": user.ID}, options.Delete())
if err != nil { if err != nil {
log.Println("error deleting user:", err)
return err return err
} }
@@ -74,7 +73,6 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
userCollection := p.db.Collection(models.Collections.User, options.Collection()) userCollection := p.db.Collection(models.Collections.User, options.Collection())
count, err := userCollection.CountDocuments(nil, bson.M{}, options.Count()) count, err := userCollection.CountDocuments(nil, bson.M{}, options.Count())
if err != nil { if err != nil {
log.Println("error getting total users:", err)
return nil, err return nil, err
} }
@@ -82,7 +80,6 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
cursor, err := userCollection.Find(nil, bson.M{}, opts) cursor, err := userCollection.Find(nil, bson.M{}, opts)
if err != nil { if err != nil {
log.Println("error getting users:", err)
return nil, err return nil, err
} }
defer cursor.Close(nil) defer cursor.Close(nil)

4
server/db/providers/mongodb/verification_requests.go
View File

@@ -1,7 +1,6 @@
package mongodb package mongodb
import ( import (
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -22,7 +21,6 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection()) verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
_, err := verificationRequestCollection.InsertOne(nil, verificationRequest) _, err := verificationRequestCollection.InsertOne(nil, verificationRequest)
if err != nil { if err != nil {
log.Println("error saving verification record:", err)
return verificationRequest, err return verificationRequest, err
} }
} }
@@ -73,7 +71,6 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
cursor, err := verificationRequestCollection.Find(nil, bson.M{}, opts) cursor, err := verificationRequestCollection.Find(nil, bson.M{}, opts)
if err != nil { if err != nil {
log.Println("error getting verification requests:", err)
return nil, err return nil, err
} }
defer cursor.Close(nil) defer cursor.Close(nil)
@@ -98,7 +95,6 @@ func (p *provider) DeleteVerificationRequest(verificationRequest models.Verifica
verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection()) verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection())
_, err := verificationRequestCollection.DeleteOne(nil, bson.M{"_id": verificationRequest.ID}, options.Delete()) _, err := verificationRequestCollection.DeleteOne(nil, bson.M{"_id": verificationRequest.ID}, options.Delete())
if err != nil { if err != nil {
log.Println("error deleting verification request::", err)
return err return err
} }

9
server/db/providers/provider_template/user.go
View File

@@ -1,13 +1,12 @@
package provider_template package provider_template
import ( import (
"strings"
"time" "time"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/graph/model"
"github.com/authorizerdev/authorizer/server/memorystore"
"github.com/google/uuid" "github.com/google/uuid"
) )
@@ -18,7 +17,11 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
} }
if user.Roles == "" { if user.Roles == "" {
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",") defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
if err != nil {
return user, err
}
user.Roles = defaultRoles
} }
user.CreatedAt = time.Now().Unix() user.CreatedAt = time.Now().Unix()

3
server/db/providers/sql/env.go
View File

@@ -1,7 +1,6 @@
package sql package sql
import ( import (
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -20,7 +19,6 @@ func (p *provider) AddEnv(env models.Env) (models.Env, error) {
result := p.db.Create(&env) result := p.db.Create(&env)
if result.Error != nil { if result.Error != nil {
log.Println("error adding config:", result.Error)
return env, result.Error return env, result.Error
} }
return env, nil return env, nil
@@ -32,7 +30,6 @@ func (p *provider) UpdateEnv(env models.Env) (models.Env, error) {
result := p.db.Save(&env) result := p.db.Save(&env)
if result.Error != nil { if result.Error != nil {
log.Println("error updating config:", result.Error)
return env, result.Error return env, result.Error
} }
return env, nil return env, nil

16
server/db/providers/sql/provider.go
View File

@@ -7,7 +7,7 @@ import (
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"gorm.io/driver/mysql" "gorm.io/driver/mysql"
"gorm.io/driver/postgres" "gorm.io/driver/postgres"
"gorm.io/driver/sqlite" "gorm.io/driver/sqlite"
@@ -41,15 +41,19 @@ func NewProvider() (*provider, error) {
TablePrefix: models.Prefix, TablePrefix: models.Prefix,
}, },
} }
switch envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseType) {
dbType := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseType
dbURL := memorystore.RequiredEnvStoreObj.GetRequiredEnv().DatabaseURL
switch dbType {
case constants.DbTypePostgres, constants.DbTypeYugabyte: case constants.DbTypePostgres, constants.DbTypeYugabyte:
sqlDB, err = gorm.Open(postgres.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig) sqlDB, err = gorm.Open(postgres.Open(dbURL), ormConfig)
case constants.DbTypeSqlite: case constants.DbTypeSqlite:
sqlDB, err = gorm.Open(sqlite.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig) sqlDB, err = gorm.Open(sqlite.Open(dbURL), ormConfig)
case constants.DbTypeMysql, constants.DbTypeMariaDB: case constants.DbTypeMysql, constants.DbTypeMariaDB:
sqlDB, err = gorm.Open(mysql.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig) sqlDB, err = gorm.Open(mysql.Open(dbURL), ormConfig)
case constants.DbTypeSqlserver: case constants.DbTypeSqlserver:
sqlDB, err = gorm.Open(sqlserver.Open(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL)), ormConfig) sqlDB, err = gorm.Open(sqlserver.Open(dbURL), ormConfig)
} }
if err != nil { if err != nil {

3
server/db/providers/sql/session.go
View File

@@ -1,7 +1,6 @@
package sql package sql
import ( import (
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -23,7 +22,6 @@ func (p *provider) AddSession(session models.Session) error {
DoNothing: true, DoNothing: true,
}).Create(&session) }).Create(&session)
if res.Error != nil { if res.Error != nil {
log.Println(`error saving session`, res.Error)
return res.Error return res.Error
} }
return nil return nil
@@ -34,7 +32,6 @@ func (p *provider) DeleteSession(userId string) error {
result := p.db.Where("user_id = ?", userId).Delete(&models.Session{}) result := p.db.Where("user_id = ?", userId).Delete(&models.Session{})
if result.Error != nil { if result.Error != nil {
log.Println(`error deleting session:`, result.Error)
return result.Error return result.Error
} }
return nil return nil

14
server/db/providers/sql/user.go
View File

@@ -1,14 +1,12 @@
package sql package sql
import ( import (
"log"
"strings"
"time" "time"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/graph/model" "github.com/authorizerdev/authorizer/server/graph/model"
"github.com/authorizerdev/authorizer/server/memorystore"
"github.com/google/uuid" "github.com/google/uuid"
"gorm.io/gorm/clause" "gorm.io/gorm/clause"
) )
@@ -20,7 +18,11 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
} }
if user.Roles == "" { if user.Roles == "" {
user.Roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",") defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
if err != nil {
return user, err
}
user.Roles = defaultRoles
} }
user.CreatedAt = time.Now().Unix() user.CreatedAt = time.Now().Unix()
@@ -33,7 +35,6 @@ func (p *provider) AddUser(user models.User) (models.User, error) {
}).Create(&user) }).Create(&user)
if result.Error != nil { if result.Error != nil {
log.Println("error adding user:", result.Error)
return user, result.Error return user, result.Error
} }
@@ -47,7 +48,6 @@ func (p *provider) UpdateUser(user models.User) (models.User, error) {
result := p.db.Save(&user) result := p.db.Save(&user)
if result.Error != nil { if result.Error != nil {
log.Println("error updating user:", result.Error)
return user, result.Error return user, result.Error
} }
@@ -59,7 +59,6 @@ func (p *provider) DeleteUser(user models.User) error {
result := p.db.Delete(&user) result := p.db.Delete(&user)
if result.Error != nil { if result.Error != nil {
log.Println(`error deleting user:`, result.Error)
return result.Error return result.Error
} }
@@ -71,7 +70,6 @@ func (p *provider) ListUsers(pagination model.Pagination) (*model.Users, error)
var users []models.User var users []models.User
result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&users) result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&users)
if result.Error != nil { if result.Error != nil {
log.Println("error getting users:", result.Error)
return nil, result.Error return nil, result.Error
} }

6
server/db/providers/sql/verification_requests.go
View File

@@ -1,7 +1,6 @@
package sql package sql
import ( import (
"log"
"time" "time"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
@@ -25,7 +24,6 @@ func (p *provider) AddVerificationRequest(verificationRequest models.Verificatio
}).Create(&verificationRequest) }).Create(&verificationRequest)
if result.Error != nil { if result.Error != nil {
log.Println(`error saving verification request record`, result.Error)
return verificationRequest, result.Error return verificationRequest, result.Error
} }
@@ -38,7 +36,6 @@ func (p *provider) GetVerificationRequestByToken(token string) (models.Verificat
result := p.db.Where("token = ?", token).First(&verificationRequest) result := p.db.Where("token = ?", token).First(&verificationRequest)
if result.Error != nil { if result.Error != nil {
log.Println(`error getting verification request:`, result.Error)
return verificationRequest, result.Error return verificationRequest, result.Error
} }
@@ -52,7 +49,6 @@ func (p *provider) GetVerificationRequestByEmail(email string, identifier string
result := p.db.Where("email = ? AND identifier = ?", email, identifier).First(&verificationRequest) result := p.db.Where("email = ? AND identifier = ?", email, identifier).First(&verificationRequest)
if result.Error != nil { if result.Error != nil {
log.Println(`error getting verification token:`, result.Error)
return verificationRequest, result.Error return verificationRequest, result.Error
} }
@@ -65,7 +61,6 @@ func (p *provider) ListVerificationRequests(pagination model.Pagination) (*model
result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&verificationRequests) result := p.db.Limit(int(pagination.Limit)).Offset(int(pagination.Offset)).Order("created_at DESC").Find(&verificationRequests)
if result.Error != nil { if result.Error != nil {
log.Println("error getting verification requests:", result.Error)
return nil, result.Error return nil, result.Error
} }
@@ -94,7 +89,6 @@ func (p *provider) DeleteVerificationRequest(verificationRequest models.Verifica
result := p.db.Delete(&verificationRequest) result := p.db.Delete(&verificationRequest)
if result.Error != nil { if result.Error != nil {
log.Println(`error deleting verification request:`, result.Error)
return result.Error return result.Error
} }

59
server/email/email.go
View File

@@ -4,13 +4,14 @@ import (
"bytes" "bytes"
"crypto/tls" "crypto/tls"
"encoding/json" "encoding/json"
"log"
"strconv" "strconv"
"text/template" "text/template"
"github.com/authorizerdev/authorizer/server/constants" log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/envstore"
gomail "gopkg.in/mail.v2" gomail "gopkg.in/mail.v2"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/memorystore"
) )
// addEmailTemplate is used to add html template in email body // addEmailTemplate is used to add html template in email body
@@ -32,21 +33,61 @@ func addEmailTemplate(a string, b map[string]interface{}, templateName string) s
// SendMail function to send mail // SendMail function to send mail
func SendMail(to []string, Subject, bodyMessage string) error { func SendMail(to []string, Subject, bodyMessage string) error {
// dont trigger email sending in case of test // dont trigger email sending in case of test
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "test" { envKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyEnv)
if err != nil {
return err
}
if envKey == "test" {
return nil return nil
} }
m := gomail.NewMessage() m := gomail.NewMessage()
m.SetHeader("From", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySenderEmail)) senderEmail, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySenderEmail)
if err != nil {
log.Errorf("Error while getting sender email from env variable: %v", err)
return err
}
smtpPort, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpPort)
if err != nil {
log.Errorf("Error while getting smtp port from env variable: %v", err)
return err
}
smtpHost, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpHost)
if err != nil {
log.Errorf("Error while getting smtp host from env variable: %v", err)
return err
}
smtpUsername, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername)
if err != nil {
log.Errorf("Error while getting smtp username from env variable: %v", err)
return err
}
smtpPassword, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword)
if err != nil {
log.Errorf("Error while getting smtp password from env variable: %v", err)
return err
}
isProd, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsProd)
if err != nil {
log.Errorf("Error while getting env variable: %v", err)
return err
}
m.SetHeader("From", senderEmail)
m.SetHeader("To", to...) m.SetHeader("To", to...)
m.SetHeader("Subject", Subject) m.SetHeader("Subject", Subject)
m.SetBody("text/html", bodyMessage) m.SetBody("text/html", bodyMessage)
port, _ := strconv.Atoi(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPort)) port, _ := strconv.Atoi(smtpPort)
d := gomail.NewDialer(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpHost), port, envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpUsername), envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeySmtpPassword)) d := gomail.NewDialer(smtpHost, port, smtpUsername, smtpPassword)
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnv) == "development" { if !isProd {
d.TLSConfig = &tls.Config{InsecureSkipVerify: true} d.TLSConfig = &tls.Config{InsecureSkipVerify: true}
} }
if err := d.DialAndSend(m); err != nil { if err := d.DialAndSend(m); err != nil {
log.Printf("smtp error: %s", err) log.Debug("SMTP Failed: ", err)
return err return err
} }
return nil return nil

21
server/email/forgot_password_email.go
View File

@@ -2,14 +2,19 @@ package email
import ( import (
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
) )
// SendForgotPasswordMail to send forgot password email // SendForgotPasswordMail to send forgot password email
func SendForgotPasswordMail(toEmail, token, hostname string) error { func SendForgotPasswordMail(toEmail, token, hostname string) error {
resetPasswordUrl := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL) resetPasswordUrl, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
if err != nil {
return err
}
if resetPasswordUrl == "" { if resetPasswordUrl == "" {
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password") if err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password"); err != nil {
return err
}
} }
// The receiver needs to be in slice as the receive supports multiple receiver // The receiver needs to be in slice as the receive supports multiple receiver
@@ -103,8 +108,14 @@ func SendForgotPasswordMail(toEmail, token, hostname string) error {
` `
data := make(map[string]interface{}, 3) data := make(map[string]interface{}, 3)
data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo) data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName) if err != nil {
return err
}
data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
if err != nil {
return err
}
data["verification_url"] = resetPasswordUrl + "?token=" + token data["verification_url"] = resetPasswordUrl + "?token=" + token
message = addEmailTemplate(message, data, "reset_password_email.tmpl") message = addEmailTemplate(message, data, "reset_password_email.tmpl")

19
server/email/invite_email.go
View File

@@ -1,10 +1,10 @@
package email package email
import ( import (
"log" log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
) )
// InviteEmail to send invite email // InviteEmail to send invite email
@@ -99,15 +99,22 @@ func InviteEmail(toEmail, token, verificationURL, redirectURI string) error {
</html> </html>
` `
data := make(map[string]interface{}, 3) data := make(map[string]interface{}, 3)
data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo) var err error
data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName) data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
if err != nil {
return err
}
data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
if err != nil {
return err
}
data["verification_url"] = verificationURL + "?token=" + token + "&redirect_uri=" + redirectURI data["verification_url"] = verificationURL + "?token=" + token + "&redirect_uri=" + redirectURI
message = addEmailTemplate(message, data, "invite_email.tmpl") message = addEmailTemplate(message, data, "invite_email.tmpl")
// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message) // bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
err := SendMail(Receiver, Subject, message) err = SendMail(Receiver, Subject, message)
if err != nil { if err != nil {
log.Println("error sending email:", err) log.Warn("error sending email: ", err)
} }
return err return err
} }

19
server/email/verification_email.go
View File

@@ -1,10 +1,10 @@
package email package email
import ( import (
"log" log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
) )
// SendVerificationMail to send verification email // SendVerificationMail to send verification email
@@ -99,15 +99,22 @@ func SendVerificationMail(toEmail, token, hostname string) error {
</html> </html>
` `
data := make(map[string]interface{}, 3) data := make(map[string]interface{}, 3)
data["org_logo"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo) var err error
data["org_name"] = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName) data["org_logo"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
if err != nil {
return err
}
data["org_name"], err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
if err != nil {
return err
}
data["verification_url"] = hostname + "/verify_email?token=" + token data["verification_url"] = hostname + "/verify_email?token=" + token
message = addEmailTemplate(message, data, "verify_email.tmpl") message = addEmailTemplate(message, data, "verify_email.tmpl")
// bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message) // bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
err := SendMail(Receiver, Subject, message) err = SendMail(Receiver, Subject, message)
if err != nil { if err != nil {
log.Println("error sending email:", err) log.Warn("error sending email: ", err)
} }
return err return err
} }

669
server/env/env.go vendored
View File

@@ -2,209 +2,242 @@ package env
import ( import (
"errors" "errors"
"log" "fmt"
"os" "os"
"strconv"
"strings" "strings"
"github.com/google/uuid"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/crypto"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/utils"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"github.com/joho/godotenv"
) )
// InitRequiredEnv to initialize EnvData and through error if required env are not present
func InitRequiredEnv() error {
envPath := os.Getenv(constants.EnvKeyEnvPath)
if envPath == "" {
envPath = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyEnvPath)
if envPath == "" {
envPath = `.env`
}
}
if envstore.ARG_ENV_FILE != nil && *envstore.ARG_ENV_FILE != "" {
envPath = *envstore.ARG_ENV_FILE
}
err := godotenv.Load(envPath)
if err != nil {
log.Printf("using OS env instead of %s file", envPath)
}
dbURL := os.Getenv(constants.EnvKeyDatabaseURL)
dbType := os.Getenv(constants.EnvKeyDatabaseType)
dbName := os.Getenv(constants.EnvKeyDatabaseName)
dbPort := os.Getenv(constants.EnvKeyDatabasePort)
dbHost := os.Getenv(constants.EnvKeyDatabaseHost)
dbUsername := os.Getenv(constants.EnvKeyDatabaseUsername)
dbPassword := os.Getenv(constants.EnvKeyDatabasePassword)
dbCert := os.Getenv(constants.EnvKeyDatabaseCert)
dbCertKey := os.Getenv(constants.EnvKeyDatabaseCertKey)
dbCACert := os.Getenv(constants.EnvKeyDatabaseCACert)
if strings.TrimSpace(dbType) == "" {
if envstore.ARG_DB_TYPE != nil && *envstore.ARG_DB_TYPE != "" {
dbType = strings.TrimSpace(*envstore.ARG_DB_TYPE)
}
if dbType == "" {
return errors.New("invalid database type. DATABASE_TYPE is empty")
}
}
if strings.TrimSpace(dbURL) == "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyDatabaseURL) == "" {
if envstore.ARG_DB_URL != nil && *envstore.ARG_DB_URL != "" {
dbURL = strings.TrimSpace(*envstore.ARG_DB_URL)
}
if dbURL == "" && dbPort == "" && dbHost == "" && dbUsername == "" && dbPassword == "" {
return errors.New("invalid database url. DATABASE_URL is required")
}
}
if dbName == "" {
if dbName == "" {
dbName = "authorizer"
}
}
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEnvPath, envPath)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseURL, dbURL)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseType, dbType)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseName, dbName)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseHost, dbHost)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabasePort, dbPort)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseUsername, dbUsername)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabasePassword, dbPassword)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCert, dbCert)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCertKey, dbCertKey)
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyDatabaseCACert, dbCACert)
return nil
}
// InitEnv to initialize EnvData and through error if required env are not present // InitEnv to initialize EnvData and through error if required env are not present
func InitAllEnv() error { func InitAllEnv() error {
envData, err := GetEnvData() envData, err := GetEnvData()
if err != nil { if err != nil {
log.Println("No env data found in db, using local clone of env data") log.Info("No env data found in db, using local clone of env data")
// get clone of current store // get clone of current store
envData = envstore.EnvStoreObj.GetEnvStoreClone() envData, err = memorystore.Provider.GetEnvStore()
if err != nil {
log.Debug("Error while getting env data from memorystore: ", err)
return err
}
} }
clientID := envData.StringEnv[constants.EnvKeyClientID]
// unique client id for each instance // unique client id for each instance
if clientID == "" { cid, ok := envData[constants.EnvKeyClientID]
clientID := ""
if !ok || cid == "" {
clientID = uuid.New().String() clientID = uuid.New().String()
envData.StringEnv[constants.EnvKeyClientID] = clientID envData[constants.EnvKeyClientID] = clientID
} else {
clientID = cid.(string)
} }
clientSecret := envData.StringEnv[constants.EnvKeyClientSecret] // unique client secret for each instance
// unique client id for each instance if val, ok := envData[constants.EnvKeyClientSecret]; !ok || val != "" {
if clientSecret == "" { envData[constants.EnvKeyClientSecret] = uuid.New().String()
clientSecret = uuid.New().String()
envData.StringEnv[constants.EnvKeyClientSecret] = clientSecret
} }
if envData.StringEnv[constants.EnvKeyEnv] == "" { // os string envs
envData.StringEnv[constants.EnvKeyEnv] = os.Getenv(constants.EnvKeyEnv) osEnv := os.Getenv(constants.EnvKeyEnv)
if envData.StringEnv[constants.EnvKeyEnv] == "" { osAppURL := os.Getenv(constants.EnvKeyAppURL)
envData.StringEnv[constants.EnvKeyEnv] = "production" osAuthorizerURL := os.Getenv(constants.EnvKeyAuthorizerURL)
osPort := os.Getenv(constants.EnvKeyPort)
osAccessTokenExpiryTime := os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
osAdminSecret := os.Getenv(constants.EnvKeyAdminSecret)
osSmtpHost := os.Getenv(constants.EnvKeySmtpHost)
osSmtpPort := os.Getenv(constants.EnvKeySmtpPort)
osSmtpUsername := os.Getenv(constants.EnvKeySmtpUsername)
osSmtpPassword := os.Getenv(constants.EnvKeySmtpPassword)
osSenderEmail := os.Getenv(constants.EnvKeySenderEmail)
osJwtType := os.Getenv(constants.EnvKeyJwtType)
osJwtSecret := os.Getenv(constants.EnvKeyJwtSecret)
osJwtPrivateKey := os.Getenv(constants.EnvKeyJwtPrivateKey)
osJwtPublicKey := os.Getenv(constants.EnvKeyJwtPublicKey)
osJwtRoleClaim := os.Getenv(constants.EnvKeyJwtRoleClaim)
osCustomAccessTokenScript := os.Getenv(constants.EnvKeyCustomAccessTokenScript)
osGoogleClientID := os.Getenv(constants.EnvKeyGoogleClientID)
osGoogleClientSecret := os.Getenv(constants.EnvKeyGoogleClientSecret)
osGithubClientID := os.Getenv(constants.EnvKeyGithubClientID)
osGithubClientSecret := os.Getenv(constants.EnvKeyGithubClientSecret)
osFacebookClientID := os.Getenv(constants.EnvKeyFacebookClientID)
osFacebookClientSecret := os.Getenv(constants.EnvKeyFacebookClientSecret)
osResetPasswordURL := os.Getenv(constants.EnvKeyResetPasswordURL)
osOrganizationName := os.Getenv(constants.EnvKeyOrganizationName)
osOrganizationLogo := os.Getenv(constants.EnvKeyOrganizationLogo)
// os bool vars
osDisableBasicAuthentication := os.Getenv(constants.EnvKeyDisableBasicAuthentication)
osDisableEmailVerification := os.Getenv(constants.EnvKeyDisableEmailVerification)
osDisableMagicLinkLogin := os.Getenv(constants.EnvKeyDisableMagicLinkLogin)
osDisableLoginPage := os.Getenv(constants.EnvKeyDisableLoginPage)
osDisableSignUp := os.Getenv(constants.EnvKeyDisableSignUp)
osDisableRedisForEnv := os.Getenv(constants.EnvKeyDisableRedisForEnv)
// os slice vars
osAllowedOrigins := os.Getenv(constants.EnvKeyAllowedOrigins)
osRoles := os.Getenv(constants.EnvKeyRoles)
osDefaultRoles := os.Getenv(constants.EnvKeyDefaultRoles)
osProtectedRoles := os.Getenv(constants.EnvKeyProtectedRoles)
ienv, ok := envData[constants.EnvKeyEnv]
if !ok || ienv == "" {
envData[constants.EnvKeyEnv] = osEnv
if envData[constants.EnvKeyEnv] == "" {
envData[constants.EnvKeyEnv] = "production"
} }
if envData.StringEnv[constants.EnvKeyEnv] == "production" { if envData[constants.EnvKeyEnv] == "production" {
envData.BoolEnv[constants.EnvKeyIsProd] = true envData[constants.EnvKeyIsProd] = true
gin.SetMode(gin.ReleaseMode)
} else { } else {
envData.BoolEnv[constants.EnvKeyIsProd] = false envData[constants.EnvKeyIsProd] = false
} }
} }
if osEnv != "" && osEnv != envData[constants.EnvKeyEnv] {
if envData.StringEnv[constants.EnvKeyAppURL] == "" { envData[constants.EnvKeyEnv] = osEnv
envData.StringEnv[constants.EnvKeyAppURL] = os.Getenv(constants.EnvKeyAppURL) if envData[constants.EnvKeyEnv] == "production" {
} envData[constants.EnvKeyIsProd] = true
if envData.StringEnv[constants.EnvKeyAuthorizerURL] == "" {
envData.StringEnv[constants.EnvKeyAuthorizerURL] = os.Getenv(constants.EnvKeyAuthorizerURL)
}
if envData.StringEnv[constants.EnvKeyPort] == "" {
envData.StringEnv[constants.EnvKeyPort] = os.Getenv(constants.EnvKeyPort)
if envData.StringEnv[constants.EnvKeyPort] == "" {
envData.StringEnv[constants.EnvKeyPort] = "8080"
}
}
if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = "30m"
}
}
if envData.StringEnv[constants.EnvKeyAdminSecret] == "" {
envData.StringEnv[constants.EnvKeyAdminSecret] = os.Getenv(constants.EnvKeyAdminSecret)
}
if envData.StringEnv[constants.EnvKeySmtpHost] == "" {
envData.StringEnv[constants.EnvKeySmtpHost] = os.Getenv(constants.EnvKeySmtpHost)
}
if envData.StringEnv[constants.EnvKeySmtpPort] == "" {
envData.StringEnv[constants.EnvKeySmtpPort] = os.Getenv(constants.EnvKeySmtpPort)
}
if envData.StringEnv[constants.EnvKeySmtpUsername] == "" {
envData.StringEnv[constants.EnvKeySmtpUsername] = os.Getenv(constants.EnvKeySmtpUsername)
}
if envData.StringEnv[constants.EnvKeySmtpPassword] == "" {
envData.StringEnv[constants.EnvKeySmtpPassword] = os.Getenv(constants.EnvKeySmtpPassword)
}
if envData.StringEnv[constants.EnvKeySenderEmail] == "" {
envData.StringEnv[constants.EnvKeySenderEmail] = os.Getenv(constants.EnvKeySenderEmail)
}
algo := envData.StringEnv[constants.EnvKeyJwtType]
if algo == "" {
envData.StringEnv[constants.EnvKeyJwtType] = os.Getenv(constants.EnvKeyJwtType)
if envData.StringEnv[constants.EnvKeyJwtType] == "" {
envData.StringEnv[constants.EnvKeyJwtType] = "RS256"
algo = envData.StringEnv[constants.EnvKeyJwtType]
} else { } else {
algo = envData.StringEnv[constants.EnvKeyJwtType] envData[constants.EnvKeyIsProd] = false
if !crypto.IsHMACA(algo) && !crypto.IsRSA(algo) && !crypto.IsECDSA(algo) {
return errors.New("invalid JWT_TYPE")
}
} }
} }
if val, ok := envData[constants.EnvKeyAppURL]; !ok || val == "" {
envData[constants.EnvKeyAppURL] = osAppURL
}
if osAppURL != "" && envData[constants.EnvKeyAppURL] != osAppURL {
envData[constants.EnvKeyAppURL] = osAppURL
}
if val, ok := envData[constants.EnvKeyAuthorizerURL]; !ok || val == "" {
envData[constants.EnvKeyAuthorizerURL] = osAuthorizerURL
}
if osAuthorizerURL != "" && envData[constants.EnvKeyAuthorizerURL] != osAuthorizerURL {
envData[constants.EnvKeyAuthorizerURL] = osAuthorizerURL
}
if val, ok := envData[constants.EnvKeyPort]; !ok || val == "" {
envData[constants.EnvKeyPort] = osPort
if envData[constants.EnvKeyPort] == "" {
envData[constants.EnvKeyPort] = "8080"
}
}
if osPort != "" && envData[constants.EnvKeyPort] != osPort {
envData[constants.EnvKeyPort] = osPort
}
if val, ok := envData[constants.EnvKeyAccessTokenExpiryTime]; !ok || val == "" {
envData[constants.EnvKeyAccessTokenExpiryTime] = osAccessTokenExpiryTime
if envData[constants.EnvKeyAccessTokenExpiryTime] == "" {
envData[constants.EnvKeyAccessTokenExpiryTime] = "30m"
}
}
if osAccessTokenExpiryTime != "" && envData[constants.EnvKeyAccessTokenExpiryTime] != osAccessTokenExpiryTime {
envData[constants.EnvKeyAccessTokenExpiryTime] = osAccessTokenExpiryTime
}
if val, ok := envData[constants.EnvKeyAdminSecret]; !ok || val == "" {
envData[constants.EnvKeyAdminSecret] = osAdminSecret
}
if osAdminSecret != "" && envData[constants.EnvKeyAdminSecret] != osAdminSecret {
envData[constants.EnvKeyAdminSecret] = osAdminSecret
}
if val, ok := envData[constants.EnvKeySmtpHost]; !ok || val == "" {
envData[constants.EnvKeySmtpHost] = osSmtpHost
}
if osSmtpHost != "" && envData[constants.EnvKeySmtpHost] != osSmtpHost {
envData[constants.EnvKeySmtpHost] = osSmtpHost
}
if val, ok := envData[constants.EnvKeySmtpPort]; !ok || val == "" {
envData[constants.EnvKeySmtpPort] = osSmtpPort
}
if osSmtpPort != "" && envData[constants.EnvKeySmtpPort] != osSmtpPort {
envData[constants.EnvKeySmtpPort] = osSmtpPort
}
if val, ok := envData[constants.EnvKeySmtpUsername]; !ok || val == "" {
envData[constants.EnvKeySmtpUsername] = osSmtpUsername
}
if osSmtpUsername != "" && envData[constants.EnvKeySmtpUsername] != osSmtpUsername {
envData[constants.EnvKeySmtpUsername] = osSmtpUsername
}
if val, ok := envData[constants.EnvKeySmtpPassword]; !ok || val == "" {
envData[constants.EnvKeySmtpPassword] = osSmtpPassword
}
if osSmtpPassword != "" && envData[constants.EnvKeySmtpPassword] != osSmtpPassword {
envData[constants.EnvKeySmtpPassword] = osSmtpPassword
}
if val, ok := envData[constants.EnvKeySenderEmail]; !ok || val == "" {
envData[constants.EnvKeySenderEmail] = osSenderEmail
}
if osSenderEmail != "" && envData[constants.EnvKeySenderEmail] != osSenderEmail {
envData[constants.EnvKeySenderEmail] = osSenderEmail
}
algoVal, ok := envData[constants.EnvKeyJwtType]
algo := ""
if !ok || algoVal == "" {
envData[constants.EnvKeyJwtType] = osJwtType
if envData[constants.EnvKeyJwtType] == "" {
envData[constants.EnvKeyJwtType] = "RS256"
algo = envData[constants.EnvKeyJwtType].(string)
}
} else {
algo = algoVal.(string)
if !crypto.IsHMACA(algo) && !crypto.IsRSA(algo) && !crypto.IsECDSA(algo) {
log.Debug("Invalid JWT Algorithm")
return errors.New("invalid JWT_TYPE")
}
}
if osJwtType != "" && osJwtType != algo {
if !crypto.IsHMACA(osJwtType) && !crypto.IsRSA(osJwtType) && !crypto.IsECDSA(osJwtType) {
log.Debug("Invalid JWT Algorithm")
return errors.New("invalid JWT_TYPE")
}
algo = osJwtType
envData[constants.EnvKeyJwtType] = osJwtType
}
if crypto.IsHMACA(algo) { if crypto.IsHMACA(algo) {
if envData.StringEnv[constants.EnvKeyJwtSecret] == "" { if val, ok := envData[constants.EnvKeyJwtSecret]; !ok || val == "" {
envData.StringEnv[constants.EnvKeyJwtSecret] = os.Getenv(constants.EnvKeyJwtSecret) envData[constants.EnvKeyJwtSecret] = osJwtSecret
if envData.StringEnv[constants.EnvKeyJwtSecret] == "" { if envData[constants.EnvKeyJwtSecret] == "" {
envData.StringEnv[constants.EnvKeyJwtSecret], _, err = crypto.NewHMACKey(algo, clientID) envData[constants.EnvKeyJwtSecret], _, err = crypto.NewHMACKey(algo, clientID)
if err != nil { if err != nil {
return err return err
} }
} }
} }
if osJwtSecret != "" && envData[constants.EnvKeyJwtSecret] != osJwtSecret {
envData[constants.EnvKeyJwtSecret] = osJwtSecret
}
} }
if crypto.IsRSA(algo) || crypto.IsECDSA(algo) { if crypto.IsRSA(algo) || crypto.IsECDSA(algo) {
privateKey, publicKey := "", "" privateKey, publicKey := "", ""
if envData.StringEnv[constants.EnvKeyJwtPrivateKey] == "" { if val, ok := envData[constants.EnvKeyJwtPrivateKey]; !ok || val == "" {
privateKey = os.Getenv(constants.EnvKeyJwtPrivateKey) privateKey = osJwtPrivateKey
}
if osJwtPrivateKey != "" && privateKey != osJwtPrivateKey {
privateKey = osJwtPrivateKey
} }
if envData.StringEnv[constants.EnvKeyJwtPublicKey] == "" { if val, ok := envData[constants.EnvKeyJwtPublicKey]; !ok || val == "" {
publicKey = os.Getenv(constants.EnvKeyJwtPublicKey) publicKey = osJwtPublicKey
}
if osJwtPublicKey != "" && publicKey != osJwtPublicKey {
publicKey = osJwtPublicKey
} }
// if algo is RSA / ECDSA, then we need to have both private and public key // if algo is RSA / ECDSA, then we need to have both private and public key
@@ -247,158 +280,232 @@ func InitAllEnv() error {
} }
} }
envData.StringEnv[constants.EnvKeyJwtPrivateKey] = privateKey envData[constants.EnvKeyJwtPrivateKey] = privateKey
envData.StringEnv[constants.EnvKeyJwtPublicKey] = publicKey envData[constants.EnvKeyJwtPublicKey] = publicKey
} }
if envData.StringEnv[constants.EnvKeyJwtRoleClaim] == "" { if val, ok := envData[constants.EnvKeyJwtRoleClaim]; !ok || val == "" {
envData.StringEnv[constants.EnvKeyJwtRoleClaim] = os.Getenv(constants.EnvKeyJwtRoleClaim) envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
if envData.StringEnv[constants.EnvKeyJwtRoleClaim] == "" { if envData[constants.EnvKeyJwtRoleClaim] == "" {
envData.StringEnv[constants.EnvKeyJwtRoleClaim] = "role" envData[constants.EnvKeyJwtRoleClaim] = "role"
}
}
if osJwtRoleClaim != "" && envData[constants.EnvKeyJwtRoleClaim] != osJwtRoleClaim {
envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
}
if val, ok := envData[constants.EnvKeyCustomAccessTokenScript]; !ok || val == "" {
envData[constants.EnvKeyCustomAccessTokenScript] = osCustomAccessTokenScript
}
if osCustomAccessTokenScript != "" && envData[constants.EnvKeyCustomAccessTokenScript] != osCustomAccessTokenScript {
envData[constants.EnvKeyCustomAccessTokenScript] = osCustomAccessTokenScript
}
if val, ok := envData[constants.EnvKeyGoogleClientID]; !ok || val == "" {
envData[constants.EnvKeyGoogleClientID] = osGoogleClientID
}
if osGoogleClientID != "" && envData[constants.EnvKeyGoogleClientID] != osGoogleClientID {
envData[constants.EnvKeyGoogleClientID] = osGoogleClientID
}
if val, ok := envData[constants.EnvKeyGoogleClientSecret]; !ok || val == "" {
envData[constants.EnvKeyGoogleClientSecret] = osGoogleClientSecret
}
if osGoogleClientSecret != "" && envData[constants.EnvKeyGoogleClientSecret] != osGoogleClientSecret {
envData[constants.EnvKeyGoogleClientSecret] = osGoogleClientSecret
}
if val, ok := envData[constants.EnvKeyGithubClientID]; !ok || val == "" {
envData[constants.EnvKeyGithubClientID] = osGithubClientID
}
if osGithubClientID != "" && envData[constants.EnvKeyGithubClientID] != osGithubClientID {
envData[constants.EnvKeyGithubClientID] = osGithubClientID
}
if val, ok := envData[constants.EnvKeyGithubClientSecret]; !ok || val == "" {
envData[constants.EnvKeyGithubClientSecret] = osGithubClientSecret
}
if osGithubClientSecret != "" && envData[constants.EnvKeyGithubClientSecret] != osGithubClientSecret {
envData[constants.EnvKeyGithubClientSecret] = osGithubClientSecret
}
if val, ok := envData[constants.EnvKeyFacebookClientID]; !ok || val == "" {
envData[constants.EnvKeyFacebookClientID] = osFacebookClientID
}
if osFacebookClientID != "" && envData[constants.EnvKeyFacebookClientID] != osFacebookClientID {
envData[constants.EnvKeyFacebookClientID] = osFacebookClientID
}
if val, ok := envData[constants.EnvKeyFacebookClientSecret]; !ok || val == "" {
envData[constants.EnvKeyFacebookClientSecret] = osFacebookClientSecret
}
if osFacebookClientSecret != "" && envData[constants.EnvKeyFacebookClientSecret] != osFacebookClientSecret {
envData[constants.EnvKeyFacebookClientSecret] = osFacebookClientSecret
}
if val, ok := envData[constants.EnvKeyResetPasswordURL]; !ok || val == "" {
envData[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(osResetPasswordURL, "/")
}
if osResetPasswordURL != "" && envData[constants.EnvKeyResetPasswordURL] != osResetPasswordURL {
envData[constants.EnvKeyResetPasswordURL] = osResetPasswordURL
}
if val, ok := envData[constants.EnvKeyOrganizationName]; !ok || val == "" {
envData[constants.EnvKeyOrganizationName] = osOrganizationName
}
if osOrganizationName != "" && envData[constants.EnvKeyOrganizationName] != osOrganizationName {
envData[constants.EnvKeyOrganizationName] = osOrganizationName
}
if val, ok := envData[constants.EnvKeyOrganizationLogo]; !ok || val == "" {
envData[constants.EnvKeyOrganizationLogo] = osOrganizationLogo
}
if osOrganizationLogo != "" && envData[constants.EnvKeyOrganizationLogo] != osOrganizationLogo {
envData[constants.EnvKeyOrganizationLogo] = osOrganizationLogo
}
if _, ok := envData[constants.EnvKeyDisableBasicAuthentication]; !ok {
envData[constants.EnvKeyDisableBasicAuthentication] = osDisableBasicAuthentication == "true"
}
if osDisableBasicAuthentication != "" {
boolValue, err := strconv.ParseBool(osDisableBasicAuthentication)
if err != nil {
return err
}
if boolValue != envData[constants.EnvKeyDisableBasicAuthentication].(bool) {
envData[constants.EnvKeyDisableBasicAuthentication] = boolValue
} }
} }
if envData.StringEnv[constants.EnvKeyCustomAccessTokenScript] == "" { if _, ok := envData[constants.EnvKeyDisableEmailVerification]; !ok {
envData.StringEnv[constants.EnvKeyCustomAccessTokenScript] = os.Getenv(constants.EnvKeyCustomAccessTokenScript) envData[constants.EnvKeyDisableEmailVerification] = osDisableEmailVerification == "true"
} }
if osDisableEmailVerification != "" {
if envData.StringEnv[constants.EnvKeyRedisURL] == "" { boolValue, err := strconv.ParseBool(osDisableEmailVerification)
envData.StringEnv[constants.EnvKeyRedisURL] = os.Getenv(constants.EnvKeyRedisURL) if err != nil {
} return err
}
if envData.StringEnv[constants.EnvKeyCookieName] == "" { if boolValue != envData[constants.EnvKeyDisableEmailVerification].(bool) {
envData.StringEnv[constants.EnvKeyCookieName] = os.Getenv(constants.EnvKeyCookieName) envData[constants.EnvKeyDisableEmailVerification] = boolValue
if envData.StringEnv[constants.EnvKeyCookieName] == "" {
envData.StringEnv[constants.EnvKeyCookieName] = "authorizer"
} }
} }
if envData.StringEnv[constants.EnvKeyGoogleClientID] == "" { if _, ok := envData[constants.EnvKeyDisableMagicLinkLogin]; !ok {
envData.StringEnv[constants.EnvKeyGoogleClientID] = os.Getenv(constants.EnvKeyGoogleClientID) envData[constants.EnvKeyDisableMagicLinkLogin] = osDisableMagicLinkLogin == "true"
}
if osDisableMagicLinkLogin != "" {
boolValue, err := strconv.ParseBool(osDisableMagicLinkLogin)
if err != nil {
return err
}
if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
envData[constants.EnvKeyDisableMagicLinkLogin] = boolValue
}
} }
if envData.StringEnv[constants.EnvKeyGoogleClientSecret] == "" { if _, ok := envData[constants.EnvKeyDisableLoginPage]; !ok {
envData.StringEnv[constants.EnvKeyGoogleClientSecret] = os.Getenv(constants.EnvKeyGoogleClientSecret) envData[constants.EnvKeyDisableLoginPage] = osDisableLoginPage == "true"
}
if osDisableLoginPage != "" {
boolValue, err := strconv.ParseBool(osDisableLoginPage)
if err != nil {
return err
}
if boolValue != envData[constants.EnvKeyDisableLoginPage].(bool) {
envData[constants.EnvKeyDisableLoginPage] = boolValue
}
} }
if envData.StringEnv[constants.EnvKeyGithubClientID] == "" { if _, ok := envData[constants.EnvKeyDisableSignUp]; !ok {
envData.StringEnv[constants.EnvKeyGithubClientID] = os.Getenv(constants.EnvKeyGithubClientID) envData[constants.EnvKeyDisableSignUp] = osDisableSignUp == "true"
}
if osDisableSignUp != "" {
boolValue, err := strconv.ParseBool(osDisableSignUp)
if err != nil {
return err
}
if boolValue != envData[constants.EnvKeyDisableSignUp].(bool) {
envData[constants.EnvKeyDisableSignUp] = boolValue
}
} }
if envData.StringEnv[constants.EnvKeyGithubClientSecret] == "" { if _, ok := envData[constants.EnvKeyDisableRedisForEnv]; !ok {
envData.StringEnv[constants.EnvKeyGithubClientSecret] = os.Getenv(constants.EnvKeyGithubClientSecret) envData[constants.EnvKeyDisableRedisForEnv] = osDisableRedisForEnv == "true"
} }
if osDisableRedisForEnv != "" {
if envData.StringEnv[constants.EnvKeyFacebookClientID] == "" { boolValue, err := strconv.ParseBool(osDisableRedisForEnv)
envData.StringEnv[constants.EnvKeyFacebookClientID] = os.Getenv(constants.EnvKeyFacebookClientID) if err != nil {
return err
}
if boolValue != envData[constants.EnvKeyDisableRedisForEnv].(bool) {
envData[constants.EnvKeyDisableRedisForEnv] = boolValue
}
} }
if envData.StringEnv[constants.EnvKeyFacebookClientSecret] == "" {
envData.StringEnv[constants.EnvKeyFacebookClientSecret] = os.Getenv(constants.EnvKeyFacebookClientSecret)
}
if envData.StringEnv[constants.EnvKeyResetPasswordURL] == "" {
envData.StringEnv[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(os.Getenv(constants.EnvKeyResetPasswordURL), "/")
}
envData.BoolEnv[constants.EnvKeyDisableBasicAuthentication] = os.Getenv(constants.EnvKeyDisableBasicAuthentication) == "true"
envData.BoolEnv[constants.EnvKeyDisableEmailVerification] = os.Getenv(constants.EnvKeyDisableEmailVerification) == "true"
envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = os.Getenv(constants.EnvKeyDisableMagicLinkLogin) == "true"
envData.BoolEnv[constants.EnvKeyDisableLoginPage] = os.Getenv(constants.EnvKeyDisableLoginPage) == "true"
envData.BoolEnv[constants.EnvKeyDisableSignUp] = os.Getenv(constants.EnvKeyDisableSignUp) == "true"
// no need to add nil check as its already done above // no need to add nil check as its already done above
if envData.StringEnv[constants.EnvKeySmtpHost] == "" || envData.StringEnv[constants.EnvKeySmtpUsername] == "" || envData.StringEnv[constants.EnvKeySmtpPassword] == "" || envData.StringEnv[constants.EnvKeySenderEmail] == "" && envData.StringEnv[constants.EnvKeySmtpPort] == "" { if envData[constants.EnvKeySmtpHost] == "" || envData[constants.EnvKeySmtpUsername] == "" || envData[constants.EnvKeySmtpPassword] == "" || envData[constants.EnvKeySenderEmail] == "" && envData[constants.EnvKeySmtpPort] == "" {
envData.BoolEnv[constants.EnvKeyDisableEmailVerification] = true envData[constants.EnvKeyDisableEmailVerification] = true
envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true envData[constants.EnvKeyDisableMagicLinkLogin] = true
} }
if envData.BoolEnv[constants.EnvKeyDisableEmailVerification] { if envData[constants.EnvKeyDisableEmailVerification].(bool) {
envData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true envData[constants.EnvKeyDisableMagicLinkLogin] = true
} }
allowedOriginsSplit := strings.Split(os.Getenv(constants.EnvKeyAllowedOrigins), ",") if val, ok := envData[constants.EnvKeyAllowedOrigins]; !ok || val == "" {
allowedOrigins := []string{} envData[constants.EnvKeyAllowedOrigins] = osAllowedOrigins
hasWildCard := false if envData[constants.EnvKeyAllowedOrigins] == "" {
envData[constants.EnvKeyAllowedOrigins] = "*"
}
}
if osAllowedOrigins != "" && envData[constants.EnvKeyAllowedOrigins] != osAllowedOrigins {
envData[constants.EnvKeyAllowedOrigins] = osAllowedOrigins
}
for _, val := range allowedOriginsSplit { if val, ok := envData[constants.EnvKeyRoles]; !ok || val == "" {
trimVal := strings.TrimSpace(val) envData[constants.EnvKeyRoles] = osRoles
if trimVal != "" { if envData[constants.EnvKeyRoles] == "" {
if trimVal != "*" { envData[constants.EnvKeyRoles] = "user"
host, port := utils.GetHostParts(trimVal) }
allowedOrigins = append(allowedOrigins, host+":"+port) }
} else { if osRoles != "" && envData[constants.EnvKeyRoles] != osRoles {
hasWildCard = true envData[constants.EnvKeyRoles] = osRoles
allowedOrigins = append(allowedOrigins, trimVal) }
break roles := strings.Split(envData[constants.EnvKeyRoles].(string), ",")
}
if val, ok := envData[constants.EnvKeyDefaultRoles]; !ok || val == "" {
envData[constants.EnvKeyDefaultRoles] = osDefaultRoles
if envData[constants.EnvKeyDefaultRoles] == "" {
envData[constants.EnvKeyDefaultRoles] = "user"
}
}
if osDefaultRoles != "" && envData[constants.EnvKeyDefaultRoles] != osDefaultRoles {
envData[constants.EnvKeyDefaultRoles] = osDefaultRoles
}
defaultRoles := strings.Split(envData[constants.EnvKeyDefaultRoles].(string), ",")
if len(defaultRoles) == 0 {
defaultRoles = []string{roles[0]}
}
for _, role := range defaultRoles {
if !utils.StringSliceContains(roles, role) {
return fmt.Errorf("Default role %s is not defined in roles", role)
} }
} }
if len(allowedOrigins) > 1 && hasWildCard { if val, ok := envData[constants.EnvKeyProtectedRoles]; !ok || val == "" {
allowedOrigins = []string{"*"} envData[constants.EnvKeyProtectedRoles] = osProtectedRoles
}
if osProtectedRoles != "" && envData[constants.EnvKeyProtectedRoles] != osProtectedRoles {
envData[constants.EnvKeyProtectedRoles] = osProtectedRoles
} }
if len(allowedOrigins) == 0 { err = memorystore.Provider.UpdateEnvStore(envData)
allowedOrigins = []string{"*"} if err != nil {
log.Debug("Error while updating env store: ", err)
return err
} }
envData.SliceEnv[constants.EnvKeyAllowedOrigins] = allowedOrigins
rolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyRoles))
rolesSplit := strings.Split(rolesEnv, ",")
roles := []string{}
if len(rolesEnv) == 0 {
roles = []string{"user"}
}
defaultRolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyDefaultRoles))
defaultRoleSplit := strings.Split(defaultRolesEnv, ",")
defaultRoles := []string{}
if len(defaultRolesEnv) == 0 {
defaultRoles = []string{"user"}
}
protectedRolesEnv := strings.TrimSpace(os.Getenv(constants.EnvKeyProtectedRoles))
protectedRolesSplit := strings.Split(protectedRolesEnv, ",")
protectedRoles := []string{}
if len(protectedRolesEnv) > 0 {
for _, val := range protectedRolesSplit {
trimVal := strings.TrimSpace(val)
protectedRoles = append(protectedRoles, trimVal)
}
}
for _, val := range rolesSplit {
trimVal := strings.TrimSpace(val)
if trimVal != "" {
roles = append(roles, trimVal)
if utils.StringSliceContains(defaultRoleSplit, trimVal) {
defaultRoles = append(defaultRoles, trimVal)
}
}
}
if len(roles) > 0 && len(defaultRoles) == 0 && len(defaultRolesEnv) > 0 {
return errors.New(`invalid DEFAULT_ROLE environment variable. It can be one from give ROLES environment variable value`)
}
envData.SliceEnv[constants.EnvKeyRoles] = roles
envData.SliceEnv[constants.EnvKeyDefaultRoles] = defaultRoles
envData.SliceEnv[constants.EnvKeyProtectedRoles] = protectedRoles
if os.Getenv(constants.EnvKeyOrganizationName) != "" {
envData.StringEnv[constants.EnvKeyOrganizationName] = os.Getenv(constants.EnvKeyOrganizationName)
}
if os.Getenv(constants.EnvKeyOrganizationLogo) != "" {
envData.StringEnv[constants.EnvKeyOrganizationLogo] = os.Getenv(constants.EnvKeyOrganizationLogo)
}
envstore.EnvStoreObj.UpdateEnvStore(envData)
return nil return nil
} }

172
server/env/persist_env.go vendored
View File

@@ -2,53 +2,107 @@ package env
import ( import (
"encoding/json" "encoding/json"
"log"
"os" "os"
"reflect"
"strconv" "strconv"
"strings" "strings"
"github.com/google/uuid" "github.com/google/uuid"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/crypto"
"github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/utils"
) )
func fixBackwardCompatibility(data map[string]interface{}) (bool, map[string]interface{}) {
result := data
// check if env data is stored in older format
hasOlderFormat := false
if _, ok := result["bool_env"]; ok {
for key, value := range result["bool_env"].(map[string]interface{}) {
result[key] = value
}
hasOlderFormat = true
delete(result, "bool_env")
}
if _, ok := result["string_env"]; ok {
for key, value := range result["string_env"].(map[string]interface{}) {
result[key] = value
}
hasOlderFormat = true
delete(result, "string_env")
}
if _, ok := result["slice_env"]; ok {
for key, value := range result["slice_env"].(map[string]interface{}) {
typeOfValue := reflect.TypeOf(value)
if strings.Contains(typeOfValue.String(), "[]string") {
result[key] = strings.Join(value.([]string), ",")
}
if strings.Contains(typeOfValue.String(), "[]interface") {
result[key] = strings.Join(utils.ConvertInterfaceToStringSlice(value), ",")
}
}
hasOlderFormat = true
delete(result, "slice_env")
}
return hasOlderFormat, result
}
// GetEnvData returns the env data from database // GetEnvData returns the env data from database
func GetEnvData() (envstore.Store, error) { func GetEnvData() (map[string]interface{}, error) {
var result envstore.Store var result map[string]interface{}
env, err := db.Provider.GetEnv() env, err := db.Provider.GetEnv()
// config not found in db // config not found in db
if err != nil { if err != nil {
log.Debug("Error while getting env data from db: ", err)
return result, err return result, err
} }
encryptionKey := env.Hash encryptionKey := env.Hash
decryptedEncryptionKey, err := crypto.DecryptB64(encryptionKey) decryptedEncryptionKey, err := crypto.DecryptB64(encryptionKey)
if err != nil { if err != nil {
log.Debug("Error while decrypting encryption key: ", err)
return result, err return result, err
} }
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData) b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData)
if err != nil { if err != nil {
log.Debug("Error while decrypting env data from B64: ", err)
return result, err return result, err
} }
decryptedConfigs, err := crypto.DecryptAESEnv([]byte(b64DecryptedConfig)) decryptedConfigs, err := crypto.DecryptAESEnv([]byte(b64DecryptedConfig))
if err != nil { if err != nil {
log.Debug("Error while decrypting env data from AES: ", err)
return result, err return result, err
} }
err = json.Unmarshal(decryptedConfigs, &result) err = json.Unmarshal(decryptedConfigs, &result)
if err != nil { if err != nil {
log.Debug("Error while unmarshalling env data: ", err)
return result, err return result, err
} }
hasOlderFormat, result := fixBackwardCompatibility(result)
if hasOlderFormat {
err = memorystore.Provider.UpdateEnvStore(result)
if err != nil {
log.Debug("Error while updating env store: ", err)
return result, err
}
}
return result, err return result, err
} }
@@ -59,11 +113,22 @@ func PersistEnv() error {
if err != nil { if err != nil {
// AES encryption needs 32 bit key only, so we chop off last 4 characters from 36 bit uuid // AES encryption needs 32 bit key only, so we chop off last 4 characters from 36 bit uuid
hash := uuid.New().String()[:36-4] hash := uuid.New().String()[:36-4]
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, hash) err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, hash)
if err != nil {
log.Debug("Error while updating encryption env variable: ", err)
return err
}
encodedHash := crypto.EncryptB64(hash) encodedHash := crypto.EncryptB64(hash)
encryptedConfig, err := crypto.EncryptEnvData(envstore.EnvStoreObj.GetEnvStoreClone()) res, err := memorystore.Provider.GetEnvStore()
if err != nil { if err != nil {
log.Debug("Error while getting env store: ", err)
return err
}
encryptedConfig, err := crypto.EncryptEnvData(res)
if err != nil {
log.Debug("Error while encrypting env data: ", err)
return err return err
} }
@@ -74,6 +139,7 @@ func PersistEnv() error {
env, err = db.Provider.AddEnv(env) env, err = db.Provider.AddEnv(env)
if err != nil { if err != nil {
log.Debug("Error while persisting env data to db: ", err)
return err return err
} }
} else { } else {
@@ -82,108 +148,112 @@ func PersistEnv() error {
encryptionKey := env.Hash encryptionKey := env.Hash
decryptedEncryptionKey, err := crypto.DecryptB64(encryptionKey) decryptedEncryptionKey, err := crypto.DecryptB64(encryptionKey)
if err != nil { if err != nil {
log.Debug("Error while decrypting encryption key: ", err)
return err return err
} }
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyEncryptionKey, decryptedEncryptionKey) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyEncryptionKey, decryptedEncryptionKey)
b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData) b64DecryptedConfig, err := crypto.DecryptB64(env.EnvData)
if err != nil { if err != nil {
log.Debug("Error while decrypting env data from B64: ", err)
return err return err
} }
decryptedConfigs, err := crypto.DecryptAESEnv([]byte(b64DecryptedConfig)) decryptedConfigs, err := crypto.DecryptAESEnv([]byte(b64DecryptedConfig))
if err != nil { if err != nil {
log.Debug("Error while decrypting env data from AES: ", err)
return err return err
} }
// temp store variable // temp store variable
var storeData envstore.Store storeData := map[string]interface{}{}
err = json.Unmarshal(decryptedConfigs, &storeData) err = json.Unmarshal(decryptedConfigs, &storeData)
if err != nil { if err != nil {
log.Debug("Error while unmarshalling env data: ", err)
return err return err
} }
hasOlderFormat, result := fixBackwardCompatibility(storeData)
if hasOlderFormat {
err = memorystore.Provider.UpdateEnvStore(result)
if err != nil {
log.Debug("Error while updating env store: ", err)
return err
}
}
// if env is changed via env file or OS env // if env is changed via env file or OS env
// give that higher preference and update db, but we don't recommend it // give that higher preference and update db, but we don't recommend it
hasChanged := false hasChanged := false
for key, value := range storeData {
for key, value := range storeData.StringEnv {
// don't override unexposed envs // don't override unexposed envs
// check only for derivative keys
// No need to check for ENCRYPTION_KEY which special key we use for encrypting config data
// as we have removed it from json
if key != constants.EnvKeyEncryptionKey { if key != constants.EnvKeyEncryptionKey {
// check only for derivative keys
// No need to check for ENCRYPTION_KEY which special key we use for encrypting config data
// as we have removed it from json
envValue := strings.TrimSpace(os.Getenv(key)) envValue := strings.TrimSpace(os.Getenv(key))
// env is not empty
if envValue != "" { if envValue != "" {
if value != envValue { switch key {
storeData.StringEnv[key] = envValue case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv:
hasChanged = true if envValueBool, err := strconv.ParseBool(envValue); err == nil {
if value.(bool) != envValueBool {
storeData[key] = envValueBool
hasChanged = true
}
}
default:
if value != nil && value.(string) != envValue {
storeData[key] = envValue
hasChanged = true
}
} }
} }
} }
} }
for key, value := range storeData.BoolEnv {
envValue := strings.TrimSpace(os.Getenv(key))
// env is not empty
if envValue != "" {
envValueBool, _ := strconv.ParseBool(envValue)
if value != envValueBool {
storeData.BoolEnv[key] = envValueBool
hasChanged = true
}
}
}
for key, value := range storeData.SliceEnv {
envValue := strings.TrimSpace(os.Getenv(key))
// env is not empty
if envValue != "" {
envStringArr := strings.Split(envValue, ",")
if !utils.IsStringArrayEqual(value, envStringArr) {
storeData.SliceEnv[key] = envStringArr
hasChanged = true
}
}
}
// handle derivative cases like disabling email verification & magic login // handle derivative cases like disabling email verification & magic login
// in case SMTP is off but env is set to true // in case SMTP is off but env is set to true
if storeData.StringEnv[constants.EnvKeySmtpHost] == "" || storeData.StringEnv[constants.EnvKeySmtpUsername] == "" || storeData.StringEnv[constants.EnvKeySmtpPassword] == "" || storeData.StringEnv[constants.EnvKeySenderEmail] == "" && storeData.StringEnv[constants.EnvKeySmtpPort] == "" { if storeData[constants.EnvKeySmtpHost] == "" || storeData[constants.EnvKeySmtpUsername] == "" || storeData[constants.EnvKeySmtpPassword] == "" || storeData[constants.EnvKeySenderEmail] == "" && storeData[constants.EnvKeySmtpPort] == "" {
if !storeData.BoolEnv[constants.EnvKeyDisableEmailVerification] { if !storeData[constants.EnvKeyDisableEmailVerification].(bool) {
storeData.BoolEnv[constants.EnvKeyDisableEmailVerification] = true storeData[constants.EnvKeyDisableEmailVerification] = true
hasChanged = true hasChanged = true
} }
if !storeData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] { if !storeData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
storeData.BoolEnv[constants.EnvKeyDisableMagicLinkLogin] = true storeData[constants.EnvKeyDisableMagicLinkLogin] = true
hasChanged = true hasChanged = true
} }
} }
envstore.EnvStoreObj.UpdateEnvStore(storeData) err = memorystore.Provider.UpdateEnvStore(storeData)
if err != nil {
log.Debug("Error while updating env store: ", err)
return err
}
jwk, err := crypto.GenerateJWKBasedOnEnv() jwk, err := crypto.GenerateJWKBasedOnEnv()
if err != nil { if err != nil {
log.Debug("Error while generating JWK: ", err)
return err return err
} }
// updating jwk // updating jwk
envstore.EnvStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJWK, jwk) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyJWK, jwk)
if hasChanged { if hasChanged {
encryptedConfig, err := crypto.EncryptEnvData(storeData) encryptedConfig, err := crypto.EncryptEnvData(storeData)
if err != nil { if err != nil {
log.Debug("Error while encrypting env data: ", err)
return err return err
} }
env.EnvData = encryptedConfig env.EnvData = encryptedConfig
_, err = db.Provider.UpdateEnv(env) _, err = db.Provider.UpdateEnv(env)
if err != nil { if err != nil {
log.Println("error updating config:", err) log.Debug("Failed to Update Config: ", err)
return err return err
} }
} }

120
server/envstore/store.go
View File

@@ -1,120 +0,0 @@
package envstore
import (
"sync"
"github.com/authorizerdev/authorizer/server/constants"
)
var (
// ARG_DB_URL is the cli arg variable for the database url
ARG_DB_URL *string
// ARG_DB_TYPE is the cli arg variable for the database type
ARG_DB_TYPE *string
// ARG_ENV_FILE is the cli arg variable for the env file
ARG_ENV_FILE *string
)
// Store data structure
type Store struct {
StringEnv map[string]string `json:"string_env"`
BoolEnv map[string]bool `json:"bool_env"`
SliceEnv map[string][]string `json:"slice_env"`
}
// EnvStore struct
type EnvStore struct {
mutex sync.Mutex
store *Store
}
var defaultStore = &EnvStore{
store: &Store{
StringEnv: map[string]string{
constants.EnvKeyAdminCookieName: "authorizer-admin",
constants.EnvKeyJwtRoleClaim: "role",
constants.EnvKeyOrganizationName: "Authorizer",
constants.EnvKeyOrganizationLogo: "https://www.authorizer.dev/images/logo.png",
},
BoolEnv: map[string]bool{
constants.EnvKeyDisableBasicAuthentication: false,
constants.EnvKeyDisableMagicLinkLogin: false,
constants.EnvKeyDisableEmailVerification: false,
constants.EnvKeyDisableLoginPage: false,
constants.EnvKeyDisableSignUp: false,
},
SliceEnv: map[string][]string{},
},
}
// EnvStoreObj.GetBoolStoreEnvVariable global variable for EnvStore
var EnvStoreObj = defaultStore
// UpdateEnvStore to update the whole env store object
func (e *EnvStore) UpdateEnvStore(store Store) {
e.mutex.Lock()
defer e.mutex.Unlock()
// just override the keys + new keys
for key, value := range store.StringEnv {
e.store.StringEnv[key] = value
}
for key, value := range store.BoolEnv {
e.store.BoolEnv[key] = value
}
for key, value := range store.SliceEnv {
e.store.SliceEnv[key] = value
}
}
// UpdateEnvVariable to update the particular env variable
func (e *EnvStore) UpdateEnvVariable(storeIdentifier, key string, value interface{}) {
e.mutex.Lock()
defer e.mutex.Unlock()
switch storeIdentifier {
case constants.StringStoreIdentifier:
e.store.StringEnv[key] = value.(string)
case constants.BoolStoreIdentifier:
e.store.BoolEnv[key] = value.(bool)
case constants.SliceStoreIdentifier:
e.store.SliceEnv[key] = value.([]string)
}
}
// GetStringStoreEnvVariable to get the env variable from string store object
func (e *EnvStore) GetStringStoreEnvVariable(key string) string {
// e.mutex.Lock()
// defer e.mutex.Unlock()
return e.store.StringEnv[key]
}
// GetBoolStoreEnvVariable to get the env variable from bool store object
func (e *EnvStore) GetBoolStoreEnvVariable(key string) bool {
// e.mutex.Lock()
// defer e.mutex.Unlock()
return e.store.BoolEnv[key]
}
// GetSliceStoreEnvVariable to get the env variable from slice store object
func (e *EnvStore) GetSliceStoreEnvVariable(key string) []string {
// e.mutex.Lock()
// defer e.mutex.Unlock()
return e.store.SliceEnv[key]
}
// GetEnvStoreClone to get clone of current env store object
func (e *EnvStore) GetEnvStoreClone() Store {
e.mutex.Lock()
defer e.mutex.Unlock()
result := *e.store
return result
}
func (e *EnvStore) ResetStore() {
e.mutex.Lock()
defer e.mutex.Unlock()
e.store = defaultStore.store
}

1
server/go.mod
View File

@@ -20,6 +20,7 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.1 // indirect github.com/modern-go/reflect2 v1.0.1 // indirect
github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
github.com/sirupsen/logrus v1.8.1
github.com/stretchr/testify v1.7.0 github.com/stretchr/testify v1.7.0
github.com/ugorji/go v1.2.6 // indirect github.com/ugorji/go v1.2.6 // indirect
github.com/vektah/gqlparser/v2 v2.2.0 github.com/vektah/gqlparser/v2 v2.2.0

2
server/go.sum
View File

@@ -331,6 +331,8 @@ github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeV
github.com/shurcooL/vfsgen v0.0.0-20180121065927-ffb13db8def0/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw= github.com/shurcooL/vfsgen v0.0.0-20180121065927-ffb13db8def0/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw=
github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=

263
server/graph/generated/generated.go
View File

@@ -59,7 +59,6 @@ type ComplexityRoot struct {
AppURL func(childComplexity int) int AppURL func(childComplexity int) int
ClientID func(childComplexity int) int ClientID func(childComplexity int) int
ClientSecret func(childComplexity int) int ClientSecret func(childComplexity int) int
CookieName func(childComplexity int) int
CustomAccessTokenScript func(childComplexity int) int CustomAccessTokenScript func(childComplexity int) int
DatabaseHost func(childComplexity int) int DatabaseHost func(childComplexity int) int
DatabaseName func(childComplexity int) int DatabaseName func(childComplexity int) int
@@ -73,6 +72,7 @@ type ComplexityRoot struct {
DisableEmailVerification func(childComplexity int) int DisableEmailVerification func(childComplexity int) int
DisableLoginPage func(childComplexity int) int DisableLoginPage func(childComplexity int) int
DisableMagicLinkLogin func(childComplexity int) int DisableMagicLinkLogin func(childComplexity int) int
DisableRedisForEnv func(childComplexity int) int
DisableSignUp func(childComplexity int) int DisableSignUp func(childComplexity int) int
FacebookClientID func(childComplexity int) int FacebookClientID func(childComplexity int) int
FacebookClientSecret func(childComplexity int) int FacebookClientSecret func(childComplexity int) int
@@ -346,13 +346,6 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
return e.complexity.Env.ClientSecret(childComplexity), true return e.complexity.Env.ClientSecret(childComplexity), true
case "Env.COOKIE_NAME":
if e.complexity.Env.CookieName == nil {
break
}
return e.complexity.Env.CookieName(childComplexity), true
case "Env.CUSTOM_ACCESS_TOKEN_SCRIPT": case "Env.CUSTOM_ACCESS_TOKEN_SCRIPT":
if e.complexity.Env.CustomAccessTokenScript == nil { if e.complexity.Env.CustomAccessTokenScript == nil {
break break
@@ -444,6 +437,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
return e.complexity.Env.DisableMagicLinkLogin(childComplexity), true return e.complexity.Env.DisableMagicLinkLogin(childComplexity), true
case "Env.DISABLE_REDIS_FOR_ENV":
if e.complexity.Env.DisableRedisForEnv == nil {
break
}
return e.complexity.Env.DisableRedisForEnv(childComplexity), true
case "Env.DISABLE_SIGN_UP": case "Env.DISABLE_SIGN_UP":
if e.complexity.Env.DisableSignUp == nil { if e.complexity.Env.DisableSignUp == nil {
break break
@@ -1423,13 +1423,13 @@ type Response {
type Env { type Env {
ACCESS_TOKEN_EXPIRY_TIME: String ACCESS_TOKEN_EXPIRY_TIME: String
ADMIN_SECRET: String ADMIN_SECRET: String
DATABASE_NAME: String! DATABASE_NAME: String
DATABASE_URL: String! DATABASE_URL: String
DATABASE_TYPE: String! DATABASE_TYPE: String
DATABASE_USERNAME: String! DATABASE_USERNAME: String
DATABASE_PASSWORD: String! DATABASE_PASSWORD: String
DATABASE_HOST: String! DATABASE_HOST: String
DATABASE_PORT: String! DATABASE_PORT: String
CLIENT_ID: String! CLIENT_ID: String!
CLIENT_SECRET: String! CLIENT_SECRET: String!
CUSTOM_ACCESS_TOKEN_SCRIPT: String CUSTOM_ACCESS_TOKEN_SCRIPT: String
@@ -1445,13 +1445,13 @@ type Env {
ALLOWED_ORIGINS: [String!] ALLOWED_ORIGINS: [String!]
APP_URL: String APP_URL: String
REDIS_URL: String REDIS_URL: String
COOKIE_NAME: String
RESET_PASSWORD_URL: String RESET_PASSWORD_URL: String
DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_EMAIL_VERIFICATION: Boolean!
DISABLE_BASIC_AUTHENTICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean!
DISABLE_MAGIC_LINK_LOGIN: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean!
DISABLE_LOGIN_PAGE: Boolean DISABLE_LOGIN_PAGE: Boolean!
DISABLE_SIGN_UP: Boolean DISABLE_SIGN_UP: Boolean!
DISABLE_REDIS_FOR_ENV: Boolean!
ROLES: [String!] ROLES: [String!]
PROTECTED_ROLES: [String!] PROTECTED_ROLES: [String!]
DEFAULT_ROLES: [String!] DEFAULT_ROLES: [String!]
@@ -1492,14 +1492,13 @@ input UpdateEnvInput {
JWT_PUBLIC_KEY: String JWT_PUBLIC_KEY: String
ALLOWED_ORIGINS: [String!] ALLOWED_ORIGINS: [String!]
APP_URL: String APP_URL: String
REDIS_URL: String
COOKIE_NAME: String
RESET_PASSWORD_URL: String RESET_PASSWORD_URL: String
DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_EMAIL_VERIFICATION: Boolean
DISABLE_BASIC_AUTHENTICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean
DISABLE_MAGIC_LINK_LOGIN: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean
DISABLE_LOGIN_PAGE: Boolean DISABLE_LOGIN_PAGE: Boolean
DISABLE_SIGN_UP: Boolean DISABLE_SIGN_UP: Boolean
DISABLE_REDIS_FOR_ENV: Boolean
ROLES: [String!] ROLES: [String!]
PROTECTED_ROLES: [String!] PROTECTED_ROLES: [String!]
DEFAULT_ROLES: [String!] DEFAULT_ROLES: [String!]
@@ -2356,14 +2355,11 @@ func (ec *executionContext) _Env_DATABASE_NAME(ctx context.Context, field graphq
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(string) res := resTmp.(*string)
fc.Result = res fc.Result = res
return ec.marshalNString2string(ctx, field.Selections, res) return ec.marshalOString2string(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DATABASE_URL(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DATABASE_URL(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -2391,14 +2387,11 @@ func (ec *executionContext) _Env_DATABASE_URL(ctx context.Context, field graphql
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(string) res := resTmp.(*string)
fc.Result = res fc.Result = res
return ec.marshalNString2string(ctx, field.Selections, res) return ec.marshalOString2string(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DATABASE_TYPE(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DATABASE_TYPE(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -2426,14 +2419,11 @@ func (ec *executionContext) _Env_DATABASE_TYPE(ctx context.Context, field graphq
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(string) res := resTmp.(*string)
fc.Result = res fc.Result = res
return ec.marshalNString2string(ctx, field.Selections, res) return ec.marshalOString2string(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DATABASE_USERNAME(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DATABASE_USERNAME(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -2461,14 +2451,11 @@ func (ec *executionContext) _Env_DATABASE_USERNAME(ctx context.Context, field gr
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(string) res := resTmp.(*string)
fc.Result = res fc.Result = res
return ec.marshalNString2string(ctx, field.Selections, res) return ec.marshalOString2string(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DATABASE_PASSWORD(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DATABASE_PASSWORD(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -2496,14 +2483,11 @@ func (ec *executionContext) _Env_DATABASE_PASSWORD(ctx context.Context, field gr
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(string) res := resTmp.(*string)
fc.Result = res fc.Result = res
return ec.marshalNString2string(ctx, field.Selections, res) return ec.marshalOString2string(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DATABASE_HOST(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DATABASE_HOST(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -2531,14 +2515,11 @@ func (ec *executionContext) _Env_DATABASE_HOST(ctx context.Context, field graphq
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(string) res := resTmp.(*string)
fc.Result = res fc.Result = res
return ec.marshalNString2string(ctx, field.Selections, res) return ec.marshalOString2string(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DATABASE_PORT(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DATABASE_PORT(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -2566,14 +2547,11 @@ func (ec *executionContext) _Env_DATABASE_PORT(ctx context.Context, field graphq
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(string) res := resTmp.(*string)
fc.Result = res fc.Result = res
return ec.marshalNString2string(ctx, field.Selections, res) return ec.marshalOString2string(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_CLIENT_ID(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_CLIENT_ID(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -3062,38 +3040,6 @@ func (ec *executionContext) _Env_REDIS_URL(ctx context.Context, field graphql.Co
return ec.marshalOString2ᚖstring(ctx, field.Selections, res) return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_COOKIE_NAME(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
defer func() {
if r := recover(); r != nil {
ec.Error(ctx, ec.Recover(ctx, r))
ret = graphql.Null
}
}()
fc := &graphql.FieldContext{
Object: "Env",
Field: field,
Args: nil,
IsMethod: false,
IsResolver: false,
}
ctx = graphql.WithFieldContext(ctx, fc)
resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
ctx = rctx // use context from middleware stack in children
return obj.CookieName, nil
})
if err != nil {
ec.Error(ctx, err)
return graphql.Null
}
if resTmp == nil {
return graphql.Null
}
res := resTmp.(*string)
fc.Result = res
return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
}
func (ec *executionContext) _Env_RESET_PASSWORD_URL(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_RESET_PASSWORD_URL(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
defer func() { defer func() {
if r := recover(); r != nil { if r := recover(); r != nil {
@@ -3151,11 +3097,14 @@ func (ec *executionContext) _Env_DISABLE_EMAIL_VERIFICATION(ctx context.Context,
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(*bool) res := resTmp.(bool)
fc.Result = res fc.Result = res
return ec.marshalOBoolean2bool(ctx, field.Selections, res) return ec.marshalNBoolean2bool(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DISABLE_BASIC_AUTHENTICATION(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DISABLE_BASIC_AUTHENTICATION(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -3183,11 +3132,14 @@ func (ec *executionContext) _Env_DISABLE_BASIC_AUTHENTICATION(ctx context.Contex
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(*bool) res := resTmp.(bool)
fc.Result = res fc.Result = res
return ec.marshalOBoolean2bool(ctx, field.Selections, res) return ec.marshalNBoolean2bool(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DISABLE_MAGIC_LINK_LOGIN(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DISABLE_MAGIC_LINK_LOGIN(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -3215,11 +3167,14 @@ func (ec *executionContext) _Env_DISABLE_MAGIC_LINK_LOGIN(ctx context.Context, f
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(*bool) res := resTmp.(bool)
fc.Result = res fc.Result = res
return ec.marshalOBoolean2bool(ctx, field.Selections, res) return ec.marshalNBoolean2bool(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DISABLE_LOGIN_PAGE(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DISABLE_LOGIN_PAGE(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -3247,11 +3202,14 @@ func (ec *executionContext) _Env_DISABLE_LOGIN_PAGE(ctx context.Context, field g
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(*bool) res := resTmp.(bool)
fc.Result = res fc.Result = res
return ec.marshalOBoolean2bool(ctx, field.Selections, res) return ec.marshalNBoolean2bool(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_DISABLE_SIGN_UP(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_DISABLE_SIGN_UP(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -3279,11 +3237,49 @@ func (ec *executionContext) _Env_DISABLE_SIGN_UP(ctx context.Context, field grap
return graphql.Null return graphql.Null
} }
if resTmp == nil { if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null return graphql.Null
} }
res := resTmp.(*bool) res := resTmp.(bool)
fc.Result = res fc.Result = res
return ec.marshalOBoolean2bool(ctx, field.Selections, res) return ec.marshalNBoolean2bool(ctx, field.Selections, res)
}
func (ec *executionContext) _Env_DISABLE_REDIS_FOR_ENV(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
defer func() {
if r := recover(); r != nil {
ec.Error(ctx, ec.Recover(ctx, r))
ret = graphql.Null
}
}()
fc := &graphql.FieldContext{
Object: "Env",
Field: field,
Args: nil,
IsMethod: false,
IsResolver: false,
}
ctx = graphql.WithFieldContext(ctx, fc)
resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
ctx = rctx // use context from middleware stack in children
return obj.DisableRedisForEnv, nil
})
if err != nil {
ec.Error(ctx, err)
return graphql.Null
}
if resTmp == nil {
if !graphql.HasFieldError(ctx, fc) {
ec.Errorf(ctx, "must not be null")
}
return graphql.Null
}
res := resTmp.(bool)
fc.Result = res
return ec.marshalNBoolean2bool(ctx, field.Selections, res)
} }
func (ec *executionContext) _Env_ROLES(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { func (ec *executionContext) _Env_ROLES(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) {
@@ -8431,22 +8427,6 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob
if err != nil { if err != nil {
return it, err return it, err
} }
case "REDIS_URL":
var err error
ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("REDIS_URL"))
it.RedisURL, err = ec.unmarshalOString2ᚖstring(ctx, v)
if err != nil {
return it, err
}
case "COOKIE_NAME":
var err error
ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("COOKIE_NAME"))
it.CookieName, err = ec.unmarshalOString2ᚖstring(ctx, v)
if err != nil {
return it, err
}
case "RESET_PASSWORD_URL": case "RESET_PASSWORD_URL":
var err error var err error
@@ -8495,6 +8475,14 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob
if err != nil { if err != nil {
return it, err return it, err
} }
case "DISABLE_REDIS_FOR_ENV":
var err error
ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("DISABLE_REDIS_FOR_ENV"))
it.DisableRedisForEnv, err = ec.unmarshalOBoolean2ᚖbool(ctx, v)
if err != nil {
return it, err
}
case "ROLES": case "ROLES":
var err error var err error
@@ -8943,39 +8931,18 @@ func (ec *executionContext) _Env(ctx context.Context, sel ast.SelectionSet, obj
out.Values[i] = ec._Env_ADMIN_SECRET(ctx, field, obj) out.Values[i] = ec._Env_ADMIN_SECRET(ctx, field, obj)
case "DATABASE_NAME": case "DATABASE_NAME":
out.Values[i] = ec._Env_DATABASE_NAME(ctx, field, obj) out.Values[i] = ec._Env_DATABASE_NAME(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DATABASE_URL": case "DATABASE_URL":
out.Values[i] = ec._Env_DATABASE_URL(ctx, field, obj) out.Values[i] = ec._Env_DATABASE_URL(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DATABASE_TYPE": case "DATABASE_TYPE":
out.Values[i] = ec._Env_DATABASE_TYPE(ctx, field, obj) out.Values[i] = ec._Env_DATABASE_TYPE(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DATABASE_USERNAME": case "DATABASE_USERNAME":
out.Values[i] = ec._Env_DATABASE_USERNAME(ctx, field, obj) out.Values[i] = ec._Env_DATABASE_USERNAME(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DATABASE_PASSWORD": case "DATABASE_PASSWORD":
out.Values[i] = ec._Env_DATABASE_PASSWORD(ctx, field, obj) out.Values[i] = ec._Env_DATABASE_PASSWORD(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DATABASE_HOST": case "DATABASE_HOST":
out.Values[i] = ec._Env_DATABASE_HOST(ctx, field, obj) out.Values[i] = ec._Env_DATABASE_HOST(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DATABASE_PORT": case "DATABASE_PORT":
out.Values[i] = ec._Env_DATABASE_PORT(ctx, field, obj) out.Values[i] = ec._Env_DATABASE_PORT(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "CLIENT_ID": case "CLIENT_ID":
out.Values[i] = ec._Env_CLIENT_ID(ctx, field, obj) out.Values[i] = ec._Env_CLIENT_ID(ctx, field, obj)
if out.Values[i] == graphql.Null { if out.Values[i] == graphql.Null {
@@ -9012,20 +8979,38 @@ func (ec *executionContext) _Env(ctx context.Context, sel ast.SelectionSet, obj
out.Values[i] = ec._Env_APP_URL(ctx, field, obj) out.Values[i] = ec._Env_APP_URL(ctx, field, obj)
case "REDIS_URL": case "REDIS_URL":
out.Values[i] = ec._Env_REDIS_URL(ctx, field, obj) out.Values[i] = ec._Env_REDIS_URL(ctx, field, obj)
case "COOKIE_NAME":
out.Values[i] = ec._Env_COOKIE_NAME(ctx, field, obj)
case "RESET_PASSWORD_URL": case "RESET_PASSWORD_URL":
out.Values[i] = ec._Env_RESET_PASSWORD_URL(ctx, field, obj) out.Values[i] = ec._Env_RESET_PASSWORD_URL(ctx, field, obj)
case "DISABLE_EMAIL_VERIFICATION": case "DISABLE_EMAIL_VERIFICATION":
out.Values[i] = ec._Env_DISABLE_EMAIL_VERIFICATION(ctx, field, obj) out.Values[i] = ec._Env_DISABLE_EMAIL_VERIFICATION(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DISABLE_BASIC_AUTHENTICATION": case "DISABLE_BASIC_AUTHENTICATION":
out.Values[i] = ec._Env_DISABLE_BASIC_AUTHENTICATION(ctx, field, obj) out.Values[i] = ec._Env_DISABLE_BASIC_AUTHENTICATION(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DISABLE_MAGIC_LINK_LOGIN": case "DISABLE_MAGIC_LINK_LOGIN":
out.Values[i] = ec._Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field, obj) out.Values[i] = ec._Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DISABLE_LOGIN_PAGE": case "DISABLE_LOGIN_PAGE":
out.Values[i] = ec._Env_DISABLE_LOGIN_PAGE(ctx, field, obj) out.Values[i] = ec._Env_DISABLE_LOGIN_PAGE(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DISABLE_SIGN_UP": case "DISABLE_SIGN_UP":
out.Values[i] = ec._Env_DISABLE_SIGN_UP(ctx, field, obj) out.Values[i] = ec._Env_DISABLE_SIGN_UP(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "DISABLE_REDIS_FOR_ENV":
out.Values[i] = ec._Env_DISABLE_REDIS_FOR_ENV(ctx, field, obj)
if out.Values[i] == graphql.Null {
invalids++
}
case "ROLES": case "ROLES":
out.Values[i] = ec._Env_ROLES(ctx, field, obj) out.Values[i] = ec._Env_ROLES(ctx, field, obj)
case "PROTECTED_ROLES": case "PROTECTED_ROLES":

29
server/graph/model/models_gen.go
View File

@@ -26,13 +26,13 @@ type DeleteUserInput struct {
type Env struct { type Env struct {
AccessTokenExpiryTime *string `json:"ACCESS_TOKEN_EXPIRY_TIME"` AccessTokenExpiryTime *string `json:"ACCESS_TOKEN_EXPIRY_TIME"`
AdminSecret *string `json:"ADMIN_SECRET"` AdminSecret *string `json:"ADMIN_SECRET"`
DatabaseName string `json:"DATABASE_NAME"` DatabaseName *string `json:"DATABASE_NAME"`
DatabaseURL string `json:"DATABASE_URL"` DatabaseURL *string `json:"DATABASE_URL"`
DatabaseType string `json:"DATABASE_TYPE"` DatabaseType *string `json:"DATABASE_TYPE"`
DatabaseUsername string `json:"DATABASE_USERNAME"` DatabaseUsername *string `json:"DATABASE_USERNAME"`
DatabasePassword string `json:"DATABASE_PASSWORD"` DatabasePassword *string `json:"DATABASE_PASSWORD"`
DatabaseHost string `json:"DATABASE_HOST"` DatabaseHost *string `json:"DATABASE_HOST"`
DatabasePort string `json:"DATABASE_PORT"` DatabasePort *string `json:"DATABASE_PORT"`
ClientID string `json:"CLIENT_ID"` ClientID string `json:"CLIENT_ID"`
ClientSecret string `json:"CLIENT_SECRET"` ClientSecret string `json:"CLIENT_SECRET"`
CustomAccessTokenScript *string `json:"CUSTOM_ACCESS_TOKEN_SCRIPT"` CustomAccessTokenScript *string `json:"CUSTOM_ACCESS_TOKEN_SCRIPT"`
@@ -48,13 +48,13 @@ type Env struct {
AllowedOrigins []string `json:"ALLOWED_ORIGINS"` AllowedOrigins []string `json:"ALLOWED_ORIGINS"`
AppURL *string `json:"APP_URL"` AppURL *string `json:"APP_URL"`
RedisURL *string `json:"REDIS_URL"` RedisURL *string `json:"REDIS_URL"`
CookieName *string `json:"COOKIE_NAME"`
ResetPasswordURL *string `json:"RESET_PASSWORD_URL"` ResetPasswordURL *string `json:"RESET_PASSWORD_URL"`
DisableEmailVerification *bool `json:"DISABLE_EMAIL_VERIFICATION"` DisableEmailVerification bool `json:"DISABLE_EMAIL_VERIFICATION"`
DisableBasicAuthentication *bool `json:"DISABLE_BASIC_AUTHENTICATION"` DisableBasicAuthentication bool `json:"DISABLE_BASIC_AUTHENTICATION"`
DisableMagicLinkLogin *bool `json:"DISABLE_MAGIC_LINK_LOGIN"` DisableMagicLinkLogin bool `json:"DISABLE_MAGIC_LINK_LOGIN"`
DisableLoginPage *bool `json:"DISABLE_LOGIN_PAGE"` DisableLoginPage bool `json:"DISABLE_LOGIN_PAGE"`
DisableSignUp *bool `json:"DISABLE_SIGN_UP"` DisableSignUp bool `json:"DISABLE_SIGN_UP"`
DisableRedisForEnv bool `json:"DISABLE_REDIS_FOR_ENV"`
Roles []string `json:"ROLES"` Roles []string `json:"ROLES"`
ProtectedRoles []string `json:"PROTECTED_ROLES"` ProtectedRoles []string `json:"PROTECTED_ROLES"`
DefaultRoles []string `json:"DEFAULT_ROLES"` DefaultRoles []string `json:"DEFAULT_ROLES"`
@@ -199,14 +199,13 @@ type UpdateEnvInput struct {
JwtPublicKey *string `json:"JWT_PUBLIC_KEY"` JwtPublicKey *string `json:"JWT_PUBLIC_KEY"`
AllowedOrigins []string `json:"ALLOWED_ORIGINS"` AllowedOrigins []string `json:"ALLOWED_ORIGINS"`
AppURL *string `json:"APP_URL"` AppURL *string `json:"APP_URL"`
RedisURL *string `json:"REDIS_URL"`
CookieName *string `json:"COOKIE_NAME"`
ResetPasswordURL *string `json:"RESET_PASSWORD_URL"` ResetPasswordURL *string `json:"RESET_PASSWORD_URL"`
DisableEmailVerification *bool `json:"DISABLE_EMAIL_VERIFICATION"` DisableEmailVerification *bool `json:"DISABLE_EMAIL_VERIFICATION"`
DisableBasicAuthentication *bool `json:"DISABLE_BASIC_AUTHENTICATION"` DisableBasicAuthentication *bool `json:"DISABLE_BASIC_AUTHENTICATION"`
DisableMagicLinkLogin *bool `json:"DISABLE_MAGIC_LINK_LOGIN"` DisableMagicLinkLogin *bool `json:"DISABLE_MAGIC_LINK_LOGIN"`
DisableLoginPage *bool `json:"DISABLE_LOGIN_PAGE"` DisableLoginPage *bool `json:"DISABLE_LOGIN_PAGE"`
DisableSignUp *bool `json:"DISABLE_SIGN_UP"` DisableSignUp *bool `json:"DISABLE_SIGN_UP"`
DisableRedisForEnv *bool `json:"DISABLE_REDIS_FOR_ENV"`
Roles []string `json:"ROLES"` Roles []string `json:"ROLES"`
ProtectedRoles []string `json:"PROTECTED_ROLES"` ProtectedRoles []string `json:"PROTECTED_ROLES"`
DefaultRoles []string `json:"DEFAULT_ROLES"` DefaultRoles []string `json:"DEFAULT_ROLES"`

29
server/graph/schema.graphqls
View File

@@ -89,13 +89,13 @@ type Response {
type Env { type Env {
ACCESS_TOKEN_EXPIRY_TIME: String ACCESS_TOKEN_EXPIRY_TIME: String
ADMIN_SECRET: String ADMIN_SECRET: String
DATABASE_NAME: String! DATABASE_NAME: String
DATABASE_URL: String! DATABASE_URL: String
DATABASE_TYPE: String! DATABASE_TYPE: String
DATABASE_USERNAME: String! DATABASE_USERNAME: String
DATABASE_PASSWORD: String! DATABASE_PASSWORD: String
DATABASE_HOST: String! DATABASE_HOST: String
DATABASE_PORT: String! DATABASE_PORT: String
CLIENT_ID: String! CLIENT_ID: String!
CLIENT_SECRET: String! CLIENT_SECRET: String!
CUSTOM_ACCESS_TOKEN_SCRIPT: String CUSTOM_ACCESS_TOKEN_SCRIPT: String
@@ -111,13 +111,13 @@ type Env {
ALLOWED_ORIGINS: [String!] ALLOWED_ORIGINS: [String!]
APP_URL: String APP_URL: String
REDIS_URL: String REDIS_URL: String
COOKIE_NAME: String
RESET_PASSWORD_URL: String RESET_PASSWORD_URL: String
DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_EMAIL_VERIFICATION: Boolean!
DISABLE_BASIC_AUTHENTICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean!
DISABLE_MAGIC_LINK_LOGIN: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean!
DISABLE_LOGIN_PAGE: Boolean DISABLE_LOGIN_PAGE: Boolean!
DISABLE_SIGN_UP: Boolean DISABLE_SIGN_UP: Boolean!
DISABLE_REDIS_FOR_ENV: Boolean!
ROLES: [String!] ROLES: [String!]
PROTECTED_ROLES: [String!] PROTECTED_ROLES: [String!]
DEFAULT_ROLES: [String!] DEFAULT_ROLES: [String!]
@@ -158,14 +158,13 @@ input UpdateEnvInput {
JWT_PUBLIC_KEY: String JWT_PUBLIC_KEY: String
ALLOWED_ORIGINS: [String!] ALLOWED_ORIGINS: [String!]
APP_URL: String APP_URL: String
REDIS_URL: String
COOKIE_NAME: String
RESET_PASSWORD_URL: String RESET_PASSWORD_URL: String
DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_EMAIL_VERIFICATION: Boolean
DISABLE_BASIC_AUTHENTICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean
DISABLE_MAGIC_LINK_LOGIN: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean
DISABLE_LOGIN_PAGE: Boolean DISABLE_LOGIN_PAGE: Boolean
DISABLE_SIGN_UP: Boolean DISABLE_SIGN_UP: Boolean
DISABLE_REDIS_FOR_ENV: Boolean
ROLES: [String!] ROLES: [String!]
PROTECTED_ROLES: [String!] PROTECTED_ROLES: [String!]
DEFAULT_ROLES: [String!] DEFAULT_ROLES: [String!]

37
server/handlers/app.go
View File

@@ -1,14 +1,16 @@
package handlers package handlers
import ( import (
"log"
"net/http" "net/http"
"strings" "strings"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/utils"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/parsers"
"github.com/authorizerdev/authorizer/server/validators"
) )
// State is the struct that holds authorizer url and redirect url // State is the struct that holds authorizer url and redirect url
@@ -21,8 +23,9 @@ type State struct {
// AppHandler is the handler for the /app route // AppHandler is the handler for the /app route
func AppHandler() gin.HandlerFunc { func AppHandler() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
hostname := utils.GetHost(c) hostname := parsers.GetHost(c)
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) { if isLoginPageDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage); err != nil || isLoginPageDisabled {
log.Debug("Login page is disabled")
c.JSON(400, gin.H{"error": "login page is not enabled"}) c.JSON(400, gin.H{"error": "login page is not enabled"})
return return
} }
@@ -42,7 +45,8 @@ func AppHandler() gin.HandlerFunc {
redirect_uri = hostname + "/app" redirect_uri = hostname + "/app"
} else { } else {
// validate redirect url with allowed origins // validate redirect url with allowed origins
if !utils.IsValidOrigin(redirect_uri) { if !validators.IsValidOrigin(redirect_uri) {
log.Debug("Invalid redirect_uri")
c.JSON(400, gin.H{"error": "invalid redirect url"}) c.JSON(400, gin.H{"error": "invalid redirect url"})
return return
} }
@@ -52,17 +56,30 @@ func AppHandler() gin.HandlerFunc {
if pusher := c.Writer.Pusher(); pusher != nil { if pusher := c.Writer.Pusher(); pusher != nil {
// use pusher.Push() to do server push // use pusher.Push() to do server push
if err := pusher.Push("/app/build/bundle.js", nil); err != nil { if err := pusher.Push("/app/build/bundle.js", nil); err != nil {
log.Printf("Failed to push: %v", err) log.Debug("Failed to push file path: ", err)
} }
} }
orgName, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName)
if err != nil {
log.Debug("Failed to get organization name")
c.JSON(400, gin.H{"error": "failed to get organization name"})
return
}
orgLogo, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo)
if err != nil {
log.Debug("Failed to get organization logo")
c.JSON(400, gin.H{"error": "failed to get organization logo"})
return
}
c.HTML(http.StatusOK, "app.tmpl", gin.H{ c.HTML(http.StatusOK, "app.tmpl", gin.H{
"data": map[string]interface{}{ "data": map[string]interface{}{
"authorizerURL": hostname, "authorizerURL": hostname,
"redirectURL": redirect_uri, "redirectURL": redirect_uri,
"scope": scope, "scope": scope,
"state": state, "state": state,
"organizationName": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationName), "organizationName": orgName,
"organizationLogo": envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyOrganizationLogo), "organizationLogo": orgLogo,
}, },
}) })
} }

34
server/handlers/authorize.go
View File

@@ -6,14 +6,15 @@ import (
"strings" "strings"
"time" "time"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/cookie"
"github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/sessionstore"
"github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/token"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
) )
// AuthorizeHandler is the handler for the /authorize route // AuthorizeHandler is the handler for the /authorize route
@@ -48,6 +49,7 @@ func AuthorizeHandler() gin.HandlerFunc {
} }
if responseMode != "query" && responseMode != "web_message" { if responseMode != "query" && responseMode != "web_message" {
log.Debug("Invalid response_mode: ", responseMode)
gc.JSON(400, gin.H{"error": "invalid response mode"}) gc.JSON(400, gin.H{"error": "invalid response mode"})
} }
@@ -63,6 +65,7 @@ func AuthorizeHandler() gin.HandlerFunc {
if isQuery { if isQuery {
gc.Redirect(http.StatusFound, loginURL) gc.Redirect(http.StatusFound, loginURL)
} else { } else {
log.Debug("Failed to get client_id: ", clientID)
gc.HTML(http.StatusOK, template, gin.H{ gc.HTML(http.StatusOK, template, gin.H{
"target_origin": redirectURI, "target_origin": redirectURI,
"authorization_response": map[string]interface{}{ "authorization_response": map[string]interface{}{
@@ -76,10 +79,11 @@ func AuthorizeHandler() gin.HandlerFunc {
return return
} }
if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) { if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); client != clientID || err != nil {
if isQuery { if isQuery {
gc.Redirect(http.StatusFound, loginURL) gc.Redirect(http.StatusFound, loginURL)
} else { } else {
log.Debug("Invalid client_id: ", clientID)
gc.HTML(http.StatusOK, template, gin.H{ gc.HTML(http.StatusOK, template, gin.H{
"target_origin": redirectURI, "target_origin": redirectURI,
"authorization_response": map[string]interface{}{ "authorization_response": map[string]interface{}{
@@ -97,6 +101,7 @@ func AuthorizeHandler() gin.HandlerFunc {
if isQuery { if isQuery {
gc.Redirect(http.StatusFound, loginURL) gc.Redirect(http.StatusFound, loginURL)
} else { } else {
log.Debug("Failed to get state: ", state)
gc.HTML(http.StatusOK, template, gin.H{ gc.HTML(http.StatusOK, template, gin.H{
"target_origin": redirectURI, "target_origin": redirectURI,
"authorization_response": map[string]interface{}{ "authorization_response": map[string]interface{}{
@@ -121,6 +126,7 @@ func AuthorizeHandler() gin.HandlerFunc {
if isQuery { if isQuery {
gc.Redirect(http.StatusFound, loginURL) gc.Redirect(http.StatusFound, loginURL)
} else { } else {
log.Debug("Invalid response_type: ", responseType)
gc.HTML(http.StatusOK, template, gin.H{ gc.HTML(http.StatusOK, template, gin.H{
"target_origin": redirectURI, "target_origin": redirectURI,
"authorization_response": map[string]interface{}{ "authorization_response": map[string]interface{}{
@@ -139,6 +145,7 @@ func AuthorizeHandler() gin.HandlerFunc {
if isQuery { if isQuery {
gc.Redirect(http.StatusFound, loginURL) gc.Redirect(http.StatusFound, loginURL)
} else { } else {
log.Debug("Failed to get code_challenge: ", codeChallenge)
gc.HTML(http.StatusBadRequest, template, gin.H{ gc.HTML(http.StatusBadRequest, template, gin.H{
"target_origin": redirectURI, "target_origin": redirectURI,
"authorization_response": map[string]interface{}{ "authorization_response": map[string]interface{}{
@@ -215,7 +222,10 @@ func AuthorizeHandler() gin.HandlerFunc {
// based on the response type, generate the response // based on the response type, generate the response
if isResponseTypeCode { if isResponseTypeCode {
// rollover the session for security // rollover the session for security
sessionstore.RemoveState(sessionToken) err = memorystore.Provider.RemoveState(sessionToken)
if err != nil {
log.Debug("Failed to remove state: ", err)
}
nonce := uuid.New().String() nonce := uuid.New().String()
newSessionTokenData, newSessionToken, err := token.CreateSessionToken(user, nonce, claims.Roles, scope) newSessionTokenData, newSessionToken, err := token.CreateSessionToken(user, nonce, claims.Roles, scope)
if err != nil { if err != nil {
@@ -236,10 +246,10 @@ func AuthorizeHandler() gin.HandlerFunc {
return return
} }
sessionstore.SetState(newSessionToken, newSessionTokenData.Nonce+"@"+user.ID) memorystore.Provider.SetState(newSessionToken, newSessionTokenData.Nonce+"@"+user.ID)
cookie.SetSession(gc, newSessionToken) cookie.SetSession(gc, newSessionToken)
code := uuid.New().String() code := uuid.New().String()
sessionstore.SetState(codeChallenge, code+"@"+newSessionToken) memorystore.Provider.SetState(codeChallenge, code+"@"+newSessionToken)
gc.HTML(http.StatusOK, template, gin.H{ gc.HTML(http.StatusOK, template, gin.H{
"target_origin": redirectURI, "target_origin": redirectURI,
"authorization_response": map[string]interface{}{ "authorization_response": map[string]interface{}{
@@ -273,9 +283,9 @@ func AuthorizeHandler() gin.HandlerFunc {
} }
return return
} }
sessionstore.RemoveState(sessionToken) memorystore.Provider.RemoveState(sessionToken)
sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
cookie.SetSession(gc, authToken.FingerPrintHash) cookie.SetSession(gc, authToken.FingerPrintHash)
expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix() expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix()
@@ -298,7 +308,7 @@ func AuthorizeHandler() gin.HandlerFunc {
if authToken.RefreshToken != nil { if authToken.RefreshToken != nil {
res["refresh_token"] = authToken.RefreshToken.Token res["refresh_token"] = authToken.RefreshToken.Token
params += "&refresh_token=" + authToken.RefreshToken.Token params += "&refresh_token=" + authToken.RefreshToken.Token
sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
} }
if isQuery { if isQuery {

6
server/handlers/dashboard.go
View File

@@ -4,7 +4,7 @@ import (
"net/http" "net/http"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@@ -12,8 +12,8 @@ import (
func DashboardHandler() gin.HandlerFunc { func DashboardHandler() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
isOnboardingCompleted := false isOnboardingCompleted := false
adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret) != "" { if err != nil || adminSecret != "" {
isOnboardingCompleted = true isOnboardingCompleted = true
} }

18
server/handlers/jwks.go
View File

@@ -3,17 +3,27 @@ package handlers
import ( import (
"encoding/json" "encoding/json"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/memorystore"
) )
func JWKsHandler() gin.HandlerFunc { func JWKsHandler() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
var data map[string]string var data map[string]string
jwk := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJWK) jwk, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJWK)
err := json.Unmarshal([]byte(jwk), &data)
if err != nil { if err != nil {
log.Debug("Error getting JWK from memorystore: ", err)
c.JSON(500, gin.H{
"error": err.Error(),
})
return
}
err = json.Unmarshal([]byte(jwk), &data)
if err != nil {
log.Debug("Failed to parse JWK: ", err)
c.JSON(500, gin.H{ c.JSON(500, gin.H{
"error": err.Error(), "error": err.Error(),
}) })

13
server/handlers/logout.go
View File

@@ -4,10 +4,12 @@ import (
"net/http" "net/http"
"strings" "strings"
"github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/cookie"
"github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/crypto"
"github.com/authorizerdev/authorizer/server/sessionstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/gin-gonic/gin"
) )
// Handler to logout user // Handler to logout user
@@ -17,6 +19,7 @@ func LogoutHandler() gin.HandlerFunc {
// get fingerprint hash // get fingerprint hash
fingerprintHash, err := cookie.GetSession(gc) fingerprintHash, err := cookie.GetSession(gc)
if err != nil { if err != nil {
log.Debug("Failed to get session: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": err.Error(), "error": err.Error(),
}) })
@@ -25,6 +28,7 @@ func LogoutHandler() gin.HandlerFunc {
decryptedFingerPrint, err := crypto.DecryptAES(fingerprintHash) decryptedFingerPrint, err := crypto.DecryptAES(fingerprintHash)
if err != nil { if err != nil {
log.Debug("Failed to decrypt fingerprint: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": err.Error(), "error": err.Error(),
}) })
@@ -33,7 +37,10 @@ func LogoutHandler() gin.HandlerFunc {
fingerPrint := string(decryptedFingerPrint) fingerPrint := string(decryptedFingerPrint)
sessionstore.RemoveState(fingerPrint) err = memorystore.Provider.RemoveState(fingerPrint)
if err != nil {
log.Debug("Failed to remove state: ", err)
}
cookie.DeleteSession(gc) cookie.DeleteSession(gc)
if redirectURL != "" { if redirectURL != "" {

77
server/handlers/oauth_callback.go
View File

@@ -5,24 +5,24 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"log"
"net/http" "net/http"
"strconv" "strconv"
"strings" "strings"
"time" "time"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"golang.org/x/oauth2"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/cookie"
"github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/oauth" "github.com/authorizerdev/authorizer/server/oauth"
"github.com/authorizerdev/authorizer/server/sessionstore"
"github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/token"
"github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/utils"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/gin-gonic/gin"
"golang.org/x/oauth2"
) )
// OAuthCallbackHandler handles the OAuth callback for various oauth providers // OAuthCallbackHandler handles the OAuth callback for various oauth providers
@@ -31,15 +31,17 @@ func OAuthCallbackHandler() gin.HandlerFunc {
provider := c.Param("oauth_provider") provider := c.Param("oauth_provider")
state := c.Request.FormValue("state") state := c.Request.FormValue("state")
sessionState := sessionstore.GetState(state) sessionState, err := memorystore.Provider.GetState(state)
if sessionState == "" { if sessionState == "" || err != nil {
log.Debug("Invalid oauth state: ", state)
c.JSON(400, gin.H{"error": "invalid oauth state"}) c.JSON(400, gin.H{"error": "invalid oauth state"})
} }
sessionstore.GetState(state) memorystore.Provider.GetState(state)
// contains random token, redirect url, role // contains random token, redirect url, role
sessionSplit := strings.Split(state, "___") sessionSplit := strings.Split(state, "___")
if len(sessionSplit) < 3 { if len(sessionSplit) < 3 {
log.Debug("Unable to get redirect url from state: ", state)
c.JSON(400, gin.H{"error": "invalid redirect url"}) c.JSON(400, gin.H{"error": "invalid redirect url"})
return return
} }
@@ -49,7 +51,6 @@ func OAuthCallbackHandler() gin.HandlerFunc {
inputRoles := strings.Split(sessionSplit[2], ",") inputRoles := strings.Split(sessionSplit[2], ",")
scopes := strings.Split(sessionSplit[3], ",") scopes := strings.Split(sessionSplit[3], ",")
var err error
user := models.User{} user := models.User{}
code := c.Request.FormValue("code") code := c.Request.FormValue("code")
switch provider { switch provider {
@@ -60,18 +61,28 @@ func OAuthCallbackHandler() gin.HandlerFunc {
case constants.SignupMethodFacebook: case constants.SignupMethodFacebook:
user, err = processFacebookUserInfo(code) user, err = processFacebookUserInfo(code)
default: default:
log.Info("Invalid oauth provider")
err = fmt.Errorf(`invalid oauth provider`) err = fmt.Errorf(`invalid oauth provider`)
} }
if err != nil { if err != nil {
log.Debug("Failed to process user info: ", err)
c.JSON(400, gin.H{"error": err.Error()}) c.JSON(400, gin.H{"error": err.Error()})
return return
} }
existingUser, err := db.Provider.GetUserByEmail(user.Email) existingUser, err := db.Provider.GetUserByEmail(user.Email)
log := log.WithField("user", user.Email)
if err != nil { if err != nil {
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableSignUp) { isSignupDisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableSignUp)
if err != nil {
log.Debug("Failed to get signup disabled env variable: ", err)
c.JSON(400, gin.H{"error": err.Error()})
return
}
if isSignupDisabled {
log.Debug("Failed to signup as disabled")
c.JSON(400, gin.H{"error": "signup is disabled for this instance"}) c.JSON(400, gin.H{"error": "signup is disabled for this instance"})
return return
} }
@@ -80,12 +91,21 @@ func OAuthCallbackHandler() gin.HandlerFunc {
// make sure inputRoles don't include protected roles // make sure inputRoles don't include protected roles
hasProtectedRole := false hasProtectedRole := false
for _, ir := range inputRoles { for _, ir := range inputRoles {
if utils.StringSliceContains(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ir) { protectedRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyProtectedRoles)
protectedRoles := []string{}
if err != nil {
log.Debug("Failed to get protected roles: ", err)
protectedRolesString = ""
} else {
protectedRoles = strings.Split(protectedRolesString, ",")
}
if utils.StringSliceContains(protectedRoles, ir) {
hasProtectedRole = true hasProtectedRole = true
} }
} }
if hasProtectedRole { if hasProtectedRole {
log.Debug("Signup is not allowed with protected roles:", inputRoles)
c.JSON(400, gin.H{"error": "invalid role"}) c.JSON(400, gin.H{"error": "invalid role"})
return return
} }
@@ -96,6 +116,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
user, _ = db.Provider.AddUser(user) user, _ = db.Provider.AddUser(user)
} else { } else {
if user.RevokedTimestamp != nil { if user.RevokedTimestamp != nil {
log.Debug("User access revoked at: ", user.RevokedTimestamp)
c.JSON(400, gin.H{"error": "user access has been revoked"}) c.JSON(400, gin.H{"error": "user access has been revoked"})
} }
@@ -131,12 +152,21 @@ func OAuthCallbackHandler() gin.HandlerFunc {
// check if it contains protected unassigned role // check if it contains protected unassigned role
hasProtectedRole := false hasProtectedRole := false
for _, ur := range unasignedRoles { for _, ur := range unasignedRoles {
if utils.StringSliceContains(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles), ur) { protectedRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyProtectedRoles)
protectedRoles := []string{}
if err != nil {
log.Debug("Failed to get protected roles: ", err)
protectedRolesString = ""
} else {
protectedRoles = strings.Split(protectedRolesString, ",")
}
if utils.StringSliceContains(protectedRoles, ur) {
hasProtectedRole = true hasProtectedRole = true
} }
} }
if hasProtectedRole { if hasProtectedRole {
log.Debug("Invalid role. User is using protected unassigned role")
c.JSON(400, gin.H{"error": "invalid role"}) c.JSON(400, gin.H{"error": "invalid role"})
return return
} else { } else {
@@ -148,6 +178,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
user, err = db.Provider.UpdateUser(user) user, err = db.Provider.UpdateUser(user)
if err != nil { if err != nil {
log.Debug("Failed to update user: ", err)
c.JSON(500, gin.H{"error": err.Error()}) c.JSON(500, gin.H{"error": err.Error()})
return return
} }
@@ -155,6 +186,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
authToken, err := token.CreateAuthToken(c, user, inputRoles, scopes) authToken, err := token.CreateAuthToken(c, user, inputRoles, scopes)
if err != nil { if err != nil {
log.Debug("Failed to create auth token: ", err)
c.JSON(500, gin.H{"error": err.Error()}) c.JSON(500, gin.H{"error": err.Error()})
} }
@@ -166,12 +198,12 @@ func OAuthCallbackHandler() gin.HandlerFunc {
params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + stateValue + "&id_token=" + authToken.IDToken.Token params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + stateValue + "&id_token=" + authToken.IDToken.Token
cookie.SetSession(c, authToken.FingerPrintHash) cookie.SetSession(c, authToken.FingerPrintHash)
sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
if authToken.RefreshToken != nil { if authToken.RefreshToken != nil {
params = params + `&refresh_token=` + authToken.RefreshToken.Token params = params + `&refresh_token=` + authToken.RefreshToken.Token
sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
} }
go db.Provider.AddSession(models.Session{ go db.Provider.AddSession(models.Session{
@@ -194,6 +226,7 @@ func processGoogleUserInfo(code string) (models.User, error) {
ctx := context.Background() ctx := context.Background()
oauth2Token, err := oauth.OAuthProviders.GoogleConfig.Exchange(ctx, code) oauth2Token, err := oauth.OAuthProviders.GoogleConfig.Exchange(ctx, code)
if err != nil { if err != nil {
log.Debug("Failed to exchange code for token: ", err)
return user, fmt.Errorf("invalid google exchange code: %s", err.Error()) return user, fmt.Errorf("invalid google exchange code: %s", err.Error())
} }
@@ -202,16 +235,19 @@ func processGoogleUserInfo(code string) (models.User, error) {
// Extract the ID Token from OAuth2 token. // Extract the ID Token from OAuth2 token.
rawIDToken, ok := oauth2Token.Extra("id_token").(string) rawIDToken, ok := oauth2Token.Extra("id_token").(string)
if !ok { if !ok {
log.Debug("Failed to extract ID Token from OAuth2 token")
return user, fmt.Errorf("unable to extract id_token") return user, fmt.Errorf("unable to extract id_token")
} }
// Parse and verify ID Token payload. // Parse and verify ID Token payload.
idToken, err := verifier.Verify(ctx, rawIDToken) idToken, err := verifier.Verify(ctx, rawIDToken)
if err != nil { if err != nil {
log.Debug("Failed to verify ID Token: ", err)
return user, fmt.Errorf("unable to verify id_token: %s", err.Error()) return user, fmt.Errorf("unable to verify id_token: %s", err.Error())
} }
if err := idToken.Claims(&user); err != nil { if err := idToken.Claims(&user); err != nil {
log.Debug("Failed to parse ID Token claims: ", err)
return user, fmt.Errorf("unable to extract claims") return user, fmt.Errorf("unable to extract claims")
} }
@@ -222,11 +258,13 @@ func processGithubUserInfo(code string) (models.User, error) {
user := models.User{} user := models.User{}
token, err := oauth.OAuthProviders.GithubConfig.Exchange(oauth2.NoContext, code) token, err := oauth.OAuthProviders.GithubConfig.Exchange(oauth2.NoContext, code)
if err != nil { if err != nil {
log.Debug("Failed to exchange code for token: ", err)
return user, fmt.Errorf("invalid github exchange code: %s", err.Error()) return user, fmt.Errorf("invalid github exchange code: %s", err.Error())
} }
client := http.Client{} client := http.Client{}
req, err := http.NewRequest("GET", constants.GithubUserInfoURL, nil) req, err := http.NewRequest("GET", constants.GithubUserInfoURL, nil)
if err != nil { if err != nil {
log.Debug("Failed to create github user info request: ", err)
return user, fmt.Errorf("error creating github user info request: %s", err.Error()) return user, fmt.Errorf("error creating github user info request: %s", err.Error())
} }
req.Header = http.Header{ req.Header = http.Header{
@@ -235,12 +273,14 @@ func processGithubUserInfo(code string) (models.User, error) {
response, err := client.Do(req) response, err := client.Do(req)
if err != nil { if err != nil {
log.Debug("Failed to request github user info: ", err)
return user, err return user, err
} }
defer response.Body.Close() defer response.Body.Close()
body, err := ioutil.ReadAll(response.Body) body, err := ioutil.ReadAll(response.Body)
if err != nil { if err != nil {
log.Debug("Failed to read github user info response body: ", err)
return user, fmt.Errorf("failed to read github response body: %s", err.Error()) return user, fmt.Errorf("failed to read github response body: %s", err.Error())
} }
@@ -273,23 +313,26 @@ func processFacebookUserInfo(code string) (models.User, error) {
user := models.User{} user := models.User{}
token, err := oauth.OAuthProviders.FacebookConfig.Exchange(oauth2.NoContext, code) token, err := oauth.OAuthProviders.FacebookConfig.Exchange(oauth2.NoContext, code)
if err != nil { if err != nil {
log.Debug("Invalid facebook exchange code: ", err)
return user, fmt.Errorf("invalid facebook exchange code: %s", err.Error()) return user, fmt.Errorf("invalid facebook exchange code: %s", err.Error())
} }
client := http.Client{} client := http.Client{}
req, err := http.NewRequest("GET", constants.FacebookUserInfoURL+token.AccessToken, nil) req, err := http.NewRequest("GET", constants.FacebookUserInfoURL+token.AccessToken, nil)
if err != nil { if err != nil {
log.Debug("Error creating facebook user info request: ", err)
return user, fmt.Errorf("error creating facebook user info request: %s", err.Error()) return user, fmt.Errorf("error creating facebook user info request: %s", err.Error())
} }
response, err := client.Do(req) response, err := client.Do(req)
if err != nil { if err != nil {
log.Println("error processing facebook user info:", err) log.Debug("Failed to process facebook user: ", err)
return user, err return user, err
} }
defer response.Body.Close() defer response.Body.Close()
body, err := ioutil.ReadAll(response.Body) body, err := ioutil.ReadAll(response.Body)
if err != nil { if err != nil {
log.Debug("Failed to read facebook response: ", err)
return user, fmt.Errorf("failed to read facebook response body: %s", err.Error()) return user, fmt.Errorf("failed to read facebook response body: %s", err.Error())
} }

79
server/handlers/oauth_login.go
View File

@@ -4,18 +4,20 @@ import (
"net/http" "net/http"
"strings" "strings"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/oauth"
"github.com/authorizerdev/authorizer/server/sessionstore"
"github.com/authorizerdev/authorizer/server/utils"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/oauth"
"github.com/authorizerdev/authorizer/server/parsers"
"github.com/authorizerdev/authorizer/server/validators"
) )
// OAuthLoginHandler set host in the oauth state that is useful for redirecting to oauth_callback // OAuthLoginHandler set host in the oauth state that is useful for redirecting to oauth_callback
func OAuthLoginHandler() gin.HandlerFunc { func OAuthLoginHandler() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
hostname := utils.GetHost(c) hostname := parsers.GetHost(c)
// deprecating redirectURL instead use redirect_uri // deprecating redirectURL instead use redirect_uri
redirectURI := strings.TrimSpace(c.Query("redirectURL")) redirectURI := strings.TrimSpace(c.Query("redirectURL"))
if redirectURI == "" { if redirectURI == "" {
@@ -26,6 +28,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
scopeString := strings.TrimSpace(c.Query("scope")) scopeString := strings.TrimSpace(c.Query("scope"))
if redirectURI == "" { if redirectURI == "" {
log.Debug("redirect_uri is empty")
c.JSON(400, gin.H{ c.JSON(400, gin.H{
"error": "invalid redirect uri", "error": "invalid redirect uri",
}) })
@@ -33,6 +36,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
} }
if state == "" { if state == "" {
log.Debug("state is empty")
c.JSON(400, gin.H{ c.JSON(400, gin.H{
"error": "invalid state", "error": "invalid state",
}) })
@@ -52,14 +56,42 @@ func OAuthLoginHandler() gin.HandlerFunc {
// use protected roles verification for admin login only. // use protected roles verification for admin login only.
// though if not associated with user, it will be rejected from oauth_callback // though if not associated with user, it will be rejected from oauth_callback
if !utils.IsValidRoles(append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), rolesSplit) { rolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyRoles)
roles := []string{}
if err != nil {
log.Debug("Error getting roles: ", err)
rolesString = ""
} else {
roles = strings.Split(rolesString, ",")
}
protectedRolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyProtectedRoles)
protectedRoles := []string{}
if err != nil {
log.Debug("Error getting protected roles: ", err)
protectedRolesString = ""
} else {
protectedRoles = strings.Split(protectedRolesString, ",")
}
if !validators.IsValidRoles(rolesSplit, append([]string{}, append(roles, protectedRoles...)...)) {
log.Debug("Invalid roles: ", roles)
c.JSON(400, gin.H{ c.JSON(400, gin.H{
"error": "invalid role", "error": "invalid role",
}) })
return return
} }
} else { } else {
roles = strings.Join(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyDefaultRoles), ",") defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
if err != nil {
log.Debug("Error getting default roles: ", err)
c.JSON(400, gin.H{
"error": "invalid role",
})
return
}
roles = defaultRoles
} }
oauthStateString := state + "___" + redirectURI + "___" + roles + "___" + strings.Join(scope, ",") oauthStateString := state + "___" + redirectURI + "___" + roles + "___" + strings.Join(scope, ",")
@@ -69,33 +101,58 @@ func OAuthLoginHandler() gin.HandlerFunc {
switch provider { switch provider {
case constants.SignupMethodGoogle: case constants.SignupMethodGoogle:
if oauth.OAuthProviders.GoogleConfig == nil { if oauth.OAuthProviders.GoogleConfig == nil {
log.Debug("Google OAuth provider is not configured")
isProviderConfigured = false isProviderConfigured = false
break break
} }
sessionstore.SetState(oauthStateString, constants.SignupMethodGoogle) err := memorystore.Provider.SetState(oauthStateString, constants.SignupMethodGoogle)
if err != nil {
log.Debug("Error setting state: ", err)
c.JSON(500, gin.H{
"error": "internal server error",
})
return
}
// during the init of OAuthProvider authorizer url might be empty // during the init of OAuthProvider authorizer url might be empty
oauth.OAuthProviders.GoogleConfig.RedirectURL = hostname + "/oauth_callback/google" oauth.OAuthProviders.GoogleConfig.RedirectURL = hostname + "/oauth_callback/google"
url := oauth.OAuthProviders.GoogleConfig.AuthCodeURL(oauthStateString) url := oauth.OAuthProviders.GoogleConfig.AuthCodeURL(oauthStateString)
c.Redirect(http.StatusTemporaryRedirect, url) c.Redirect(http.StatusTemporaryRedirect, url)
case constants.SignupMethodGithub: case constants.SignupMethodGithub:
if oauth.OAuthProviders.GithubConfig == nil { if oauth.OAuthProviders.GithubConfig == nil {
log.Debug("Github OAuth provider is not configured")
isProviderConfigured = false isProviderConfigured = false
break break
} }
sessionstore.SetState(oauthStateString, constants.SignupMethodGithub) err := memorystore.Provider.SetState(oauthStateString, constants.SignupMethodGithub)
if err != nil {
log.Debug("Error setting state: ", err)
c.JSON(500, gin.H{
"error": "internal server error",
})
return
}
oauth.OAuthProviders.GithubConfig.RedirectURL = hostname + "/oauth_callback/github" oauth.OAuthProviders.GithubConfig.RedirectURL = hostname + "/oauth_callback/github"
url := oauth.OAuthProviders.GithubConfig.AuthCodeURL(oauthStateString) url := oauth.OAuthProviders.GithubConfig.AuthCodeURL(oauthStateString)
c.Redirect(http.StatusTemporaryRedirect, url) c.Redirect(http.StatusTemporaryRedirect, url)
case constants.SignupMethodFacebook: case constants.SignupMethodFacebook:
if oauth.OAuthProviders.FacebookConfig == nil { if oauth.OAuthProviders.FacebookConfig == nil {
log.Debug("Facebook OAuth provider is not configured")
isProviderConfigured = false isProviderConfigured = false
break break
} }
sessionstore.SetState(oauthStateString, constants.SignupMethodFacebook) err := memorystore.Provider.SetState(oauthStateString, constants.SignupMethodFacebook)
if err != nil {
log.Debug("Error setting state: ", err)
c.JSON(500, gin.H{
"error": "internal server error",
})
return
}
oauth.OAuthProviders.FacebookConfig.RedirectURL = hostname + "/oauth_callback/facebook" oauth.OAuthProviders.FacebookConfig.RedirectURL = hostname + "/oauth_callback/facebook"
url := oauth.OAuthProviders.FacebookConfig.AuthCodeURL(oauthStateString) url := oauth.OAuthProviders.FacebookConfig.AuthCodeURL(oauthStateString)
c.Redirect(http.StatusTemporaryRedirect, url) c.Redirect(http.StatusTemporaryRedirect, url)
default: default:
log.Debug("Invalid oauth provider: ", provider)
c.JSON(422, gin.H{ c.JSON(422, gin.H{
"message": "Invalid oauth provider", "message": "Invalid oauth provider",
}) })

8
server/handlers/openid_config.go
View File

@@ -4,15 +4,15 @@ import (
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/parsers"
) )
// OpenIDConfigurationHandler handler for open-id configurations // OpenIDConfigurationHandler handler for open-id configurations
func OpenIDConfigurationHandler() gin.HandlerFunc { func OpenIDConfigurationHandler() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
issuer := utils.GetHost(c) issuer := parsers.GetHost(c)
jwtType := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType) jwtType, _ := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
c.JSON(200, gin.H{ c.JSON(200, gin.H{
"issuer": issuer, "issuer": issuer,

14
server/handlers/revoke.go
View File

@@ -4,10 +4,11 @@ import (
"net/http" "net/http"
"strings" "strings"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/authorizerdev/authorizer/server/sessionstore"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/memorystore"
) )
// Revoke handler to revoke refresh token // Revoke handler to revoke refresh token
@@ -15,6 +16,7 @@ func RevokeHandler() gin.HandlerFunc {
return func(gc *gin.Context) { return func(gc *gin.Context) {
var reqBody map[string]string var reqBody map[string]string
if err := gc.BindJSON(&reqBody); err != nil { if err := gc.BindJSON(&reqBody); err != nil {
log.Debug("Error binding JSON: ", err)
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "error_binding_json", "error": "error_binding_json",
"error_description": err.Error(), "error_description": err.Error(),
@@ -26,6 +28,7 @@ func RevokeHandler() gin.HandlerFunc {
clientID := strings.TrimSpace(reqBody["client_id"]) clientID := strings.TrimSpace(reqBody["client_id"])
if clientID == "" { if clientID == "" {
log.Debug("Client ID is empty")
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "client_id_required", "error": "client_id_required",
"error_description": "The client id is required", "error_description": "The client id is required",
@@ -33,7 +36,8 @@ func RevokeHandler() gin.HandlerFunc {
return return
} }
if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) { if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); client != clientID || err != nil {
log.Debug("Client ID is invalid: ", clientID)
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_client_id", "error": "invalid_client_id",
"error_description": "The client id is invalid", "error_description": "The client id is invalid",
@@ -41,7 +45,7 @@ func RevokeHandler() gin.HandlerFunc {
return return
} }
sessionstore.RemoveState(refreshToken) memorystore.Provider.RemoveState(refreshToken)
gc.JSON(http.StatusOK, gin.H{ gc.JSON(http.StatusOK, gin.H{
"message": "Token revoked successfully", "message": "Token revoked successfully",

36
server/handlers/token.go
View File

@@ -7,13 +7,14 @@ import (
"strings" "strings"
"time" "time"
"github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/cookie"
"github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/sessionstore"
"github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/token"
"github.com/gin-gonic/gin"
) )
// TokenHandler to handle /oauth/token requests // TokenHandler to handle /oauth/token requests
@@ -22,6 +23,7 @@ func TokenHandler() gin.HandlerFunc {
return func(gc *gin.Context) { return func(gc *gin.Context) {
var reqBody map[string]string var reqBody map[string]string
if err := gc.BindJSON(&reqBody); err != nil { if err := gc.BindJSON(&reqBody); err != nil {
log.Debug("Error binding JSON: ", err)
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "error_binding_json", "error": "error_binding_json",
"error_description": err.Error(), "error_description": err.Error(),
@@ -43,6 +45,7 @@ func TokenHandler() gin.HandlerFunc {
isAuthorizationCodeGrant := grantType == "authorization_code" isAuthorizationCodeGrant := grantType == "authorization_code"
if !isRefreshTokenGrant && !isAuthorizationCodeGrant { if !isRefreshTokenGrant && !isAuthorizationCodeGrant {
log.Debug("Invalid grant type: ", grantType)
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_grant_type", "error": "invalid_grant_type",
"error_description": "grant_type is invalid", "error_description": "grant_type is invalid",
@@ -50,6 +53,7 @@ func TokenHandler() gin.HandlerFunc {
} }
if clientID == "" { if clientID == "" {
log.Debug("Client ID is empty")
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "client_id_required", "error": "client_id_required",
"error_description": "The client id is required", "error_description": "The client id is required",
@@ -57,7 +61,8 @@ func TokenHandler() gin.HandlerFunc {
return return
} }
if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) { if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); clientID != client || err != nil {
log.Debug("Client ID is invalid: ", clientID)
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_client_id", "error": "invalid_client_id",
"error_description": "The client id is invalid", "error_description": "The client id is invalid",
@@ -70,6 +75,7 @@ func TokenHandler() gin.HandlerFunc {
if isAuthorizationCodeGrant { if isAuthorizationCodeGrant {
if codeVerifier == "" { if codeVerifier == "" {
log.Debug("Code verifier is empty")
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_code_verifier", "error": "invalid_code_verifier",
"error_description": "The code verifier is required", "error_description": "The code verifier is required",
@@ -78,6 +84,7 @@ func TokenHandler() gin.HandlerFunc {
} }
if code == "" { if code == "" {
log.Debug("Code is empty")
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_code", "error": "invalid_code",
"error_description": "The code is required", "error_description": "The code is required",
@@ -90,8 +97,9 @@ func TokenHandler() gin.HandlerFunc {
encryptedCode := strings.ReplaceAll(base64.URLEncoding.EncodeToString(hash.Sum(nil)), "+", "-") encryptedCode := strings.ReplaceAll(base64.URLEncoding.EncodeToString(hash.Sum(nil)), "+", "-")
encryptedCode = strings.ReplaceAll(encryptedCode, "/", "_") encryptedCode = strings.ReplaceAll(encryptedCode, "/", "_")
encryptedCode = strings.ReplaceAll(encryptedCode, "=", "") encryptedCode = strings.ReplaceAll(encryptedCode, "=", "")
sessionData := sessionstore.GetState(encryptedCode) sessionData, err := memorystore.Provider.GetState(encryptedCode)
if sessionData == "" { if sessionData == "" || err != nil {
log.Debug("Session data is empty")
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_code_verifier", "error": "invalid_code_verifier",
"error_description": "The code verifier is invalid", "error_description": "The code verifier is invalid",
@@ -104,6 +112,7 @@ func TokenHandler() gin.HandlerFunc {
sessionDataSplit := strings.Split(sessionData, "@") sessionDataSplit := strings.Split(sessionData, "@")
if sessionDataSplit[0] != code { if sessionDataSplit[0] != code {
log.Debug("Invalid code verifier. Unable to split session data")
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_code_verifier", "error": "invalid_code_verifier",
"error_description": "The code verifier is invalid", "error_description": "The code verifier is invalid",
@@ -114,6 +123,7 @@ func TokenHandler() gin.HandlerFunc {
// validate session // validate session
claims, err := token.ValidateBrowserSession(gc, sessionDataSplit[1]) claims, err := token.ValidateBrowserSession(gc, sessionDataSplit[1])
if err != nil { if err != nil {
log.Debug("Error validating session: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": "unauthorized", "error": "unauthorized",
"error_description": "Invalid session data", "error_description": "Invalid session data",
@@ -121,13 +131,14 @@ func TokenHandler() gin.HandlerFunc {
return return
} }
// rollover the session for security // rollover the session for security
sessionstore.RemoveState(sessionDataSplit[1]) memorystore.Provider.RemoveState(sessionDataSplit[1])
userID = claims.Subject userID = claims.Subject
roles = claims.Roles roles = claims.Roles
scope = claims.Scope scope = claims.Scope
} else { } else {
// validate refresh token // validate refresh token
if refreshToken == "" { if refreshToken == "" {
log.Debug("Refresh token is empty")
gc.JSON(http.StatusBadRequest, gin.H{ gc.JSON(http.StatusBadRequest, gin.H{
"error": "invalid_refresh_token", "error": "invalid_refresh_token",
"error_description": "The refresh token is invalid", "error_description": "The refresh token is invalid",
@@ -136,6 +147,7 @@ func TokenHandler() gin.HandlerFunc {
claims, err := token.ValidateRefreshToken(gc, refreshToken) claims, err := token.ValidateRefreshToken(gc, refreshToken)
if err != nil { if err != nil {
log.Debug("Error validating refresh token: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": "unauthorized", "error": "unauthorized",
"error_description": err.Error(), "error_description": err.Error(),
@@ -151,11 +163,12 @@ func TokenHandler() gin.HandlerFunc {
scope = append(scope, v.(string)) scope = append(scope, v.(string))
} }
// remove older refresh token and rotate it for security // remove older refresh token and rotate it for security
sessionstore.RemoveState(refreshToken) memorystore.Provider.RemoveState(refreshToken)
} }
user, err := db.Provider.GetUserByID(userID) user, err := db.Provider.GetUserByID(userID)
if err != nil { if err != nil {
log.Debug("Error getting user: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": "unauthorized", "error": "unauthorized",
"error_description": "User not found", "error_description": "User not found",
@@ -165,14 +178,15 @@ func TokenHandler() gin.HandlerFunc {
authToken, err := token.CreateAuthToken(gc, user, roles, scope) authToken, err := token.CreateAuthToken(gc, user, roles, scope)
if err != nil { if err != nil {
log.Debug("Error creating auth token: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": "unauthorized", "error": "unauthorized",
"error_description": "User not found", "error_description": "User not found",
}) })
return return
} }
sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
cookie.SetSession(gc, authToken.FingerPrintHash) cookie.SetSession(gc, authToken.FingerPrintHash)
expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix() expiresIn := authToken.AccessToken.ExpiresAt - time.Now().Unix()
@@ -190,7 +204,7 @@ func TokenHandler() gin.HandlerFunc {
if authToken.RefreshToken != nil { if authToken.RefreshToken != nil {
res["refresh_token"] = authToken.RefreshToken.Token res["refresh_token"] = authToken.RefreshToken.Token
sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
} }
gc.JSON(http.StatusOK, res) gc.JSON(http.StatusOK, res)

7
server/handlers/userinfo.go
View File

@@ -3,15 +3,18 @@ package handlers
import ( import (
"net/http" "net/http"
"github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/token"
"github.com/gin-gonic/gin"
) )
func UserInfoHandler() gin.HandlerFunc { func UserInfoHandler() gin.HandlerFunc {
return func(gc *gin.Context) { return func(gc *gin.Context) {
accessToken, err := token.GetAccessToken(gc) accessToken, err := token.GetAccessToken(gc)
if err != nil { if err != nil {
log.Debug("Error getting access token: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": err.Error(), "error": err.Error(),
}) })
@@ -20,6 +23,7 @@ func UserInfoHandler() gin.HandlerFunc {
claims, err := token.ValidateAccessToken(gc, accessToken) claims, err := token.ValidateAccessToken(gc, accessToken)
if err != nil { if err != nil {
log.Debug("Error validating access token: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": err.Error(), "error": err.Error(),
}) })
@@ -29,6 +33,7 @@ func UserInfoHandler() gin.HandlerFunc {
userID := claims["sub"].(string) userID := claims["sub"].(string)
user, err := db.Provider.GetUserByID(userID) user, err := db.Provider.GetUserByID(userID)
if err != nil { if err != nil {
log.Debug("Error getting user: ", err)
gc.JSON(http.StatusUnauthorized, gin.H{ gc.JSON(http.StatusUnauthorized, gin.H{
"error": err.Error(), "error": err.Error(),
}) })

20
server/handlers/verify_email.go
View File

@@ -6,13 +6,16 @@ import (
"strings" "strings"
"time" "time"
"github.com/gin-gonic/gin"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/cookie"
"github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/db/models"
"github.com/authorizerdev/authorizer/server/sessionstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/parsers"
"github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/token"
"github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/utils"
"github.com/gin-gonic/gin"
) )
// VerifyEmailHandler handles the verify email route. // VerifyEmailHandler handles the verify email route.
@@ -24,21 +27,24 @@ func VerifyEmailHandler() gin.HandlerFunc {
} }
tokenInQuery := c.Query("token") tokenInQuery := c.Query("token")
if tokenInQuery == "" { if tokenInQuery == "" {
log.Debug("Token is empty")
c.JSON(400, errorRes) c.JSON(400, errorRes)
return return
} }
verificationRequest, err := db.Provider.GetVerificationRequestByToken(tokenInQuery) verificationRequest, err := db.Provider.GetVerificationRequestByToken(tokenInQuery)
if err != nil { if err != nil {
log.Debug("Error getting verification request: ", err)
errorRes["error_description"] = err.Error() errorRes["error_description"] = err.Error()
c.JSON(400, errorRes) c.JSON(400, errorRes)
return return
} }
// verify if token exists in db // verify if token exists in db
hostname := utils.GetHost(c) hostname := parsers.GetHost(c)
claim, err := token.ParseJWTToken(tokenInQuery, hostname, verificationRequest.Nonce, verificationRequest.Email) claim, err := token.ParseJWTToken(tokenInQuery, hostname, verificationRequest.Nonce, verificationRequest.Email)
if err != nil { if err != nil {
log.Debug("Error parsing token: ", err)
errorRes["error_description"] = err.Error() errorRes["error_description"] = err.Error()
c.JSON(400, errorRes) c.JSON(400, errorRes)
return return
@@ -46,6 +52,7 @@ func VerifyEmailHandler() gin.HandlerFunc {
user, err := db.Provider.GetUserByEmail(claim["sub"].(string)) user, err := db.Provider.GetUserByEmail(claim["sub"].(string))
if err != nil { if err != nil {
log.Debug("Error getting user: ", err)
errorRes["error_description"] = err.Error() errorRes["error_description"] = err.Error()
c.JSON(400, errorRes) c.JSON(400, errorRes)
return return
@@ -79,6 +86,7 @@ func VerifyEmailHandler() gin.HandlerFunc {
} }
authToken, err := token.CreateAuthToken(c, user, roles, scope) authToken, err := token.CreateAuthToken(c, user, roles, scope)
if err != nil { if err != nil {
log.Debug("Error creating auth token: ", err)
errorRes["error_description"] = err.Error() errorRes["error_description"] = err.Error()
c.JSON(500, errorRes) c.JSON(500, errorRes)
return return
@@ -92,12 +100,12 @@ func VerifyEmailHandler() gin.HandlerFunc {
params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + state + "&id_token=" + authToken.IDToken.Token params := "access_token=" + authToken.AccessToken.Token + "&token_type=bearer&expires_in=" + strconv.FormatInt(expiresIn, 10) + "&state=" + state + "&id_token=" + authToken.IDToken.Token
cookie.SetSession(c, authToken.FingerPrintHash) cookie.SetSession(c, authToken.FingerPrintHash)
sessionstore.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.FingerPrintHash, authToken.FingerPrint+"@"+user.ID)
sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
if authToken.RefreshToken != nil { if authToken.RefreshToken != nil {
params = params + `&refresh_token=${refresh_token}` params = params + `&refresh_token=${refresh_token}`
sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID) memorystore.Provider.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
} }
if redirectURL == "" { if redirectURL == "" {

94
server/main.go
View File

@@ -2,38 +2,89 @@ package main
import ( import (
"flag" "flag"
"log"
"github.com/sirupsen/logrus"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/cli"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db"
"github.com/authorizerdev/authorizer/server/env" "github.com/authorizerdev/authorizer/server/env"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/authorizerdev/authorizer/server/oauth" "github.com/authorizerdev/authorizer/server/oauth"
"github.com/authorizerdev/authorizer/server/routes" "github.com/authorizerdev/authorizer/server/routes"
"github.com/authorizerdev/authorizer/server/sessionstore"
) )
var VERSION string var VERSION string
type LogUTCFormatter struct {
log.Formatter
}
func (u LogUTCFormatter) Format(e *log.Entry) ([]byte, error) {
e.Time = e.Time.UTC()
return u.Formatter.Format(e)
}
func main() { func main() {
envstore.ARG_DB_URL = flag.String("database_url", "", "Database connection string") cli.ARG_DB_URL = flag.String("database_url", "", "Database connection string")
envstore.ARG_DB_TYPE = flag.String("database_type", "", "Database type, possible values are postgres,mysql,sqlite") cli.ARG_DB_TYPE = flag.String("database_type", "", "Database type, possible values are postgres,mysql,sqlite")
envstore.ARG_ENV_FILE = flag.String("env_file", "", "Env file path") cli.ARG_ENV_FILE = flag.String("env_file", "", "Env file path")
cli.ARG_LOG_LEVEL = flag.String("log_level", "info", "Log level, possible values are debug,info,warn,error,fatal,panic")
cli.ARG_REDIS_URL = flag.String("redis_url", "", "Redis connection string")
flag.Parse() flag.Parse()
log.Println("=> version:", VERSION) // global log level
logrus.SetFormatter(LogUTCFormatter{&logrus.JSONFormatter{}})
// log instance for gin server
log := logrus.New()
log.SetFormatter(LogUTCFormatter{&logrus.JSONFormatter{}})
var logLevel logrus.Level
switch *cli.ARG_LOG_LEVEL {
case "debug":
logLevel = logrus.DebugLevel
case "info":
logLevel = logrus.InfoLevel
case "warn":
logLevel = logrus.WarnLevel
case "error":
logLevel = logrus.ErrorLevel
case "fatal":
logLevel = logrus.FatalLevel
case "panic":
logLevel = logrus.PanicLevel
default:
logLevel = logrus.InfoLevel
}
logrus.SetLevel(logLevel)
log.SetLevel(logLevel)
// show file path in log for debug or other log levels.
if logLevel != logrus.InfoLevel {
logrus.SetReportCaller(true)
log.SetReportCaller(true)
}
constants.VERSION = VERSION constants.VERSION = VERSION
// initialize required envs (mainly db & env file path) // initialize required envs (mainly db, env file path and redis)
err := env.InitRequiredEnv() err := memorystore.InitRequiredEnv()
if err != nil { if err != nil {
log.Fatal("Error while initializing required envs:", err) log.Fatal("Error while initializing required envs: ", err)
}
// initialize memory store
err = memorystore.InitMemStore()
if err != nil {
log.Fatal("Error while initializing memory store: ", err)
} }
// initialize db provider // initialize db provider
err = db.InitDB() err = db.InitDB()
if err != nil { if err != nil {
log.Fatalln("Error while initializing db:", err) log.Fatalln("Error while initializing db: ", err)
} }
// initialize all envs // initialize all envs
@@ -46,21 +97,22 @@ func main() {
// persist all envs // persist all envs
err = env.PersistEnv() err = env.PersistEnv()
if err != nil { if err != nil {
log.Fatalln("Error while persisting env:", err) log.Fatalln("Error while persisting env: ", err)
}
// initialize session store (redis or in-memory based on env)
err = sessionstore.InitSession()
if err != nil {
log.Fatalln("Error while initializing session store:", err)
} }
// initialize oauth providers based on env // initialize oauth providers based on env
err = oauth.InitOAuth() err = oauth.InitOAuth()
if err != nil { if err != nil {
log.Fatalln("Error while initializing oauth:", err) log.Fatalln("Error while initializing oauth: ", err)
} }
router := routes.InitRouter() router := routes.InitRouter(log)
router.Run(":" + envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyPort)) log.Info("Starting Authorizer: ", VERSION)
port, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyPort)
if err != nil {
log.Info("Error while getting port from env using default port 8080: ", err)
port = "8080"
}
router.Run(":" + port)
} }

76
server/memorystore/memory_store.go Normal file
View File

@@ -0,0 +1,76 @@
package memorystore
import (
"encoding/json"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/memorystore/providers"
"github.com/authorizerdev/authorizer/server/memorystore/providers/inmemory"
"github.com/authorizerdev/authorizer/server/memorystore/providers/redis"
)
// Provider returns the current database provider
var Provider providers.Provider
// InitMemStore initializes the memory store
func InitMemStore() error {
var err error
defaultEnvs := map[string]interface{}{
// string envs
constants.EnvKeyJwtRoleClaim: "role",
constants.EnvKeyOrganizationName: "Authorizer",
constants.EnvKeyOrganizationLogo: "https://www.authorizer.dev/images/logo.png",
// boolean envs
constants.EnvKeyDisableBasicAuthentication: false,
constants.EnvKeyDisableMagicLinkLogin: false,
constants.EnvKeyDisableEmailVerification: false,
constants.EnvKeyDisableLoginPage: false,
constants.EnvKeyDisableSignUp: false,
}
requiredEnvs := RequiredEnvStoreObj.GetRequiredEnv()
requiredEnvMap := make(map[string]interface{})
requiredEnvBytes, err := json.Marshal(requiredEnvs)
if err != nil {
log.Debug("Error while marshalling required envs: ", err)
return err
}
err = json.Unmarshal(requiredEnvBytes, &requiredEnvMap)
if err != nil {
log.Debug("Error while unmarshalling required envs: ", err)
return err
}
// merge default envs with required envs
for key, val := range requiredEnvMap {
defaultEnvs[key] = val
}
redisURL := requiredEnvs.RedisURL
if redisURL != "" && !requiredEnvs.disableRedisForEnv {
log.Info("Initializing Redis memory store")
Provider, err = redis.NewRedisProvider(redisURL)
if err != nil {
return err
}
// set default envs in redis
Provider.UpdateEnvStore(defaultEnvs)
return nil
}
log.Info("using in memory store to save sessions")
// if redis url is not set use in memory store
Provider, err = inmemory.NewInMemoryProvider()
if err != nil {
return err
}
// set default envs in local env
Provider.UpdateEnvStore(defaultEnvs)
return nil
}

53
server/memorystore/providers/inmemory/envstore.go Normal file
View File

@@ -0,0 +1,53 @@
package inmemory
import (
"os"
"sync"
)
// EnvStore struct to store the env variables
type EnvStore struct {
mutex sync.Mutex
store map[string]interface{}
}
// UpdateEnvStore to update the whole env store object
func (e *EnvStore) UpdateStore(store map[string]interface{}) {
if os.Getenv("ENV") != "test" {
e.mutex.Lock()
defer e.mutex.Unlock()
}
// just override the keys + new keys
for key, value := range store {
e.store[key] = value
}
}
// GetStore returns the env store
func (e *EnvStore) GetStore() map[string]interface{} {
if os.Getenv("ENV") != "test" {
e.mutex.Lock()
defer e.mutex.Unlock()
}
return e.store
}
// Get returns the value of the key in evn store
func (e *EnvStore) Get(key string) interface{} {
if os.Getenv("ENV") != "test" {
e.mutex.Lock()
defer e.mutex.Unlock()
}
return e.store[key]
}
// Set sets the value of the key in env store
func (e *EnvStore) Set(key string, value interface{}) {
if os.Getenv("ENV") != "test" {
e.mutex.Lock()
defer e.mutex.Unlock()
}
e.store[key] = value
}

25
server/memorystore/providers/inmemory/provider.go Normal file
View File

@@ -0,0 +1,25 @@
package inmemory
import (
"sync"
)
type provider struct {
mutex sync.Mutex
sessionStore map[string]map[string]string
stateStore map[string]string
envStore *EnvStore
}
// NewInMemoryStore returns a new in-memory store.
func NewInMemoryProvider() (*provider, error) {
return &provider{
mutex: sync.Mutex{},
sessionStore: map[string]map[string]string{},
stateStore: map[string]string{},
envStore: &EnvStore{
mutex: sync.Mutex{},
store: map[string]interface{}{},
},
}, nil
}

121
server/memorystore/providers/inmemory/store.go Normal file
View File

@@ -0,0 +1,121 @@
package inmemory
import (
"fmt"
"os"
"strings"
)
// ClearStore clears the in-memory store.
func (c *provider) ClearStore() error {
if os.Getenv("ENV") != "test" {
c.mutex.Lock()
defer c.mutex.Unlock()
}
c.sessionStore = map[string]map[string]string{}
return nil
}
// GetUserSessions returns all the user session token from the in-memory store.
func (c *provider) GetUserSessions(userId string) map[string]string {
if os.Getenv("ENV") != "test" {
c.mutex.Lock()
defer c.mutex.Unlock()
}
res := map[string]string{}
for k, v := range c.stateStore {
split := strings.Split(v, "@")
if split[1] == userId {
res[k] = split[0]
}
}
return res
}
// DeleteAllUserSession deletes all the user sessions from in-memory store.
func (c *provider) DeleteAllUserSession(userId string) error {
if os.Getenv("ENV") != "test" {
c.mutex.Lock()
defer c.mutex.Unlock()
}
sessions := c.GetUserSessions(userId)
for k := range sessions {
c.RemoveState(k)
}
return nil
}
// SetState sets the state in the in-memory store.
func (c *provider) SetState(key, state string) error {
if os.Getenv("ENV") != "test" {
c.mutex.Lock()
defer c.mutex.Unlock()
}
c.stateStore[key] = state
return nil
}
// GetState gets the state from the in-memory store.
func (c *provider) GetState(key string) (string, error) {
if os.Getenv("ENV") != "test" {
c.mutex.Lock()
defer c.mutex.Unlock()
}
state := ""
if stateVal, ok := c.stateStore[key]; ok {
state = stateVal
}
return state, nil
}
// RemoveState removes the state from the in-memory store.
func (c *provider) RemoveState(key string) error {
if os.Getenv("ENV") != "test" {
c.mutex.Lock()
defer c.mutex.Unlock()
}
delete(c.stateStore, key)
return nil
}
// UpdateEnvStore to update the whole env store object
func (c *provider) UpdateEnvStore(store map[string]interface{}) error {
c.envStore.UpdateStore(store)
return nil
}
// GetEnvStore returns the env store object
func (c *provider) GetEnvStore() (map[string]interface{}, error) {
return c.envStore.GetStore(), nil
}
// UpdateEnvVariable to update the particular env variable
func (c *provider) UpdateEnvVariable(key string, value interface{}) error {
c.envStore.Set(key, value)
return nil
}
// GetStringStoreEnvVariable to get the env variable from string store object
func (c *provider) GetStringStoreEnvVariable(key string) (string, error) {
res := c.envStore.Get(key)
if res == nil {
return "", nil
}
return fmt.Sprintf("%v", res), nil
}
// GetBoolStoreEnvVariable to get the env variable from bool store object
func (c *provider) GetBoolStoreEnvVariable(key string) (bool, error) {
res := c.envStore.Get(key)
if res == nil {
return false, nil
}
return res.(bool), nil
}

30
server/memorystore/providers/providers.go Normal file
View File

@@ -0,0 +1,30 @@
package providers
// Provider defines current memory store provider
type Provider interface {
// DeleteAllSessions deletes all the sessions from the session store
DeleteAllUserSession(userId string) error
// GetUserSessions returns all the user sessions from the session store
GetUserSessions(userId string) map[string]string
// ClearStore clears the session store for authorizer tokens
ClearStore() error
// SetState sets the login state (key, value form) in the session store
SetState(key, state string) error
// GetState returns the state from the session store
GetState(key string) (string, error)
// RemoveState removes the social login state from the session store
RemoveState(key string) error
// methods for env store
// UpdateEnvStore to update the whole env store object
UpdateEnvStore(store map[string]interface{}) error
// GetEnvStore() returns the env store object
GetEnvStore() (map[string]interface{}, error)
// UpdateEnvVariable to update the particular env variable
UpdateEnvVariable(key string, value interface{}) error
// GetStringStoreEnvVariable to get the string env variable from env store
GetStringStoreEnvVariable(key string) (string, error)
// GetBoolStoreEnvVariable to get the bool env variable from env store
GetBoolStoreEnvVariable(key string) (bool, error)
}

78
server/memorystore/providers/redis/provider.go Normal file
View File

@@ -0,0 +1,78 @@
package redis
import (
"context"
"strings"
"time"
"github.com/go-redis/redis/v8"
log "github.com/sirupsen/logrus"
)
// RedisClient is the interface for redis client & redis cluster client
type RedisClient interface {
HMSet(ctx context.Context, key string, values ...interface{}) *redis.BoolCmd
Del(ctx context.Context, keys ...string) *redis.IntCmd
HDel(ctx context.Context, key string, fields ...string) *redis.IntCmd
HMGet(ctx context.Context, key string, fields ...string) *redis.SliceCmd
HSet(ctx context.Context, key string, values ...interface{}) *redis.IntCmd
HGet(ctx context.Context, key, field string) *redis.StringCmd
HGetAll(ctx context.Context, key string) *redis.StringStringMapCmd
Set(ctx context.Context, key string, value interface{}, expiration time.Duration) *redis.StatusCmd
Get(ctx context.Context, key string) *redis.StringCmd
Scan(ctx context.Context, cursor uint64, match string, count int64) *redis.ScanCmd
}
type provider struct {
ctx context.Context
store RedisClient
}
// NewRedisProvider returns a new redis provider
func NewRedisProvider(redisURL string) (*provider, error) {
redisURLHostPortsList := strings.Split(redisURL, ",")
if len(redisURLHostPortsList) > 1 {
opt, err := redis.ParseURL(redisURLHostPortsList[0])
if err != nil {
log.Debug("error parsing redis url: ", err)
return nil, err
}
urls := []string{opt.Addr}
urlList := redisURLHostPortsList[1:]
urls = append(urls, urlList...)
clusterOpt := &redis.ClusterOptions{Addrs: urls}
rdb := redis.NewClusterClient(clusterOpt)
ctx := context.Background()
_, err = rdb.Ping(ctx).Result()
if err != nil {
log.Debug("error connecting to redis: ", err)
return nil, err
}
return &provider{
ctx: ctx,
store: rdb,
}, nil
}
opt, err := redis.ParseURL(redisURL)
if err != nil {
log.Debug("error parsing redis url: ", err)
return nil, err
}
rdb := redis.NewClient(opt)
ctx := context.Background()
_, err = rdb.Ping(ctx).Result()
if err != nil {
log.Debug("error connecting to redis: ", err)
return nil, err
}
return &provider{
ctx: ctx,
store: rdb,
}, nil
}

158
server/memorystore/providers/redis/store.go Normal file
View File

@@ -0,0 +1,158 @@
package redis
import (
"strconv"
"strings"
"github.com/authorizerdev/authorizer/server/constants"
log "github.com/sirupsen/logrus"
)
var (
// session store prefix
sessionStorePrefix = "authorizer_session:"
// env store prefix
envStorePrefix = "authorizer_env"
)
// ClearStore clears the redis store for authorizer related tokens
func (c *provider) ClearStore() error {
err := c.store.Del(c.ctx, sessionStorePrefix+"*").Err()
if err != nil {
log.Debug("Error clearing redis store: ", err)
return err
}
return nil
}
// GetUserSessions returns all the user session token from the redis store.
func (c *provider) GetUserSessions(userID string) map[string]string {
data, err := c.store.HGetAll(c.ctx, "*").Result()
if err != nil {
log.Debug("error getting token from redis store: ", err)
}
res := map[string]string{}
for k, v := range data {
split := strings.Split(v, "@")
if split[1] == userID {
res[k] = split[0]
}
}
return res
}
// DeleteAllUserSession deletes all the user session from redis
func (c *provider) DeleteAllUserSession(userId string) error {
sessions := c.GetUserSessions(userId)
for k, v := range sessions {
if k == "token" {
err := c.store.Del(c.ctx, v).Err()
if err != nil {
log.Debug("Error deleting redis token: ", err)
return err
}
}
}
return nil
}
// SetState sets the state in redis store.
func (c *provider) SetState(key, value string) error {
err := c.store.Set(c.ctx, sessionStorePrefix+key, value, 0).Err()
if err != nil {
log.Debug("Error saving redis token: ", err)
return err
}
return nil
}
// GetState gets the state from redis store.
func (c *provider) GetState(key string) (string, error) {
var res string
err := c.store.Get(c.ctx, sessionStorePrefix+key).Scan(&res)
if err != nil {
log.Debug("error getting token from redis store: ", err)
}
return res, err
}
// RemoveState removes the state from redis store.
func (c *provider) RemoveState(key string) error {
err := c.store.Del(c.ctx, sessionStorePrefix+key).Err()
if err != nil {
log.Fatalln("Error deleting redis token: ", err)
return err
}
return nil
}
// UpdateEnvStore to update the whole env store object
func (c *provider) UpdateEnvStore(store map[string]interface{}) error {
for key, value := range store {
err := c.store.HSet(c.ctx, envStorePrefix, key, value).Err()
if err != nil {
return err
}
}
return nil
}
// GetEnvStore returns the whole env store object
func (c *provider) GetEnvStore() (map[string]interface{}, error) {
res := make(map[string]interface{})
data, err := c.store.HGetAll(c.ctx, envStorePrefix).Result()
if err != nil {
return nil, err
}
for key, value := range data {
if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp {
boolValue, err := strconv.ParseBool(value)
if err != nil {
return res, err
}
res[key] = boolValue
} else {
res[key] = value
}
}
return res, nil
}
// UpdateEnvVariable to update the particular env variable
func (c *provider) UpdateEnvVariable(key string, value interface{}) error {
err := c.store.HSet(c.ctx, envStorePrefix, key, value).Err()
if err != nil {
log.Debug("Error saving redis token: ", err)
return err
}
return nil
}
// GetStringStoreEnvVariable to get the string env variable from env store
func (c *provider) GetStringStoreEnvVariable(key string) (string, error) {
var res string
err := c.store.HGet(c.ctx, envStorePrefix, key).Scan(&res)
if err != nil {
return "", nil
}
return res, nil
}
// GetBoolStoreEnvVariable to get the bool env variable from env store
func (c *provider) GetBoolStoreEnvVariable(key string) (bool, error) {
var res bool
err := c.store.HGet(c.ctx, envStorePrefix, key).Scan(res)
if err != nil {
return false, nil
}
return res, nil
}

149
server/memorystore/required_env_store.go Normal file
View File

@@ -0,0 +1,149 @@
package memorystore
import (
"errors"
"os"
"strings"
"sync"
"github.com/joho/godotenv"
log "github.com/sirupsen/logrus"
"github.com/authorizerdev/authorizer/server/cli"
"github.com/authorizerdev/authorizer/server/constants"
)
// RequiredEnv holds information about required envs
type RequiredEnv struct {
EnvPath string `json:"ENV_PATH"`
DatabaseURL string `json:"DATABASE_URL"`
DatabaseType string `json:"DATABASE_TYPE"`
DatabaseName string `json:"DATABASE_NAME"`
DatabaseHost string `json:"DATABASE_HOST"`
DatabasePort string `json:"DATABASE_PORT"`
DatabaseUsername string `json:"DATABASE_USERNAME"`
DatabasePassword string `json:"DATABASE_PASSWORD"`
DatabaseCert string `json:"DATABASE_CERT"`
DatabaseCertKey string `json:"DATABASE_CERT_KEY"`
DatabaseCACert string `json:"DATABASE_CA_CERT"`
RedisURL string `json:"REDIS_URL"`
disableRedisForEnv bool `json:"DISABLE_REDIS_FOR_ENV"`
}
// RequiredEnvObj is a simple in-memory store for sessions.
type RequiredEnvStore struct {
mutex sync.Mutex
requiredEnv RequiredEnv
}
// GetRequiredEnv to get required env
func (r *RequiredEnvStore) GetRequiredEnv() RequiredEnv {
r.mutex.Lock()
defer r.mutex.Unlock()
return r.requiredEnv
}
// SetRequiredEnv to set required env
func (r *RequiredEnvStore) SetRequiredEnv(requiredEnv RequiredEnv) {
r.mutex.Lock()
defer r.mutex.Unlock()
r.requiredEnv = requiredEnv
}
var RequiredEnvStoreObj *RequiredEnvStore
// InitRequiredEnv to initialize EnvData and through error if required env are not present
func InitRequiredEnv() error {
envPath := os.Getenv(constants.EnvKeyEnvPath)
if envPath == "" {
if envPath == "" {
envPath = `.env`
}
}
if cli.ARG_ENV_FILE != nil && *cli.ARG_ENV_FILE != "" {
envPath = *cli.ARG_ENV_FILE
}
log.Info("env path: ", envPath)
err := godotenv.Load(envPath)
if err != nil {
log.Infof("using OS env instead of %s file", envPath)
}
dbURL := os.Getenv(constants.EnvKeyDatabaseURL)
dbType := os.Getenv(constants.EnvKeyDatabaseType)
dbName := os.Getenv(constants.EnvKeyDatabaseName)
dbPort := os.Getenv(constants.EnvKeyDatabasePort)
dbHost := os.Getenv(constants.EnvKeyDatabaseHost)
dbUsername := os.Getenv(constants.EnvKeyDatabaseUsername)
dbPassword := os.Getenv(constants.EnvKeyDatabasePassword)
dbCert := os.Getenv(constants.EnvKeyDatabaseCert)
dbCertKey := os.Getenv(constants.EnvKeyDatabaseCertKey)
dbCACert := os.Getenv(constants.EnvKeyDatabaseCACert)
redisURL := os.Getenv(constants.EnvKeyRedisURL)
disableRedisForEnv := os.Getenv(constants.EnvKeyDisableRedisForEnv) == "true"
if strings.TrimSpace(redisURL) == "" {
if cli.ARG_REDIS_URL != nil && *cli.ARG_REDIS_URL != "" {
redisURL = *cli.ARG_REDIS_URL
}
}
// set default db name for non sql dbs
if dbName == "" {
dbName = "authorizer"
}
if strings.TrimSpace(dbType) == "" {
if cli.ARG_DB_TYPE != nil && *cli.ARG_DB_TYPE != "" {
dbType = strings.TrimSpace(*cli.ARG_DB_TYPE)
}
if dbType == "" {
log.Debug("DATABASE_TYPE is not set")
return errors.New("invalid database type. DATABASE_TYPE is empty")
}
}
if strings.TrimSpace(dbURL) == "" {
if cli.ARG_DB_URL != nil && *cli.ARG_DB_URL != "" {
dbURL = strings.TrimSpace(*cli.ARG_DB_URL)
}
if dbURL == "" && dbPort == "" && dbHost == "" && dbUsername == "" && dbPassword == "" {
log.Debug("DATABASE_URL is not set")
return errors.New("invalid database url. DATABASE_URL is required")
}
}
if dbName == "" {
if dbName == "" {
dbName = "authorizer"
}
}
requiredEnv := RequiredEnv{
EnvPath: envPath,
DatabaseURL: dbURL,
DatabaseType: dbType,
DatabaseName: dbName,
DatabaseHost: dbHost,
DatabasePort: dbPort,
DatabaseUsername: dbUsername,
DatabasePassword: dbPassword,
DatabaseCert: dbCert,
DatabaseCertKey: dbCertKey,
DatabaseCACert: dbCACert,
RedisURL: redisURL,
disableRedisForEnv: disableRedisForEnv,
}
RequiredEnvStoreObj = &RequiredEnvStore{
requiredEnv: requiredEnv,
}
return nil
}

4
server/middlewares/cors.go
View File

@@ -1,7 +1,7 @@
package middlewares package middlewares
import ( import (
"github.com/authorizerdev/authorizer/server/utils" "github.com/authorizerdev/authorizer/server/validators"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@@ -10,7 +10,7 @@ func CORSMiddleware() gin.HandlerFunc {
return func(c *gin.Context) { return func(c *gin.Context) {
origin := c.Request.Header.Get("Origin") origin := c.Request.Header.Get("Origin")
if utils.IsValidOrigin(origin) { if validators.IsValidOrigin(origin) {
c.Writer.Header().Set("Access-Control-Allow-Origin", origin) c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
} }

78
server/middlewares/log.go Normal file
View File

@@ -0,0 +1,78 @@
package middlewares
import (
"fmt"
"math"
"net/http"
"os"
"time"
"github.com/gin-gonic/gin"
"github.com/sirupsen/logrus"
)
var timeFormat = "02/Jan/2006:15:04:05 -0700"
// Logger is the logrus logger handler
func Logger(logger logrus.FieldLogger, notLogged ...string) gin.HandlerFunc {
hostname, err := os.Hostname()
if err != nil {
hostname = "unknown"
}
var skip map[string]struct{}
if length := len(notLogged); length > 0 {
skip = make(map[string]struct{}, length)
for _, p := range notLogged {
skip[p] = struct{}{}
}
}
return func(c *gin.Context) {
// other handler can change c.Path so:
path := c.Request.URL.Path
start := time.Now()
c.Next()
stop := time.Since(start)
latency := int(math.Ceil(float64(stop.Nanoseconds()) / 1000000.0))
statusCode := c.Writer.Status()
clientIP := c.ClientIP()
clientUserAgent := c.Request.UserAgent()
referer := c.Request.Referer()
dataLength := c.Writer.Size()
if dataLength < 0 {
dataLength = 0
}
if _, ok := skip[path]; ok {
return
}
entry := logger.WithFields(logrus.Fields{
"hostname": hostname,
"statusCode": statusCode,
"latency": latency, // time to process
"clientIP": clientIP,
"method": c.Request.Method,
"path": path,
"referer": referer,
"dataLength": dataLength,
"userAgent": clientUserAgent,
})
if len(c.Errors) > 0 {
entry.Error(c.Errors.ByType(gin.ErrorTypePrivate).String())
} else {
msg := fmt.Sprintf("%s - %s [%s] \"%s %s\" %d %d \"%s\" \"%s\" (%dms)", clientIP, hostname, time.Now().Format(timeFormat), c.Request.Method, path, statusCode, dataLength, referer, clientUserAgent, latency)
if statusCode >= http.StatusInternalServerError {
entry.Error(msg)
} else if statusCode >= http.StatusBadRequest {
entry.Warn(msg)
} else {
entry.Info(msg)
}
}
}
}

49
server/oauth/oauth.go
View File

@@ -3,12 +3,13 @@ package oauth
import ( import (
"context" "context"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore"
"github.com/coreos/go-oidc/v3/oidc" "github.com/coreos/go-oidc/v3/oidc"
"golang.org/x/oauth2" "golang.org/x/oauth2"
facebookOAuth2 "golang.org/x/oauth2/facebook" facebookOAuth2 "golang.org/x/oauth2/facebook"
githubOAuth2 "golang.org/x/oauth2/github" githubOAuth2 "golang.org/x/oauth2/github"
"github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/memorystore"
) )
// OAuthProviders is a struct that contains reference all the OAuth providers // OAuthProviders is a struct that contains reference all the OAuth providers
@@ -33,32 +34,58 @@ var (
// InitOAuth initializes the OAuth providers based on EnvData // InitOAuth initializes the OAuth providers based on EnvData
func InitOAuth() error { func InitOAuth() error {
ctx := context.Background() ctx := context.Background()
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret) != "" { googleClientID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID)
if err != nil {
googleClientID = ""
}
googleClientSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret)
if err != nil {
googleClientSecret = ""
}
if googleClientID != "" && googleClientSecret != "" {
p, err := oidc.NewProvider(ctx, "https://accounts.google.com") p, err := oidc.NewProvider(ctx, "https://accounts.google.com")
if err != nil { if err != nil {
return err return err
} }
OIDCProviders.GoogleOIDC = p OIDCProviders.GoogleOIDC = p
OAuthProviders.GoogleConfig = &oauth2.Config{ OAuthProviders.GoogleConfig = &oauth2.Config{
ClientID: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID), ClientID: googleClientID,
ClientSecret: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientSecret), ClientSecret: googleClientSecret,
RedirectURL: "/oauth_callback/google", RedirectURL: "/oauth_callback/google",
Endpoint: OIDCProviders.GoogleOIDC.Endpoint(), Endpoint: OIDCProviders.GoogleOIDC.Endpoint(),
Scopes: []string{oidc.ScopeOpenID, "profile", "email"}, Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
} }
} }
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret) != "" {
githubClientID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID)
if err != nil {
githubClientID = ""
}
githubClientSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret)
if err != nil {
githubClientSecret = ""
}
if githubClientID != "" && githubClientSecret != "" {
OAuthProviders.GithubConfig = &oauth2.Config{ OAuthProviders.GithubConfig = &oauth2.Config{
ClientID: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientID), ClientID: githubClientID,
ClientSecret: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGithubClientSecret), ClientSecret: githubClientSecret,
RedirectURL: "/oauth_callback/github", RedirectURL: "/oauth_callback/github",
Endpoint: githubOAuth2.Endpoint, Endpoint: githubOAuth2.Endpoint,
} }
} }
if envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID) != "" && envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyGoogleClientID) != "" {
facebookClientID, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID)
if err != nil {
facebookClientID = ""
}
facebookClientSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientSecret)
if err != nil {
facebookClientSecret = ""
}
if facebookClientID != "" && facebookClientSecret != "" {
OAuthProviders.FacebookConfig = &oauth2.Config{ OAuthProviders.FacebookConfig = &oauth2.Config{
ClientID: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientID), ClientID: facebookClientID,
ClientSecret: envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyFacebookClientSecret), ClientSecret: facebookClientSecret,
RedirectURL: "/oauth_callback/facebook", RedirectURL: "/oauth_callback/facebook",
Endpoint: facebookOAuth2.Endpoint, Endpoint: facebookOAuth2.Endpoint,
Scopes: []string{"public_profile", "email"}, Scopes: []string{"public_profile", "email"},

13
server/utils/urls.go → server/parsers/url.go
View File

@@ -1,11 +1,11 @@
package utils package parsers
import ( import (
"net/url" "net/url"
"strings" "strings"
"github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/constants"
"github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/memorystore"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@@ -19,7 +19,10 @@ func GetHost(c *gin.Context) string {
return authorizerURL return authorizerURL
} }
authorizerURL = envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL) authorizerURL, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL)
if err == nil {
authorizerURL = ""
}
if authorizerURL != "" { if authorizerURL != "" {
return authorizerURL return authorizerURL
} }
@@ -89,8 +92,8 @@ func GetDomainName(uri string) string {
// GetAppURL to get /app/ url if not configured by user // GetAppURL to get /app/ url if not configured by user
func GetAppURL(gc *gin.Context) string { func GetAppURL(gc *gin.Context) string {
envAppURL := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAppURL) envAppURL, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAppURL)
if envAppURL == "" { if envAppURL == "" || err != nil {
envAppURL = GetHost(gc) + "/app" envAppURL = GetHost(gc) + "/app"
} }
return envAppURL return envAppURL

Some files were not shown because too many files have changed in this diff Show More