Compare commits
47 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
2fc438d810 | ||
|
|
1796cace15 | ||
|
|
43fdc826c4 | ||
|
|
c80b0d7028 | ||
|
|
55fc4b2608 | ||
|
|
fac333e195 | ||
|
|
edb5412c17 | ||
|
|
87a962504f | ||
|
|
d04f79557a | ||
|
|
c20e9b810a | ||
|
|
8d145bd5fe | ||
|
|
6fa0ad1809 | ||
|
|
abe809ca68 | ||
|
|
07f71e883b | ||
|
|
6cef9064c3 | ||
|
|
9ae616b6b5 | ||
|
|
356428ea02 | ||
|
|
7f47177741 | ||
|
|
9fb00544cd | ||
|
|
2b022d1058 | ||
|
|
1c84d9f4a8 | ||
|
|
0838b60fae | ||
|
|
325134466d | ||
|
|
58d9978dd5 | ||
|
|
801d64e2f5 | ||
|
|
dd3cc9de3a | ||
|
|
8dc7366182 | ||
|
|
7749534087 | ||
|
|
510f16e7b0 | ||
|
|
d5e83ea14f | ||
|
|
b4a90de1d4 | ||
|
|
c525ad92f2 | ||
|
|
9028682e93 | ||
|
|
3d6bfe4480 | ||
|
|
043af08bf0 | ||
|
|
0af78479fc | ||
|
|
096f686495 | ||
|
|
c574c6a679 | ||
|
|
6428b74e64 | ||
|
|
aa3892025d | ||
|
|
b2f3d6eb80 | ||
|
|
348cbf8c38 | ||
|
|
8ac33a085c | ||
|
|
6c9b359081 | ||
|
|
0fde46d274 | ||
|
|
1a5b446894 | ||
|
|
930c934fdb |
@@ -7,5 +7,9 @@ SMTP_PORT=2525
|
||||
SMTP_USERNAME=test
|
||||
SMTP_PASSWORD=test
|
||||
SENDER_EMAIL="info@authorizer.dev"
|
||||
TWILIO_API_KEY=test
|
||||
TWILIO_API_SECRET=test
|
||||
TWILIO_ACCOUNT_SID=ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
TWILIO_SENDER=909921212112
|
||||
SENDER_NAME="Authorizer"
|
||||
AWS_REGION=ap-south-1
|
||||
58
app/package-lock.json
generated
58
app/package-lock.json
generated
@@ -9,7 +9,7 @@
|
||||
"version": "1.0.0",
|
||||
"license": "ISC",
|
||||
"dependencies": {
|
||||
"@authorizerdev/authorizer-react": "^1.1.11",
|
||||
"@authorizerdev/authorizer-react": "^1.1.13",
|
||||
"@types/react": "^17.0.15",
|
||||
"@types/react-dom": "^17.0.9",
|
||||
"esbuild": "^0.12.17",
|
||||
@@ -27,9 +27,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@authorizerdev/authorizer-js": {
|
||||
"version": "1.2.3",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.3.tgz",
|
||||
"integrity": "sha512-rk/fMRIsqbp+fsy2y09etVjf7CY9/4mG6hf0RKgXgRRfxtAQa1jdkt/De23hBTNeEwAWu6hP/9BQZjcrln6KtA==",
|
||||
"version": "1.2.6",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz",
|
||||
"integrity": "sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA==",
|
||||
"dependencies": {
|
||||
"cross-fetch": "^3.1.5"
|
||||
},
|
||||
@@ -41,11 +41,11 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@authorizerdev/authorizer-react": {
|
||||
"version": "1.1.11",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.11.tgz",
|
||||
"integrity": "sha512-tSI/yjsoeK/RvCOMiHSf1QGOeSpaLYQZEM864LFLndKoJwk7UWCJ86qg1w6ge7B00PmZSNWqST/w5JTcQaVNpw==",
|
||||
"version": "1.1.13",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz",
|
||||
"integrity": "sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g==",
|
||||
"dependencies": {
|
||||
"@authorizerdev/authorizer-js": "^1.2.3"
|
||||
"@authorizerdev/authorizer-js": "^1.2.6"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=10"
|
||||
@@ -406,11 +406,11 @@
|
||||
"integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
|
||||
},
|
||||
"node_modules/cross-fetch": {
|
||||
"version": "3.1.5",
|
||||
"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz",
|
||||
"integrity": "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw==",
|
||||
"version": "3.1.8",
|
||||
"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz",
|
||||
"integrity": "sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg==",
|
||||
"dependencies": {
|
||||
"node-fetch": "2.6.7"
|
||||
"node-fetch": "^2.6.12"
|
||||
}
|
||||
},
|
||||
"node_modules/css-color-keywords": {
|
||||
@@ -567,9 +567,9 @@
|
||||
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
|
||||
},
|
||||
"node_modules/node-fetch": {
|
||||
"version": "2.6.7",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
|
||||
"integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==",
|
||||
"version": "2.6.12",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz",
|
||||
"integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==",
|
||||
"dependencies": {
|
||||
"whatwg-url": "^5.0.0"
|
||||
},
|
||||
@@ -837,19 +837,19 @@
|
||||
},
|
||||
"dependencies": {
|
||||
"@authorizerdev/authorizer-js": {
|
||||
"version": "1.2.3",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.3.tgz",
|
||||
"integrity": "sha512-rk/fMRIsqbp+fsy2y09etVjf7CY9/4mG6hf0RKgXgRRfxtAQa1jdkt/De23hBTNeEwAWu6hP/9BQZjcrln6KtA==",
|
||||
"version": "1.2.6",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz",
|
||||
"integrity": "sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA==",
|
||||
"requires": {
|
||||
"cross-fetch": "^3.1.5"
|
||||
}
|
||||
},
|
||||
"@authorizerdev/authorizer-react": {
|
||||
"version": "1.1.11",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.11.tgz",
|
||||
"integrity": "sha512-tSI/yjsoeK/RvCOMiHSf1QGOeSpaLYQZEM864LFLndKoJwk7UWCJ86qg1w6ge7B00PmZSNWqST/w5JTcQaVNpw==",
|
||||
"version": "1.1.13",
|
||||
"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz",
|
||||
"integrity": "sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g==",
|
||||
"requires": {
|
||||
"@authorizerdev/authorizer-js": "^1.2.3"
|
||||
"@authorizerdev/authorizer-js": "^1.2.6"
|
||||
}
|
||||
},
|
||||
"@babel/code-frame": {
|
||||
@@ -1144,11 +1144,11 @@
|
||||
"integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
|
||||
},
|
||||
"cross-fetch": {
|
||||
"version": "3.1.5",
|
||||
"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz",
|
||||
"integrity": "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw==",
|
||||
"version": "3.1.8",
|
||||
"resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz",
|
||||
"integrity": "sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg==",
|
||||
"requires": {
|
||||
"node-fetch": "2.6.7"
|
||||
"node-fetch": "^2.6.12"
|
||||
}
|
||||
},
|
||||
"css-color-keywords": {
|
||||
@@ -1270,9 +1270,9 @@
|
||||
"integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
|
||||
},
|
||||
"node-fetch": {
|
||||
"version": "2.6.7",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
|
||||
"integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==",
|
||||
"version": "2.6.12",
|
||||
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz",
|
||||
"integrity": "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g==",
|
||||
"requires": {
|
||||
"whatwg-url": "^5.0.0"
|
||||
}
|
||||
|
||||
@@ -12,7 +12,7 @@
|
||||
"author": "Lakhan Samani",
|
||||
"license": "ISC",
|
||||
"dependencies": {
|
||||
"@authorizerdev/authorizer-react": "^1.1.11",
|
||||
"@authorizerdev/authorizer-react": "^1.1.13",
|
||||
"@types/react": "^17.0.15",
|
||||
"@types/react-dom": "^17.0.9",
|
||||
"esbuild": "^0.12.17",
|
||||
|
||||
@@ -2,19 +2,19 @@
|
||||
# yarn lockfile v1
|
||||
|
||||
|
||||
"@authorizerdev/authorizer-js@^1.2.3":
|
||||
"integrity" "sha512-rk/fMRIsqbp+fsy2y09etVjf7CY9/4mG6hf0RKgXgRRfxtAQa1jdkt/De23hBTNeEwAWu6hP/9BQZjcrln6KtA=="
|
||||
"resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.3.tgz"
|
||||
"version" "1.2.3"
|
||||
"@authorizerdev/authorizer-js@^1.2.6":
|
||||
"integrity" "sha512-9+9phHUMF+AeDM0y+XQvIRDoerOXnQ1vfTfYN6KxWN1apdrkAd9nzS1zUsA2uJSnX3fFZOErn83GjbYYCYF1BA=="
|
||||
"resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-1.2.6.tgz"
|
||||
"version" "1.2.6"
|
||||
dependencies:
|
||||
"cross-fetch" "^3.1.5"
|
||||
|
||||
"@authorizerdev/authorizer-react@^1.1.11":
|
||||
"integrity" "sha512-tSI/yjsoeK/RvCOMiHSf1QGOeSpaLYQZEM864LFLndKoJwk7UWCJ86qg1w6ge7B00PmZSNWqST/w5JTcQaVNpw=="
|
||||
"resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.11.tgz"
|
||||
"version" "1.1.11"
|
||||
"@authorizerdev/authorizer-react@^1.1.13":
|
||||
"integrity" "sha512-LmpzyfR0+nEn+bjUrb/QU9b3kiVoYzMBIvcQ1nV4TNvrvVSqbLPKk+GmoIPkiBEtfy/QSM6XFLkiGNGD9BRP+g=="
|
||||
"resolved" "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.1.13.tgz"
|
||||
"version" "1.1.13"
|
||||
dependencies:
|
||||
"@authorizerdev/authorizer-js" "^1.2.3"
|
||||
"@authorizerdev/authorizer-js" "^1.2.6"
|
||||
|
||||
"@babel/code-frame@^7.16.7":
|
||||
"integrity" "sha512-iAXqUn8IIeBTNd72xsFlgaXHkMBMt6y4HJp1tIaK465CWLT/fG1aqB7ykr95gHHmlBdGbFeWWfyB4NJJ0nmeIg=="
|
||||
@@ -278,11 +278,11 @@
|
||||
"version" "1.1.3"
|
||||
|
||||
"cross-fetch@^3.1.5":
|
||||
"integrity" "sha512-lvb1SBsI0Z7GDwmuid+mU3kWVBwTVUbe7S0H52yaaAdQOXq2YktTCZdlAcNKFzE6QtRz0snpw9bNiPeOIkkQvw=="
|
||||
"resolved" "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.5.tgz"
|
||||
"version" "3.1.5"
|
||||
"integrity" "sha512-cvA+JwZoU0Xq+h6WkMvAUqPEYy92Obet6UdKLfW60qn99ftItKjB5T+BkyWOFWe2pUyfQ+IJHmpOTznqk1M6Kg=="
|
||||
"resolved" "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.1.8.tgz"
|
||||
"version" "3.1.8"
|
||||
dependencies:
|
||||
"node-fetch" "2.6.7"
|
||||
"node-fetch" "^2.6.12"
|
||||
|
||||
"css-color-keywords@^1.0.0":
|
||||
"integrity" "sha1-/qJhbcZ2spYmhrOvjb2+GAskTgU="
|
||||
@@ -389,10 +389,10 @@
|
||||
"resolved" "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz"
|
||||
"version" "2.1.2"
|
||||
|
||||
"node-fetch@2.6.7":
|
||||
"integrity" "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ=="
|
||||
"resolved" "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz"
|
||||
"version" "2.6.7"
|
||||
"node-fetch@^2.6.12":
|
||||
"integrity" "sha512-C/fGU2E8ToujUivIO0H+tpQ6HWo4eEmchoPIoXtxCrVghxdKq+QOHqEZW7tuP3KlV3bC8FRMO5nMCC7Zm1VP6g=="
|
||||
"resolved" "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.12.tgz"
|
||||
"version" "2.6.12"
|
||||
dependencies:
|
||||
"whatwg-url" "^5.0.0"
|
||||
|
||||
|
||||
@@ -7,6 +7,8 @@ const (
|
||||
AuthRecipeMethodMobileBasicAuth = "mobile_basic_auth"
|
||||
// AuthRecipeMethodMagicLinkLogin is the magic_link_login auth method
|
||||
AuthRecipeMethodMagicLinkLogin = "magic_link_login"
|
||||
// AuthRecipeMethodMobileOTP is the mobile_otp auth method
|
||||
AuthRecipeMethodMobileOTP = "mobile_otp"
|
||||
// AuthRecipeMethodGoogle is the google auth method
|
||||
AuthRecipeMethodGoogle = "google"
|
||||
// AuthRecipeMethodGithub is the github auth method
|
||||
|
||||
@@ -66,6 +66,8 @@ const (
|
||||
EnvKeySenderName = "SENDER_NAME"
|
||||
// EnvKeyIsEmailServiceEnabled key for env variable IS_EMAIL_SERVICE_ENABLED
|
||||
EnvKeyIsEmailServiceEnabled = "IS_EMAIL_SERVICE_ENABLED"
|
||||
// EnvKeyIsSMSServiceEnabled key for env variable IS_SMS_SERVICE_ENABLED
|
||||
EnvKeyIsSMSServiceEnabled = "IS_SMS_SERVICE_ENABLED"
|
||||
// EnvKeyAppCookieSecure key for env variable APP_COOKIE_SECURE
|
||||
EnvKeyAppCookieSecure = "APP_COOKIE_SECURE"
|
||||
// EnvKeyAdminCookieSecure key for env variable ADMIN_COOKIE_SECURE
|
||||
@@ -158,6 +160,9 @@ const (
|
||||
// EnvKeyDisableMultiFactorAuthentication is key for env variable DISABLE_MULTI_FACTOR_AUTHENTICATION
|
||||
// this variable is used to completely disable multi factor authentication. It will have no effect on profile preference
|
||||
EnvKeyDisableMultiFactorAuthentication = "DISABLE_MULTI_FACTOR_AUTHENTICATION"
|
||||
// EnvKeyDisablePhoneVerification is key for env variable DISABLE_PHONE_VERIFICATION
|
||||
// this variable is used to disable phone verification
|
||||
EnvKeyDisablePhoneVerification = "DISABLE_PHONE_VERIFICATION"
|
||||
|
||||
// Slice variables
|
||||
// EnvKeyRoles key for env variable ROLES
|
||||
@@ -176,4 +181,14 @@ const (
|
||||
// EnvKeyDefaultAuthorizeResponseMode key for env variable DEFAULT_AUTHORIZE_RESPONSE_MODE
|
||||
// This env is used for setting default response mode in authorize handler
|
||||
EnvKeyDefaultAuthorizeResponseMode = "DEFAULT_AUTHORIZE_RESPONSE_MODE"
|
||||
|
||||
// Twilio env variables
|
||||
// EnvKeyTwilioAPIKey key for env variable TWILIO_API_KEY
|
||||
EnvKeyTwilioAPIKey = "TWILIO_API_KEY"
|
||||
// EnvKeyTwilioAPISecret key for env variable TWILIO_API_SECRET
|
||||
EnvKeyTwilioAPISecret = "TWILIO_API_SECRET"
|
||||
// EnvKeyTwilioAccountSID key for env variable TWILIO_ACCOUNT_SID
|
||||
EnvKeyTwilioAccountSID = "TWILIO_ACCOUNT_SID"
|
||||
// EnvKeyTwilioSender key for env variable TWILIO_SENDER
|
||||
EnvKeyTwilioSender = "TWILIO_SENDER"
|
||||
)
|
||||
|
||||
@@ -2,14 +2,15 @@ package models
|
||||
|
||||
// Collections / Tables available for authorizer in the database
|
||||
type CollectionList struct {
|
||||
User string
|
||||
VerificationRequest string
|
||||
Session string
|
||||
Env string
|
||||
Webhook string
|
||||
WebhookLog string
|
||||
EmailTemplate string
|
||||
OTP string
|
||||
User string
|
||||
VerificationRequest string
|
||||
Session string
|
||||
Env string
|
||||
Webhook string
|
||||
WebhookLog string
|
||||
EmailTemplate string
|
||||
OTP string
|
||||
SMSVerificationRequest string
|
||||
}
|
||||
|
||||
var (
|
||||
@@ -17,13 +18,14 @@ var (
|
||||
Prefix = "authorizer_"
|
||||
// Collections / Tables available for authorizer in the database (used for dbs other than gorm)
|
||||
Collections = CollectionList{
|
||||
User: Prefix + "users",
|
||||
VerificationRequest: Prefix + "verification_requests",
|
||||
Session: Prefix + "sessions",
|
||||
Env: Prefix + "env",
|
||||
Webhook: Prefix + "webhooks",
|
||||
WebhookLog: Prefix + "webhook_logs",
|
||||
EmailTemplate: Prefix + "email_templates",
|
||||
OTP: Prefix + "otps",
|
||||
User: Prefix + "users",
|
||||
VerificationRequest: Prefix + "verification_requests",
|
||||
Session: Prefix + "sessions",
|
||||
Env: Prefix + "env",
|
||||
Webhook: Prefix + "webhooks",
|
||||
WebhookLog: Prefix + "webhook_logs",
|
||||
EmailTemplate: Prefix + "email_templates",
|
||||
OTP: Prefix + "otps",
|
||||
SMSVerificationRequest: Prefix + "sms_verification_requests",
|
||||
}
|
||||
)
|
||||
|
||||
@@ -1,14 +1,22 @@
|
||||
package models
|
||||
|
||||
const (
|
||||
// FieldName email is the field name for email
|
||||
FieldNameEmail = "email"
|
||||
// FieldNamePhoneNumber is the field name for phone number
|
||||
FieldNamePhoneNumber = "phone_number"
|
||||
)
|
||||
|
||||
// OTP model for database
|
||||
type OTP struct {
|
||||
Key string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty" dynamo:"key,omitempty"` // for arangodb
|
||||
ID string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id" dynamo:"id,hash"`
|
||||
Email string `gorm:"unique" json:"email" bson:"email" cql:"email" dynamo:"email" index:"email,hash"`
|
||||
Otp string `json:"otp" bson:"otp" cql:"otp" dynamo:"otp"`
|
||||
ExpiresAt int64 `json:"expires_at" bson:"expires_at" cql:"expires_at" dynamo:"expires_at"`
|
||||
CreatedAt int64 `json:"created_at" bson:"created_at" cql:"created_at" dynamo:"created_at"`
|
||||
UpdatedAt int64 `json:"updated_at" bson:"updated_at" cql:"updated_at" dynamo:"updated_at"`
|
||||
Key string `json:"_key,omitempty" bson:"_key,omitempty" cql:"_key,omitempty" dynamo:"key,omitempty"` // for arangodb
|
||||
ID string `gorm:"primaryKey;type:char(36)" json:"_id" bson:"_id" cql:"id" dynamo:"id,hash"`
|
||||
Email string `gorm:"unique" json:"email" bson:"email" cql:"email" dynamo:"email" index:"email,hash"`
|
||||
PhoneNumber string `gorm:"index:unique_index_phone_number,unique" json:"phone_number" bson:"phone_number" cql:"phone_number" dynamo:"phone_number"`
|
||||
Otp string `json:"otp" bson:"otp" cql:"otp" dynamo:"otp"`
|
||||
ExpiresAt int64 `json:"expires_at" bson:"expires_at" cql:"expires_at" dynamo:"expires_at"`
|
||||
CreatedAt int64 `json:"created_at" bson:"created_at" cql:"created_at" dynamo:"created_at"`
|
||||
UpdatedAt int64 `json:"updated_at" bson:"updated_at" cql:"updated_at" dynamo:"updated_at"`
|
||||
}
|
||||
|
||||
type Paging struct {
|
||||
|
||||
@@ -2,6 +2,7 @@ package arangodb
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
@@ -12,17 +13,31 @@ import (
|
||||
|
||||
// UpsertOTP to add or update otp
|
||||
func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
|
||||
otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
// check if email or phone number is present
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber == "" {
|
||||
return nil, errors.New("email or phone_number is required")
|
||||
}
|
||||
uniqueField := models.FieldNameEmail
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber != "" {
|
||||
uniqueField = models.FieldNamePhoneNumber
|
||||
}
|
||||
var otp *models.OTP
|
||||
if uniqueField == models.FieldNameEmail {
|
||||
otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
} else {
|
||||
otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
|
||||
}
|
||||
shouldCreate := false
|
||||
if otp == nil {
|
||||
id := uuid.NewString()
|
||||
otp = &models.OTP{
|
||||
ID: id,
|
||||
Key: id,
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
ID: id,
|
||||
Key: id,
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
PhoneNumber: otpParam.PhoneNumber,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
}
|
||||
shouldCreate = true
|
||||
} else {
|
||||
@@ -67,7 +82,35 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
|
||||
for {
|
||||
if !cursor.HasMore() {
|
||||
if otp.Key == "" {
|
||||
return nil, fmt.Errorf("email template not found")
|
||||
return nil, fmt.Errorf("otp with given email not found")
|
||||
}
|
||||
break
|
||||
}
|
||||
_, err := cursor.ReadDocument(ctx, &otp)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
|
||||
var otp models.OTP
|
||||
query := fmt.Sprintf("FOR d in %s FILTER d.phone_number == @phone_number RETURN d", models.Collections.OTP)
|
||||
bindVars := map[string]interface{}{
|
||||
"phone_number": phoneNumber,
|
||||
}
|
||||
cursor, err := p.db.Query(ctx, query, bindVars)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer cursor.Close()
|
||||
for {
|
||||
if !cursor.HasMore() {
|
||||
if otp.Key == "" {
|
||||
return nil, fmt.Errorf("otp with given phone_number not found")
|
||||
}
|
||||
break
|
||||
}
|
||||
|
||||
@@ -225,16 +225,14 @@ func NewProvider() (*provider, error) {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
otpCollection, err := arangodb.Collection(ctx, models.Collections.OTP)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
otpCollection.EnsureHashIndex(ctx, []string{"email"}, &arangoDriver.EnsureHashIndexOptions{
|
||||
otpCollection.EnsureHashIndex(ctx, []string{models.FieldNameEmail, models.FieldNamePhoneNumber}, &arangoDriver.EnsureHashIndexOptions{
|
||||
Unique: true,
|
||||
Sparse: true,
|
||||
})
|
||||
|
||||
return &provider{
|
||||
db: arangodb,
|
||||
}, err
|
||||
|
||||
@@ -2,6 +2,7 @@ package cassandradb
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
@@ -12,17 +13,31 @@ import (
|
||||
|
||||
// UpsertOTP to add or update otp
|
||||
func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
|
||||
otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
// check if email or phone number is present
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber == "" {
|
||||
return nil, errors.New("email or phone_number is required")
|
||||
}
|
||||
uniqueField := models.FieldNameEmail
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber != "" {
|
||||
uniqueField = models.FieldNamePhoneNumber
|
||||
}
|
||||
var otp *models.OTP
|
||||
if uniqueField == models.FieldNameEmail {
|
||||
otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
} else {
|
||||
otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
|
||||
}
|
||||
shouldCreate := false
|
||||
if otp == nil {
|
||||
shouldCreate = true
|
||||
otp = &models.OTP{
|
||||
ID: uuid.NewString(),
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
UpdatedAt: time.Now().Unix(),
|
||||
ID: uuid.NewString(),
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
PhoneNumber: otpParam.PhoneNumber,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
UpdatedAt: time.Now().Unix(),
|
||||
}
|
||||
} else {
|
||||
otp.Otp = otpParam.Otp
|
||||
@@ -32,7 +47,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
|
||||
otp.UpdatedAt = time.Now().Unix()
|
||||
query := ""
|
||||
if shouldCreate {
|
||||
query = fmt.Sprintf(`INSERT INTO %s (id, email, otp, expires_at, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d, %d)`, KeySpace+"."+models.Collections.OTP, otp.ID, otp.Email, otp.Otp, otp.ExpiresAt, otp.CreatedAt, otp.UpdatedAt)
|
||||
query = fmt.Sprintf(`INSERT INTO %s (id, email, phone_number, otp, expires_at, created_at, updated_at) VALUES ('%s', '%s', '%s', '%s', %d, %d, %d)`, KeySpace+"."+models.Collections.OTP, otp.ID, otp.Email, otp.PhoneNumber, otp.Otp, otp.ExpiresAt, otp.CreatedAt, otp.UpdatedAt)
|
||||
} else {
|
||||
query = fmt.Sprintf(`UPDATE %s SET otp = '%s', expires_at = %d, updated_at = %d WHERE id = '%s'`, KeySpace+"."+models.Collections.OTP, otp.Otp, otp.ExpiresAt, otp.UpdatedAt, otp.ID)
|
||||
}
|
||||
@@ -48,8 +63,19 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
|
||||
// GetOTPByEmail to get otp for a given email address
|
||||
func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
|
||||
var otp models.OTP
|
||||
query := fmt.Sprintf(`SELECT id, email, otp, expires_at, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.OTP, emailAddress)
|
||||
err := p.db.Query(query).Consistency(gocql.One).Scan(&otp.ID, &otp.Email, &otp.Otp, &otp.ExpiresAt, &otp.CreatedAt, &otp.UpdatedAt)
|
||||
query := fmt.Sprintf(`SELECT id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.OTP, emailAddress)
|
||||
err := p.db.Query(query).Consistency(gocql.One).Scan(&otp.ID, &otp.Email, &otp.PhoneNumber, &otp.Otp, &otp.ExpiresAt, &otp.CreatedAt, &otp.UpdatedAt)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
|
||||
var otp models.OTP
|
||||
query := fmt.Sprintf(`SELECT id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s WHERE phone_number = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.OTP, phoneNumber)
|
||||
err := p.db.Query(query).Consistency(gocql.One).Scan(&otp.ID, &otp.Email, &otp.PhoneNumber, &otp.Otp, &otp.ExpiresAt, &otp.CreatedAt, &otp.UpdatedAt)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -254,7 +254,19 @@ func NewProvider() (*provider, error) {
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Add phone_number column to otp table
|
||||
otpAlterQuery := fmt.Sprintf(`ALTER TABLE %s.%s ADD (phone_number text);`, KeySpace, models.Collections.OTP)
|
||||
err = session.Query(otpAlterQuery).Exec()
|
||||
if err != nil {
|
||||
log.Debug("Failed to alter table as column exists: ", err)
|
||||
// continue
|
||||
}
|
||||
// Add phone number index
|
||||
otpIndexQueryPhoneNumber := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_otp_phone_number ON %s.%s (phone_number)", KeySpace, models.Collections.OTP)
|
||||
err = session.Query(otpIndexQueryPhoneNumber).Exec()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &provider{
|
||||
db: session,
|
||||
}, err
|
||||
|
||||
@@ -2,6 +2,7 @@ package couchbase
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
@@ -12,24 +13,36 @@ import (
|
||||
|
||||
// UpsertOTP to add or update otp
|
||||
func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
|
||||
otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
|
||||
// check if email or phone number is present
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber == "" {
|
||||
return nil, errors.New("email or phone_number is required")
|
||||
}
|
||||
uniqueField := models.FieldNameEmail
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber != "" {
|
||||
uniqueField = models.FieldNamePhoneNumber
|
||||
}
|
||||
var otp *models.OTP
|
||||
if uniqueField == models.FieldNameEmail {
|
||||
otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
} else {
|
||||
otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
|
||||
}
|
||||
shouldCreate := false
|
||||
if otp == nil {
|
||||
shouldCreate = true
|
||||
otp = &models.OTP{
|
||||
ID: uuid.NewString(),
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
UpdatedAt: time.Now().Unix(),
|
||||
ID: uuid.NewString(),
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
PhoneNumber: otpParam.PhoneNumber,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
UpdatedAt: time.Now().Unix(),
|
||||
}
|
||||
} else {
|
||||
otp.Otp = otpParam.Otp
|
||||
otp.ExpiresAt = otpParam.ExpiresAt
|
||||
}
|
||||
|
||||
otp.UpdatedAt = time.Now().Unix()
|
||||
if shouldCreate {
|
||||
insertOpt := gocb.InsertOptions{
|
||||
@@ -54,7 +67,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
|
||||
// GetOTPByEmail to get otp for a given email address
|
||||
func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
|
||||
otp := models.OTP{}
|
||||
query := fmt.Sprintf(`SELECT _id, email, otp, expires_at, created_at, updated_at FROM %s.%s WHERE email = $1 LIMIT 1`, p.scopeName, models.Collections.OTP)
|
||||
query := fmt.Sprintf(`SELECT _id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s.%s WHERE email = $1 LIMIT 1`, p.scopeName, models.Collections.OTP)
|
||||
q, err := p.db.Query(query, &gocb.QueryOptions{
|
||||
ScanConsistency: gocb.QueryScanConsistencyRequestPlus,
|
||||
PositionalParameters: []interface{}{emailAddress},
|
||||
@@ -63,11 +76,27 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
|
||||
return nil, err
|
||||
}
|
||||
err = q.One(&otp)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
|
||||
otp := models.OTP{}
|
||||
query := fmt.Sprintf(`SELECT _id, email, phone_number, otp, expires_at, created_at, updated_at FROM %s.%s WHERE phone_number = $1 LIMIT 1`, p.scopeName, models.Collections.OTP)
|
||||
q, err := p.db.Query(query, &gocb.QueryOptions{
|
||||
ScanConsistency: gocb.QueryScanConsistencyRequestPlus,
|
||||
PositionalParameters: []interface{}{phoneNumber},
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
err = q.One(&otp)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
|
||||
@@ -166,5 +166,9 @@ func GetIndex(scopeName string) map[string][]string {
|
||||
otpIndex1 := fmt.Sprintf("CREATE INDEX OTPEmailIndex ON %s.%s(email)", scopeName, models.Collections.OTP)
|
||||
indices[models.Collections.OTP] = []string{otpIndex1}
|
||||
|
||||
// OTP index
|
||||
otpIndex2 := fmt.Sprintf("CREATE INDEX OTPPhoneNumberIndex ON %s.%s(phone_number)", scopeName, models.Collections.OTP)
|
||||
indices[models.Collections.OTP] = []string{otpIndex2}
|
||||
|
||||
return indices
|
||||
}
|
||||
|
||||
@@ -11,24 +11,19 @@ import (
|
||||
|
||||
func GetSetFields(webhookMap map[string]interface{}) (string, map[string]interface{}) {
|
||||
params := make(map[string]interface{}, 1)
|
||||
|
||||
updateFields := ""
|
||||
|
||||
for key, value := range webhookMap {
|
||||
if key == "_id" {
|
||||
continue
|
||||
}
|
||||
|
||||
if key == "_key" {
|
||||
continue
|
||||
}
|
||||
|
||||
if value == nil {
|
||||
updateFields += fmt.Sprintf("%s=$%s,", key, key)
|
||||
params[key] = "null"
|
||||
continue
|
||||
}
|
||||
|
||||
valueType := reflect.TypeOf(value)
|
||||
if valueType.Name() == "string" {
|
||||
updateFields += fmt.Sprintf("%s = $%s, ", key, key)
|
||||
|
||||
@@ -11,27 +11,39 @@ import (
|
||||
|
||||
// UpsertOTP to add or update otp
|
||||
func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
|
||||
otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
// check if email or phone number is present
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber == "" {
|
||||
return nil, errors.New("email or phone_number is required")
|
||||
}
|
||||
uniqueField := models.FieldNameEmail
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber != "" {
|
||||
uniqueField = models.FieldNamePhoneNumber
|
||||
}
|
||||
var otp *models.OTP
|
||||
if uniqueField == models.FieldNameEmail {
|
||||
otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
} else {
|
||||
otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
|
||||
}
|
||||
shouldCreate := false
|
||||
if otp == nil {
|
||||
id := uuid.NewString()
|
||||
otp = &models.OTP{
|
||||
ID: id,
|
||||
Key: id,
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
ID: id,
|
||||
Key: id,
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
PhoneNumber: otpParam.PhoneNumber,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
}
|
||||
shouldCreate = true
|
||||
} else {
|
||||
otp.Otp = otpParam.Otp
|
||||
otp.ExpiresAt = otpParam.ExpiresAt
|
||||
}
|
||||
|
||||
collection := p.db.Table(models.Collections.OTP)
|
||||
otp.UpdatedAt = time.Now().Unix()
|
||||
|
||||
var err error
|
||||
if shouldCreate {
|
||||
err = collection.Put(otp).RunWithContext(ctx)
|
||||
@@ -41,7 +53,6 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return otp, nil
|
||||
}
|
||||
|
||||
@@ -49,20 +60,32 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
|
||||
func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
|
||||
var otps []models.OTP
|
||||
var otp models.OTP
|
||||
|
||||
collection := p.db.Table(models.Collections.OTP)
|
||||
|
||||
err := collection.Scan().Index("email").Filter("'email' = ?", emailAddress).Limit(1).AllWithContext(ctx, &otps)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if len(otps) > 0 {
|
||||
otp = otps[0]
|
||||
return &otp, nil
|
||||
} else {
|
||||
return nil, errors.New("no docuemnt found")
|
||||
}
|
||||
return nil, errors.New("no docuemnt found")
|
||||
}
|
||||
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
|
||||
var otps []models.OTP
|
||||
var otp models.OTP
|
||||
collection := p.db.Table(models.Collections.OTP)
|
||||
err := collection.Scan().Filter("'phone_number' = ?", phoneNumber).Limit(1).AllWithContext(ctx, &otps)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if len(otps) > 0 {
|
||||
otp = otps[0]
|
||||
return &otp, nil
|
||||
}
|
||||
return nil, errors.New("no docuemnt found")
|
||||
}
|
||||
|
||||
// DeleteOTP to delete otp
|
||||
@@ -75,6 +98,5 @@ func (p *provider) DeleteOTP(ctx context.Context, otp *models.OTP) error {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -31,11 +31,11 @@ func NewProvider() (*provider, error) {
|
||||
if awsRegion != "" {
|
||||
config.Region = aws.String(awsRegion)
|
||||
}
|
||||
|
||||
// custom awsAccessKeyID, awsSecretAccessKey took first priority, if not then fetch config from aws credentials
|
||||
if awsAccessKeyID != "" && awsSecretAccessKey != "" {
|
||||
config.Credentials = credentials.NewStaticCredentials(awsAccessKeyID, awsSecretAccessKey, "")
|
||||
} else if dbURL != "" {
|
||||
log.Debug("Tring to use database url for dynamodb")
|
||||
// static config in case of testing or local-setup
|
||||
config.Credentials = credentials.NewStaticCredentials("key", "key", "")
|
||||
config.Endpoint = aws.String(dbURL)
|
||||
|
||||
@@ -2,6 +2,7 @@ package mongodb
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/db/models"
|
||||
@@ -12,17 +13,31 @@ import (
|
||||
|
||||
// UpsertOTP to add or update otp
|
||||
func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models.OTP, error) {
|
||||
otp, _ := p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
// check if email or phone number is present
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber == "" {
|
||||
return nil, errors.New("email or phone_number is required")
|
||||
}
|
||||
uniqueField := models.FieldNameEmail
|
||||
if otpParam.Email == "" && otpParam.PhoneNumber != "" {
|
||||
uniqueField = models.FieldNamePhoneNumber
|
||||
}
|
||||
var otp *models.OTP
|
||||
if uniqueField == models.FieldNameEmail {
|
||||
otp, _ = p.GetOTPByEmail(ctx, otpParam.Email)
|
||||
} else {
|
||||
otp, _ = p.GetOTPByPhoneNumber(ctx, otpParam.PhoneNumber)
|
||||
}
|
||||
shouldCreate := false
|
||||
if otp == nil {
|
||||
id := uuid.NewString()
|
||||
otp = &models.OTP{
|
||||
ID: id,
|
||||
Key: id,
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
ID: id,
|
||||
Key: id,
|
||||
Otp: otpParam.Otp,
|
||||
Email: otpParam.Email,
|
||||
PhoneNumber: otpParam.PhoneNumber,
|
||||
ExpiresAt: otpParam.ExpiresAt,
|
||||
CreatedAt: time.Now().Unix(),
|
||||
}
|
||||
shouldCreate = true
|
||||
} else {
|
||||
@@ -41,20 +56,28 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return otp, nil
|
||||
}
|
||||
|
||||
// GetOTPByEmail to get otp for a given email address
|
||||
func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
|
||||
var otp models.OTP
|
||||
|
||||
otpCollection := p.db.Collection(models.Collections.OTP, options.Collection())
|
||||
err := otpCollection.FindOne(ctx, bson.M{"email": emailAddress}).Decode(&otp)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
|
||||
var otp models.OTP
|
||||
otpCollection := p.db.Collection(models.Collections.OTP, options.Collection())
|
||||
err := otpCollection.FindOne(ctx, bson.M{"phone_number": phoneNumber}).Decode(&otp)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
|
||||
@@ -118,6 +118,12 @@ func NewProvider() (*provider, error) {
|
||||
Options: options.Index().SetUnique(true).SetSparse(true),
|
||||
},
|
||||
}, options.CreateIndexes())
|
||||
otpCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
|
||||
{
|
||||
Keys: bson.M{"phone_number": 1},
|
||||
Options: options.Index().SetUnique(true).SetSparse(true),
|
||||
},
|
||||
}, options.CreateIndexes())
|
||||
|
||||
return &provider{
|
||||
db: mongodb,
|
||||
|
||||
@@ -16,6 +16,11 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
// DeleteOTP to delete otp
|
||||
func (p *provider) DeleteOTP(ctx context.Context, otp *models.OTP) error {
|
||||
return nil
|
||||
|
||||
@@ -82,6 +82,8 @@ type Provider interface {
|
||||
UpsertOTP(ctx context.Context, otp *models.OTP) (*models.OTP, error)
|
||||
// GetOTPByEmail to get otp for a given email address
|
||||
GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error)
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error)
|
||||
// DeleteOTP to delete otp
|
||||
DeleteOTP(ctx context.Context, otp *models.OTP) error
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@ package sql
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/db/models"
|
||||
@@ -14,13 +15,19 @@ func (p *provider) UpsertOTP(ctx context.Context, otp *models.OTP) (*models.OTP,
|
||||
if otp.ID == "" {
|
||||
otp.ID = uuid.New().String()
|
||||
}
|
||||
|
||||
// check if email or phone number is present
|
||||
if otp.Email == "" && otp.PhoneNumber == "" {
|
||||
return nil, errors.New("email or phone_number is required")
|
||||
}
|
||||
uniqueField := models.FieldNameEmail
|
||||
if otp.Email == "" && otp.PhoneNumber != "" {
|
||||
uniqueField = models.FieldNamePhoneNumber
|
||||
}
|
||||
otp.Key = otp.ID
|
||||
otp.CreatedAt = time.Now().Unix()
|
||||
otp.UpdatedAt = time.Now().Unix()
|
||||
|
||||
res := p.db.Clauses(clause.OnConflict{
|
||||
Columns: []clause.Column{{Name: "email"}},
|
||||
Columns: []clause.Column{{Name: uniqueField}},
|
||||
DoUpdates: clause.AssignmentColumns([]string{"otp", "expires_at", "updated_at"}),
|
||||
}).Create(&otp)
|
||||
if res.Error != nil {
|
||||
@@ -33,7 +40,6 @@ func (p *provider) UpsertOTP(ctx context.Context, otp *models.OTP) (*models.OTP,
|
||||
// GetOTPByEmail to get otp for a given email address
|
||||
func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*models.OTP, error) {
|
||||
var otp models.OTP
|
||||
|
||||
result := p.db.Where("email = ?", emailAddress).First(&otp)
|
||||
if result.Error != nil {
|
||||
return nil, result.Error
|
||||
@@ -41,6 +47,16 @@ func (p *provider) GetOTPByEmail(ctx context.Context, emailAddress string) (*mod
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
// GetOTPByPhoneNumber to get otp for a given phone number
|
||||
func (p *provider) GetOTPByPhoneNumber(ctx context.Context, phoneNumber string) (*models.OTP, error) {
|
||||
var otp models.OTP
|
||||
result := p.db.Where("phone_number = ?", phoneNumber).First(&otp)
|
||||
if result.Error != nil {
|
||||
return nil, result.Error
|
||||
}
|
||||
return &otp, nil
|
||||
}
|
||||
|
||||
// DeleteOTP to delete otp
|
||||
func (p *provider) DeleteOTP(ctx context.Context, otp *models.OTP) error {
|
||||
result := p.db.Delete(&models.OTP{
|
||||
|
||||
64
server/env/env.go
vendored
64
server/env/env.go
vendored
@@ -104,6 +104,13 @@ func InitAllEnv() error {
|
||||
osDisableStrongPassword := os.Getenv(constants.EnvKeyDisableStrongPassword)
|
||||
osEnforceMultiFactorAuthentication := os.Getenv(constants.EnvKeyEnforceMultiFactorAuthentication)
|
||||
osDisableMultiFactorAuthentication := os.Getenv(constants.EnvKeyDisableMultiFactorAuthentication)
|
||||
// phone verification var
|
||||
osDisablePhoneVerification := os.Getenv(constants.EnvKeyDisablePhoneVerification)
|
||||
// twilio vars
|
||||
osTwilioApiKey := os.Getenv(constants.EnvKeyTwilioAPIKey)
|
||||
osTwilioApiSecret := os.Getenv(constants.EnvKeyTwilioAPISecret)
|
||||
osTwilioAccountSid := os.Getenv(constants.EnvKeyTwilioAccountSID)
|
||||
osTwilioSender := os.Getenv(constants.EnvKeyTwilioSender)
|
||||
|
||||
// os slice vars
|
||||
osAllowedOrigins := os.Getenv(constants.EnvKeyAllowedOrigins)
|
||||
@@ -136,6 +143,7 @@ func InitAllEnv() error {
|
||||
if val, ok := envData[constants.EnvAwsRegion]; !ok || val == "" {
|
||||
envData[constants.EnvAwsRegion] = osAwsRegion
|
||||
}
|
||||
|
||||
if osAwsRegion != "" && envData[constants.EnvAwsRegion] != osAwsRegion {
|
||||
envData[constants.EnvAwsRegion] = osAwsRegion
|
||||
}
|
||||
@@ -591,7 +599,7 @@ func InitAllEnv() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
|
||||
if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin] {
|
||||
envData[constants.EnvKeyDisableMagicLinkLogin] = boolValue
|
||||
}
|
||||
}
|
||||
@@ -681,11 +689,11 @@ func InitAllEnv() error {
|
||||
envData[constants.EnvKeyIsEmailServiceEnabled] = false
|
||||
}
|
||||
|
||||
if envData[constants.EnvKeySmtpHost] != "" || envData[constants.EnvKeySmtpUsername] != "" || envData[constants.EnvKeySmtpPassword] != "" || envData[constants.EnvKeySenderEmail] != "" && envData[constants.EnvKeySmtpPort] != "" {
|
||||
if envData[constants.EnvKeySmtpHost] != "" && envData[constants.EnvKeySmtpUsername] != "" && envData[constants.EnvKeySmtpPassword] != "" && envData[constants.EnvKeySenderEmail] != "" && envData[constants.EnvKeySmtpPort] != "" {
|
||||
envData[constants.EnvKeyIsEmailServiceEnabled] = true
|
||||
}
|
||||
|
||||
if envData[constants.EnvKeyEnforceMultiFactorAuthentication].(bool) && !envData[constants.EnvKeyIsEmailServiceEnabled].(bool) {
|
||||
if envData[constants.EnvKeyEnforceMultiFactorAuthentication].(bool) && !envData[constants.EnvKeyIsEmailServiceEnabled].(bool) && !envData[constants.EnvKeyIsSMSServiceEnabled].(bool) {
|
||||
return errors.New("to enable multi factor authentication, please enable email service")
|
||||
}
|
||||
|
||||
@@ -767,6 +775,56 @@ func InitAllEnv() error {
|
||||
envData[constants.EnvKeyDefaultAuthorizeResponseMode] = osAuthorizeResponseMode
|
||||
}
|
||||
|
||||
if val, ok := envData[constants.EnvKeyTwilioAPISecret]; !ok || val == "" {
|
||||
envData[constants.EnvKeyTwilioAPISecret] = osTwilioApiSecret
|
||||
}
|
||||
if osTwilioApiSecret != "" && envData[constants.EnvKeyTwilioAPISecret] != osTwilioApiSecret {
|
||||
envData[constants.EnvKeyTwilioAPISecret] = osTwilioApiSecret
|
||||
}
|
||||
|
||||
if val, ok := envData[constants.EnvKeyTwilioAPIKey]; !ok || val == "" {
|
||||
envData[constants.EnvKeyTwilioAPIKey] = osTwilioApiKey
|
||||
}
|
||||
if osTwilioApiKey != "" && envData[constants.EnvKeyTwilioAPIKey] != osTwilioApiKey {
|
||||
envData[constants.EnvKeyTwilioAPIKey] = osTwilioApiKey
|
||||
}
|
||||
|
||||
if val, ok := envData[constants.EnvKeyTwilioAccountSID]; !ok || val == "" {
|
||||
envData[constants.EnvKeyTwilioAccountSID] = osTwilioAccountSid
|
||||
}
|
||||
if osTwilioAccountSid != "" && envData[constants.EnvKeyTwilioAccountSID] != osTwilioAccountSid {
|
||||
envData[constants.EnvKeyTwilioAccountSID] = osTwilioAccountSid
|
||||
}
|
||||
|
||||
if val, ok := envData[constants.EnvKeyTwilioSender]; !ok || val == "" {
|
||||
envData[constants.EnvKeyTwilioSender] = osTwilioSender
|
||||
}
|
||||
if osTwilioSender != "" && envData[constants.EnvKeyTwilioSender] != osTwilioSender {
|
||||
envData[constants.EnvKeyTwilioSender] = osTwilioSender
|
||||
}
|
||||
|
||||
if _, ok := envData[constants.EnvKeyDisablePhoneVerification]; !ok {
|
||||
envData[constants.EnvKeyDisablePhoneVerification] = osDisablePhoneVerification == "false"
|
||||
}
|
||||
if osDisablePhoneVerification != "" {
|
||||
boolValue, err := strconv.ParseBool(osDisablePhoneVerification)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if boolValue != envData[constants.EnvKeyDisablePhoneVerification] {
|
||||
envData[constants.EnvKeyDisablePhoneVerification] = boolValue
|
||||
}
|
||||
}
|
||||
|
||||
if envData[constants.EnvKeyTwilioAPIKey] == "" || envData[constants.EnvKeyTwilioAPISecret] == "" || envData[constants.EnvKeyTwilioAccountSID] == "" || envData[constants.EnvKeyTwilioSender] == "" {
|
||||
envData[constants.EnvKeyDisablePhoneVerification] = true
|
||||
envData[constants.EnvKeyIsSMSServiceEnabled] = false
|
||||
}
|
||||
if envData[constants.EnvKeyTwilioAPIKey] != "" && envData[constants.EnvKeyTwilioAPISecret] != "" && envData[constants.EnvKeyTwilioAccountSID] != "" && envData[constants.EnvKeyTwilioSender] != "" {
|
||||
envData[constants.EnvKeyDisablePhoneVerification] = false
|
||||
envData[constants.EnvKeyIsSMSServiceEnabled] = true
|
||||
}
|
||||
|
||||
err = memorystore.Provider.UpdateEnvStore(envData)
|
||||
if err != nil {
|
||||
log.Debug("Error while updating env store: ", err)
|
||||
|
||||
2
server/env/persist_env.go
vendored
2
server/env/persist_env.go
vendored
@@ -200,7 +200,7 @@ func PersistEnv() error {
|
||||
envValue := strings.TrimSpace(os.Getenv(key))
|
||||
if envValue != "" {
|
||||
switch key {
|
||||
case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure:
|
||||
case constants.EnvKeyIsProd, constants.EnvKeyDisableBasicAuthentication, constants.EnvKeyDisableMobileBasicAuthentication, constants.EnvKeyDisableEmailVerification, constants.EnvKeyDisableLoginPage, constants.EnvKeyDisableMagicLinkLogin, constants.EnvKeyDisableSignUp, constants.EnvKeyDisableRedisForEnv, constants.EnvKeyDisableStrongPassword, constants.EnvKeyIsEmailServiceEnabled, constants.EnvKeyIsSMSServiceEnabled, constants.EnvKeyEnforceMultiFactorAuthentication, constants.EnvKeyDisableMultiFactorAuthentication, constants.EnvKeyAdminCookieSecure, constants.EnvKeyAppCookieSecure, constants.EnvKeyDisablePhoneVerification:
|
||||
if envValueBool, err := strconv.ParseBool(envValue); err == nil {
|
||||
if value.(bool) != envValueBool {
|
||||
storeData[key] = envValueBool
|
||||
|
||||
@@ -5,7 +5,7 @@ go 1.16
|
||||
require (
|
||||
github.com/99designs/gqlgen v0.17.20
|
||||
github.com/arangodb/go-driver v1.2.1
|
||||
github.com/aws/aws-sdk-go v1.44.109
|
||||
github.com/aws/aws-sdk-go v1.44.298
|
||||
github.com/coreos/go-oidc/v3 v3.1.0
|
||||
github.com/couchbase/gocb/v2 v2.6.0
|
||||
github.com/gin-gonic/gin v1.8.1
|
||||
@@ -17,7 +17,7 @@ require (
|
||||
github.com/golang/protobuf v1.5.2 // indirect
|
||||
github.com/google/go-cmp v0.5.6 // indirect
|
||||
github.com/google/uuid v1.3.0
|
||||
github.com/guregu/dynamo v1.16.0
|
||||
github.com/guregu/dynamo v1.20.0
|
||||
github.com/joho/godotenv v1.3.0
|
||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
|
||||
github.com/pelletier/go-toml/v2 v2.0.5 // indirect
|
||||
@@ -25,6 +25,7 @@ require (
|
||||
github.com/robertkrimen/otto v0.0.0-20211024170158-b87d35c0b86f
|
||||
github.com/sirupsen/logrus v1.8.1
|
||||
github.com/stretchr/testify v1.8.0
|
||||
github.com/twilio/twilio-go v1.7.2
|
||||
github.com/vektah/gqlparser/v2 v2.5.1
|
||||
go.mongodb.org/mongo-driver v1.8.1
|
||||
golang.org/x/crypto v0.4.0
|
||||
|
||||
@@ -51,9 +51,9 @@ github.com/arangodb/go-velocypack v0.0.0-20200318135517-5af53c29c67e h1:Xg+hGrY2
|
||||
github.com/arangodb/go-velocypack v0.0.0-20200318135517-5af53c29c67e/go.mod h1:mq7Shfa/CaixoDxiyAAc5jZ6CVBAyPaNQCGS7mkj4Ho=
|
||||
github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q=
|
||||
github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE=
|
||||
github.com/aws/aws-sdk-go v1.42.47/go.mod h1:OGr6lGMAKGlG9CVrYnWYDKIyb829c6EVBRjxqjmPepc=
|
||||
github.com/aws/aws-sdk-go v1.44.109 h1:+Na5JPeS0kiEHoBp5Umcuuf+IDqXqD0lXnM920E31YI=
|
||||
github.com/aws/aws-sdk-go v1.44.109/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
||||
github.com/aws/aws-sdk-go v1.44.298 h1:5qTxdubgV7PptZJmp/2qDwD2JL187ePL7VOxsSh1i3g=
|
||||
github.com/aws/aws-sdk-go v1.44.298/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
|
||||
github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932 h1:mXoPYz/Ul5HYEDvkta6I8/rnYM5gSdSV2tJ6XbZuEtY=
|
||||
github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k=
|
||||
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY=
|
||||
@@ -62,8 +62,8 @@ github.com/bsm/ginkgo/v2 v2.7.0 h1:ItPMPH90RbmZJt5GtkcNvIRuGEdwlBItdNVoyzaNQao=
|
||||
github.com/bsm/ginkgo/v2 v2.7.0/go.mod h1:AiKlXPm7ItEHNc/2+OkrNG4E0ITzojb9/xWzvQ9XZ9w=
|
||||
github.com/bsm/gomega v1.26.0 h1:LhQm+AFcgV2M0WyKroMASzAzCAJVpAxQXv4SaI9a69Y=
|
||||
github.com/bsm/gomega v1.26.0/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
|
||||
github.com/cenkalti/backoff/v4 v4.1.2 h1:6Yo7N8UP2K6LWZnW94DLVSSrbobcWdVzAYOisuDPIFo=
|
||||
github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
|
||||
github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
|
||||
github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
|
||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
||||
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||
@@ -129,8 +129,6 @@ github.com/goccy/go-json v0.9.11 h1:/pAaQDLHEoCq/5FFmSKBswWmK6H0e8g4159Kc/X/nqk=
|
||||
github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
|
||||
github.com/gocql/gocql v1.2.0 h1:TZhsCd7fRuye4VyHr3WCvWwIQaZUmjsqnSIXK9FcVCE=
|
||||
github.com/gocql/gocql v1.2.0/go.mod h1:3gM2c4D3AnkISwBxGnMMsS8Oy4y2lhbPRsH4xnJrHG8=
|
||||
github.com/gofrs/uuid v4.2.0+incompatible h1:yyYWMnhkhrKwwr8gAOcOCYxOOscHgDS9yZgBrnJfGa0=
|
||||
github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
|
||||
github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
|
||||
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
|
||||
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
|
||||
@@ -151,6 +149,8 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt
|
||||
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
|
||||
github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
|
||||
github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
|
||||
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
@@ -203,8 +203,8 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+
|
||||
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
|
||||
github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
|
||||
github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
|
||||
github.com/guregu/dynamo v1.16.0 h1:gmI8oi1VHwYQtq7+RPBeOiSssVLgxH/Az2t+NtDtL2c=
|
||||
github.com/guregu/dynamo v1.16.0/go.mod h1:W2Gqcf3MtkrS+Q6fHPGAmRtT0Dyq+TGrqfqrUC9+R/c=
|
||||
github.com/guregu/dynamo v1.20.0 h1:PDdVVhRSXQFFIHlkhoKF6D8kiwI9IU6uUdz/fF6Iiy4=
|
||||
github.com/guregu/dynamo v1.20.0/go.mod h1:YQ92BTYVSMIKpFEzhaVqmCJnnSIGxbNF5zvECUaEZRE=
|
||||
github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed h1:5upAirOpQc1Q53c0bnx2ufif5kANL7bfZWcc6VJWJd8=
|
||||
github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4=
|
||||
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
@@ -251,6 +251,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
|
||||
github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
|
||||
github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
|
||||
github.com/localtunnel/go-localtunnel v0.0.0-20170326223115-8a804488f275 h1:IZycmTpoUtQK3PD60UYBwjaCUHUP7cML494ao9/O8+Q=
|
||||
github.com/localtunnel/go-localtunnel v0.0.0-20170326223115-8a804488f275/go.mod h1:zt6UU74K6Z6oMOYJbJzYpYucqdcQwSMPBEdSvGiaUMw=
|
||||
github.com/logrusorgru/aurora/v3 v3.0.0/go.mod h1:vsR12bk5grlLvLXAYrBsb5Oc/N+LxAlxggSjiwMnCUc=
|
||||
github.com/matryer/moq v0.2.7/go.mod h1:kITsx543GOENm48TUAQyJ9+SAvFSr7iGQXPoth/VUBk=
|
||||
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
|
||||
@@ -271,6 +273,7 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY
|
||||
github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8=
|
||||
github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc=
|
||||
github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
|
||||
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
|
||||
github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo=
|
||||
github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg=
|
||||
github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas=
|
||||
@@ -316,6 +319,8 @@ github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PK
|
||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||
github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
|
||||
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
|
||||
github.com/twilio/twilio-go v1.7.2 h1:tX38DXbSuDWWIK+tKAE2AJSMR6d8i7lf9ksY8J29VLE=
|
||||
github.com/twilio/twilio-go v1.7.2/go.mod h1:tdnfQ5TjbewoAu4lf9bMsGvfuJ/QU9gYuv9yx3TSIXU=
|
||||
github.com/ugorji/go v1.2.7 h1:qYhyWUUd6WbiM+C6JZAUkIJt/1WrjzNHY9+KCIjVqTo=
|
||||
github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
|
||||
github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0=
|
||||
@@ -338,6 +343,7 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
|
||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
|
||||
github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
|
||||
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||
go.mongodb.org/mongo-driver v1.8.1 h1:OZE4Wni/SJlrcmSIBRYNzunX5TKxjrTS4jKSnA99oKU=
|
||||
@@ -392,6 +398,7 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB
|
||||
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
@@ -425,14 +432,15 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R
|
||||
golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
|
||||
golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||
golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/net v0.3.0 h1:VWL6FNY2bEEmsGVKabSlHu5Irp34xmMRoqb/9lF9lxk=
|
||||
golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
|
||||
golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE=
|
||||
golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
|
||||
golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
@@ -451,8 +459,9 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ
|
||||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220923202941-7f9b1623fab7 h1:ZrnxWX62AgTKOSagEqxvb3ffipvEDX2pl7E1TdqLqIc=
|
||||
golang.org/x/sync v0.0.0-20220923202941-7f9b1623fab7/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
|
||||
golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
|
||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
@@ -483,7 +492,9 @@ golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
@@ -495,12 +506,16 @@ golang.org/x/sys v0.0.0-20220224120231-95c6836cb0e7/go.mod h1:oPkhp1MJrh7nUepCBc
|
||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ=
|
||||
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
|
||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
@@ -510,8 +525,10 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
|
||||
golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM=
|
||||
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
|
||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
@@ -558,6 +575,7 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc
|
||||
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||
golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||
golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||
golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
|
||||
golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
@@ -651,6 +669,7 @@ gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
|
||||
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -26,13 +26,14 @@ type AdminSignupInput struct {
|
||||
}
|
||||
|
||||
type AuthResponse struct {
|
||||
Message string `json:"message"`
|
||||
ShouldShowOtpScreen *bool `json:"should_show_otp_screen"`
|
||||
AccessToken *string `json:"access_token"`
|
||||
IDToken *string `json:"id_token"`
|
||||
RefreshToken *string `json:"refresh_token"`
|
||||
ExpiresIn *int64 `json:"expires_in"`
|
||||
User *User `json:"user"`
|
||||
Message string `json:"message"`
|
||||
ShouldShowEmailOtpScreen *bool `json:"should_show_email_otp_screen"`
|
||||
ShouldShowMobileOtpScreen *bool `json:"should_show_mobile_otp_screen"`
|
||||
AccessToken *string `json:"access_token"`
|
||||
IDToken *string `json:"id_token"`
|
||||
RefreshToken *string `json:"refresh_token"`
|
||||
ExpiresIn *int64 `json:"expires_in"`
|
||||
User *User `json:"user"`
|
||||
}
|
||||
|
||||
type DeleteEmailTemplateRequest struct {
|
||||
@@ -144,7 +145,8 @@ type GenerateJWTKeysResponse struct {
|
||||
}
|
||||
|
||||
type GetUserRequest struct {
|
||||
ID string `json:"id"`
|
||||
ID *string `json:"id"`
|
||||
Email *string `json:"email"`
|
||||
}
|
||||
|
||||
type InviteMemberInput struct {
|
||||
@@ -244,8 +246,9 @@ type PaginationInput struct {
|
||||
}
|
||||
|
||||
type ResendOTPRequest struct {
|
||||
Email string `json:"email"`
|
||||
State *string `json:"state"`
|
||||
Email *string `json:"email"`
|
||||
PhoneNumber *string `json:"phone_number"`
|
||||
State *string `json:"state"`
|
||||
}
|
||||
|
||||
type ResendVerifyEmailInput struct {
|
||||
@@ -264,6 +267,15 @@ type Response struct {
|
||||
Message string `json:"message"`
|
||||
}
|
||||
|
||||
type SMSVerificationRequests struct {
|
||||
ID string `json:"id"`
|
||||
Code string `json:"code"`
|
||||
CodeExpiresAt int64 `json:"code_expires_at"`
|
||||
PhoneNumber string `json:"phone_number"`
|
||||
CreatedAt int64 `json:"created_at"`
|
||||
UpdatedAt *int64 `json:"updated_at"`
|
||||
}
|
||||
|
||||
type SessionQueryInput struct {
|
||||
Roles []string `json:"roles"`
|
||||
Scope []string `json:"scope"`
|
||||
@@ -445,6 +457,15 @@ type ValidateJWTTokenResponse struct {
|
||||
Claims map[string]interface{} `json:"claims"`
|
||||
}
|
||||
|
||||
type ValidateSessionInput struct {
|
||||
Cookie string `json:"cookie"`
|
||||
Roles []string `json:"roles"`
|
||||
}
|
||||
|
||||
type ValidateSessionResponse struct {
|
||||
IsValid bool `json:"is_valid"`
|
||||
}
|
||||
|
||||
type VerificationRequest struct {
|
||||
ID string `json:"id"`
|
||||
Identifier *string `json:"identifier"`
|
||||
@@ -468,9 +489,10 @@ type VerifyEmailInput struct {
|
||||
}
|
||||
|
||||
type VerifyOTPRequest struct {
|
||||
Email string `json:"email"`
|
||||
Otp string `json:"otp"`
|
||||
State *string `json:"state"`
|
||||
Email *string `json:"email"`
|
||||
PhoneNumber *string `json:"phone_number"`
|
||||
Otp string `json:"otp"`
|
||||
State *string `json:"state"`
|
||||
}
|
||||
|
||||
type Webhook struct {
|
||||
|
||||
@@ -75,6 +75,15 @@ type VerificationRequests {
|
||||
verification_requests: [VerificationRequest!]!
|
||||
}
|
||||
|
||||
type SMSVerificationRequests {
|
||||
id: ID!
|
||||
code: String!
|
||||
code_expires_at: Int64!
|
||||
phone_number: String!
|
||||
created_at: Int64!
|
||||
updated_at: Int64
|
||||
}
|
||||
|
||||
type Error {
|
||||
message: String!
|
||||
reason: String!
|
||||
@@ -82,7 +91,8 @@ type Error {
|
||||
|
||||
type AuthResponse {
|
||||
message: String!
|
||||
should_show_otp_screen: Boolean
|
||||
should_show_email_otp_screen: Boolean
|
||||
should_show_mobile_otp_screen: Boolean
|
||||
access_token: String
|
||||
id_token: String
|
||||
refresh_token: String
|
||||
@@ -168,6 +178,10 @@ type ValidateJWTTokenResponse {
|
||||
claims: Map
|
||||
}
|
||||
|
||||
type ValidateSessionResponse {
|
||||
is_valid: Boolean!
|
||||
}
|
||||
|
||||
type GenerateJWTKeysResponse {
|
||||
secret: String
|
||||
public_key: String
|
||||
@@ -460,6 +474,11 @@ input ValidateJWTTokenInput {
|
||||
roles: [String!]
|
||||
}
|
||||
|
||||
input ValidateSessionInput {
|
||||
cookie: String!
|
||||
roles: [String!]
|
||||
}
|
||||
|
||||
input GenerateJWTKeysInput {
|
||||
type: String!
|
||||
}
|
||||
@@ -520,7 +539,9 @@ input DeleteEmailTemplateRequest {
|
||||
}
|
||||
|
||||
input VerifyOTPRequest {
|
||||
email: String!
|
||||
# either email or phone_number is required
|
||||
email: String
|
||||
phone_number: String
|
||||
otp: String!
|
||||
# state is used for authorization code grant flow
|
||||
# it is used to get code for an on-going auth process during login
|
||||
@@ -529,7 +550,8 @@ input VerifyOTPRequest {
|
||||
}
|
||||
|
||||
input ResendOTPRequest {
|
||||
email: String!
|
||||
email: String
|
||||
phone_number: String
|
||||
# state is used for authorization code grant flow
|
||||
# it is used to get code for an on-going auth process during login
|
||||
# and use that code for setting `c_hash` in id_token
|
||||
@@ -537,7 +559,8 @@ input ResendOTPRequest {
|
||||
}
|
||||
|
||||
input GetUserRequest {
|
||||
id: String!
|
||||
id: String
|
||||
email: String
|
||||
}
|
||||
|
||||
type Mutation {
|
||||
@@ -580,6 +603,7 @@ type Query {
|
||||
session(params: SessionQueryInput): AuthResponse!
|
||||
profile: User!
|
||||
validate_jwt_token(params: ValidateJWTTokenInput!): ValidateJWTTokenResponse!
|
||||
validate_session(params: ValidateSessionInput): ValidateSessionResponse!
|
||||
# admin only apis
|
||||
_users(params: PaginatedInput): Users!
|
||||
_user(params: GetUserRequest!): User!
|
||||
|
||||
@@ -186,6 +186,11 @@ func (r *queryResolver) ValidateJwtToken(ctx context.Context, params model.Valid
|
||||
return resolvers.ValidateJwtTokenResolver(ctx, params)
|
||||
}
|
||||
|
||||
// ValidateSession is the resolver for the validate_session field.
|
||||
func (r *queryResolver) ValidateSession(ctx context.Context, params *model.ValidateSessionInput) (*model.ValidateSessionResponse, error) {
|
||||
return resolvers.ValidateSessionResolver(ctx, params)
|
||||
}
|
||||
|
||||
// Users is the resolver for the _users field.
|
||||
func (r *queryResolver) Users(ctx context.Context, params *model.PaginatedInput) (*model.Users, error) {
|
||||
return resolvers.UsersResolver(ctx, params)
|
||||
|
||||
@@ -84,9 +84,9 @@ func AuthorizeHandler() gin.HandlerFunc {
|
||||
|
||||
if responseMode == "" {
|
||||
if val, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultAuthorizeResponseMode); err == nil {
|
||||
responseType = val
|
||||
responseMode = val
|
||||
} else {
|
||||
responseType = constants.ResponseModeQuery
|
||||
responseMode = constants.ResponseModeQuery
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -452,7 +452,7 @@ func processFacebookUserInfo(code string) (models.User, error) {
|
||||
userRawData := make(map[string]interface{})
|
||||
json.Unmarshal(body, &userRawData)
|
||||
|
||||
email := fmt.Sprintf("%v", userRawData["sub"])
|
||||
email := fmt.Sprintf("%v", userRawData["email"])
|
||||
|
||||
picObject := userRawData["picture"].(map[string]interface{})["data"]
|
||||
picDataObject := picObject.(map[string]interface{})
|
||||
|
||||
@@ -33,6 +33,7 @@ func InitMemStore() error {
|
||||
constants.EnvKeyDisableSignUp: false,
|
||||
constants.EnvKeyDisableStrongPassword: false,
|
||||
constants.EnvKeyIsEmailServiceEnabled: false,
|
||||
constants.EnvKeyIsSMSServiceEnabled: false,
|
||||
constants.EnvKeyEnforceMultiFactorAuthentication: false,
|
||||
constants.EnvKeyDisableMultiFactorAuthentication: false,
|
||||
constants.EnvKeyAppCookieSecure: true,
|
||||
|
||||
@@ -9,6 +9,10 @@ import (
|
||||
log "github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
const (
|
||||
dialTimeout = 60 * time.Second
|
||||
)
|
||||
|
||||
// RedisClient is the interface for redis client & redis cluster client
|
||||
type RedisClient interface {
|
||||
HMSet(ctx context.Context, key string, values ...interface{}) *redis.BoolCmd
|
||||
@@ -41,8 +45,7 @@ func NewRedisProvider(redisURL string) (*provider, error) {
|
||||
urls := []string{opt.Addr}
|
||||
urlList := redisURLHostPortsList[1:]
|
||||
urls = append(urls, urlList...)
|
||||
clusterOpt := &redis.ClusterOptions{Addrs: urls}
|
||||
|
||||
clusterOpt := &redis.ClusterOptions{Addrs: urls, DialTimeout: dialTimeout}
|
||||
rdb := redis.NewClusterClient(clusterOpt)
|
||||
ctx := context.Background()
|
||||
_, err = rdb.Ping(ctx).Result()
|
||||
@@ -62,7 +65,7 @@ func NewRedisProvider(redisURL string) (*provider, error) {
|
||||
log.Debug("error parsing redis url: ", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
opt.DialTimeout = dialTimeout
|
||||
rdb := redis.NewClient(opt)
|
||||
ctx := context.Background()
|
||||
_, err = rdb.Ping(ctx).Result()
|
||||
|
||||
@@ -143,7 +143,7 @@ func (c *provider) GetEnvStore() (map[string]interface{}, error) {
|
||||
return nil, err
|
||||
}
|
||||
for key, value := range data {
|
||||
if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableMobileBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication || key == constants.EnvKeyAppCookieSecure || key == constants.EnvKeyAdminCookieSecure {
|
||||
if key == constants.EnvKeyDisableBasicAuthentication || key == constants.EnvKeyDisableMobileBasicAuthentication || key == constants.EnvKeyDisableEmailVerification || key == constants.EnvKeyDisableLoginPage || key == constants.EnvKeyDisableMagicLinkLogin || key == constants.EnvKeyDisableRedisForEnv || key == constants.EnvKeyDisableSignUp || key == constants.EnvKeyDisableStrongPassword || key == constants.EnvKeyIsEmailServiceEnabled || key == constants.EnvKeyIsSMSServiceEnabled || key == constants.EnvKeyEnforceMultiFactorAuthentication || key == constants.EnvKeyDisableMultiFactorAuthentication || key == constants.EnvKeyAppCookieSecure || key == constants.EnvKeyAdminCookieSecure {
|
||||
boolValue, err := strconv.ParseBool(value)
|
||||
if err != nil {
|
||||
return res, err
|
||||
|
||||
@@ -106,7 +106,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
|
||||
}
|
||||
|
||||
isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication)
|
||||
if err != nil || !isEmailServiceEnabled {
|
||||
if err != nil || !isMFADisabled {
|
||||
log.Debug("MFA service not enabled: ", err)
|
||||
}
|
||||
|
||||
@@ -136,8 +136,8 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
|
||||
}()
|
||||
|
||||
return &model.AuthResponse{
|
||||
Message: "Please check the OTP in your inbox",
|
||||
ShouldShowOtpScreen: refs.NewBoolRef(true),
|
||||
Message: "Please check the OTP in your inbox",
|
||||
ShouldShowEmailOtpScreen: refs.NewBoolRef(true),
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
@@ -17,6 +17,7 @@ import (
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/memorystore"
|
||||
"github.com/authorizerdev/authorizer/server/refs"
|
||||
"github.com/authorizerdev/authorizer/server/smsproviders"
|
||||
"github.com/authorizerdev/authorizer/server/token"
|
||||
"github.com/authorizerdev/authorizer/server/utils"
|
||||
"github.com/authorizerdev/authorizer/server/validators"
|
||||
@@ -94,55 +95,57 @@ func MobileLoginResolver(ctx context.Context, params model.MobileLoginInput) (*m
|
||||
roles = params.Roles
|
||||
}
|
||||
|
||||
disablePhoneVerification, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisablePhoneVerification)
|
||||
if err != nil {
|
||||
log.Debug("Error getting disable phone verification: ", err)
|
||||
}
|
||||
if disablePhoneVerification {
|
||||
now := time.Now().Unix()
|
||||
user.PhoneNumberVerifiedAt = &now
|
||||
}
|
||||
isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsSMSServiceEnabled)
|
||||
if err != nil || !isSMSServiceEnabled {
|
||||
log.Debug("SMS service not enabled: ", err)
|
||||
}
|
||||
if disablePhoneVerification {
|
||||
now := time.Now().Unix()
|
||||
user.PhoneNumberVerifiedAt = &now
|
||||
}
|
||||
isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication)
|
||||
if err != nil || !isMFADisabled {
|
||||
log.Debug("MFA service not enabled: ", err)
|
||||
}
|
||||
if !disablePhoneVerification && isSMSServiceEnabled && !isMFADisabled {
|
||||
duration, _ := time.ParseDuration("10m")
|
||||
smsCode := utils.GenerateOTP()
|
||||
|
||||
smsBody := strings.Builder{}
|
||||
smsBody.WriteString("Your verification code is: ")
|
||||
smsBody.WriteString(smsCode)
|
||||
_, err := db.Provider.UpsertOTP(ctx, &models.OTP{
|
||||
PhoneNumber: params.PhoneNumber,
|
||||
Otp: smsCode,
|
||||
ExpiresAt: time.Now().Add(duration).Unix(),
|
||||
})
|
||||
if err != nil {
|
||||
log.Debug("error while upserting OTP: ", err.Error())
|
||||
return nil, err
|
||||
}
|
||||
go func() {
|
||||
utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, *user)
|
||||
smsproviders.SendSMS(params.PhoneNumber, smsBody.String())
|
||||
}()
|
||||
return &model.AuthResponse{
|
||||
Message: "Please check the OTP",
|
||||
ShouldShowMobileOtpScreen: refs.NewBoolRef(true),
|
||||
}, nil
|
||||
}
|
||||
|
||||
scope := []string{"openid", "email", "profile"}
|
||||
if params.Scope != nil && len(scope) > 0 {
|
||||
scope = params.Scope
|
||||
}
|
||||
|
||||
/*
|
||||
// TODO use sms authentication for MFA
|
||||
isEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
|
||||
if err != nil || !isEmailServiceEnabled {
|
||||
log.Debug("Email service not enabled: ", err)
|
||||
}
|
||||
|
||||
isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication)
|
||||
if err != nil || !isEmailServiceEnabled {
|
||||
log.Debug("MFA service not enabled: ", err)
|
||||
}
|
||||
|
||||
// If email service is not enabled continue the process in any way
|
||||
if refs.BoolValue(user.IsMultiFactorAuthEnabled) && isEmailServiceEnabled && !isMFADisabled {
|
||||
otp := utils.GenerateOTP()
|
||||
otpData, err := db.Provider.UpsertOTP(ctx, &models.OTP{
|
||||
Email: user.Email,
|
||||
Otp: otp,
|
||||
ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
|
||||
})
|
||||
if err != nil {
|
||||
log.Debug("Failed to add otp: ", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
go func() {
|
||||
// exec it as go routine so that we can reduce the api latency
|
||||
go email.SendEmail([]string{params.PhoneNumber}, constants.VerificationTypeOTP, map[string]interface{}{
|
||||
"user": user.ToMap(),
|
||||
"organization": utils.GetOrganization(),
|
||||
"otp": otpData.Otp,
|
||||
})
|
||||
if err != nil {
|
||||
log.Debug("Failed to send otp email: ", err)
|
||||
}
|
||||
}()
|
||||
|
||||
return &model.AuthResponse{
|
||||
Message: "Please check the OTP in your inbox",
|
||||
ShouldShowOtpScreen: refs.NewBoolRef(true),
|
||||
}, nil
|
||||
}
|
||||
*/
|
||||
|
||||
code := ""
|
||||
codeChallenge := ""
|
||||
nonce := ""
|
||||
|
||||
@@ -17,6 +17,7 @@ import (
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/memorystore"
|
||||
"github.com/authorizerdev/authorizer/server/refs"
|
||||
"github.com/authorizerdev/authorizer/server/smsproviders"
|
||||
"github.com/authorizerdev/authorizer/server/token"
|
||||
"github.com/authorizerdev/authorizer/server/utils"
|
||||
"github.com/authorizerdev/authorizer/server/validators"
|
||||
@@ -91,7 +92,6 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get user by email: ", err)
|
||||
}
|
||||
|
||||
if existingUser != nil {
|
||||
if existingUser.PhoneNumberVerifiedAt != nil {
|
||||
// email is verified
|
||||
@@ -104,7 +104,6 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
|
||||
}
|
||||
|
||||
inputRoles := []string{}
|
||||
|
||||
if len(params.Roles) > 0 {
|
||||
// check if roles exists
|
||||
rolesString, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyRoles)
|
||||
@@ -131,11 +130,9 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
|
||||
}
|
||||
}
|
||||
|
||||
now := time.Now().Unix()
|
||||
user := models.User{
|
||||
Email: emailInput,
|
||||
PhoneNumber: &mobile,
|
||||
PhoneNumberVerifiedAt: &now,
|
||||
Email: emailInput,
|
||||
PhoneNumber: &mobile,
|
||||
}
|
||||
|
||||
user.Roles = strings.Join(inputRoles, ",")
|
||||
@@ -185,12 +182,54 @@ func MobileSignupResolver(ctx context.Context, params *model.MobileSignUpInput)
|
||||
user.IsMultiFactorAuthEnabled = refs.NewBoolRef(true)
|
||||
}
|
||||
|
||||
disablePhoneVerification, _ := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisablePhoneVerification)
|
||||
if disablePhoneVerification {
|
||||
now := time.Now().Unix()
|
||||
user.PhoneNumberVerifiedAt = &now
|
||||
}
|
||||
isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsSMSServiceEnabled)
|
||||
if err != nil || !isSMSServiceEnabled {
|
||||
log.Debug("SMS service not enabled: ", err)
|
||||
}
|
||||
|
||||
user.SignupMethods = constants.AuthRecipeMethodMobileBasicAuth
|
||||
user, err = db.Provider.AddUser(ctx, user)
|
||||
|
||||
if err != nil {
|
||||
log.Debug("Failed to add user: ", err)
|
||||
return res, err
|
||||
}
|
||||
if !disablePhoneVerification && isSMSServiceEnabled {
|
||||
duration, _ := time.ParseDuration("10m")
|
||||
smsCode := utils.GenerateOTP()
|
||||
|
||||
smsBody := strings.Builder{}
|
||||
smsBody.WriteString("Your verification code is: ")
|
||||
smsBody.WriteString(smsCode)
|
||||
|
||||
// TODO: For those who enabled the webhook to call their sms vendor separately - sending the otp to their api
|
||||
if err != nil {
|
||||
log.Debug("error while upserting user: ", err.Error())
|
||||
return nil, err
|
||||
}
|
||||
_, err = db.Provider.UpsertOTP(ctx, &models.OTP{
|
||||
PhoneNumber: mobile,
|
||||
Otp: smsCode,
|
||||
ExpiresAt: time.Now().Add(duration).Unix(),
|
||||
})
|
||||
if err != nil {
|
||||
log.Debug("error while upserting OTP: ", err.Error())
|
||||
return nil, err
|
||||
}
|
||||
go func() {
|
||||
smsproviders.SendSMS(mobile, smsBody.String())
|
||||
}()
|
||||
return &model.AuthResponse{
|
||||
Message: "Please check the OTP in your inbox",
|
||||
ShouldShowMobileOtpScreen: refs.NewBoolRef(true),
|
||||
}, nil
|
||||
}
|
||||
|
||||
roles := strings.Split(user.Roles, ",")
|
||||
userToReturn := user.AsAPIUser()
|
||||
|
||||
|
||||
@@ -12,23 +12,49 @@ import (
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/db"
|
||||
"github.com/authorizerdev/authorizer/server/db/models"
|
||||
"github.com/authorizerdev/authorizer/server/email"
|
||||
emailHelper "github.com/authorizerdev/authorizer/server/email"
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/memorystore"
|
||||
"github.com/authorizerdev/authorizer/server/refs"
|
||||
"github.com/authorizerdev/authorizer/server/smsproviders"
|
||||
"github.com/authorizerdev/authorizer/server/utils"
|
||||
)
|
||||
|
||||
// ResendOTPResolver is a resolver for resend otp mutation
|
||||
func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*model.Response, error) {
|
||||
email := strings.ToLower(strings.Trim(refs.StringValue(params.Email), " "))
|
||||
phoneNumber := strings.Trim(refs.StringValue(params.PhoneNumber), " ")
|
||||
log := log.WithFields(log.Fields{
|
||||
"email": params.Email,
|
||||
"email": email,
|
||||
"phone_number": phoneNumber,
|
||||
})
|
||||
params.Email = strings.ToLower(params.Email)
|
||||
user, err := db.Provider.GetUserByEmail(ctx, params.Email)
|
||||
if email == "" && phoneNumber == "" {
|
||||
log.Debug("Email or phone number is required")
|
||||
return nil, errors.New("email or phone number is required")
|
||||
}
|
||||
var user models.User
|
||||
var err error
|
||||
if email != "" {
|
||||
isEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
|
||||
if err != nil || !isEmailServiceEnabled {
|
||||
log.Debug("Email service not enabled: ", err)
|
||||
return nil, errors.New("email service not enabled")
|
||||
}
|
||||
user, err = db.Provider.GetUserByEmail(ctx, email)
|
||||
} else {
|
||||
isSMSServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
|
||||
if err != nil || !isSMSServiceEnabled {
|
||||
log.Debug("Email service not enabled: ", err)
|
||||
return nil, errors.New("email service not enabled")
|
||||
}
|
||||
// TODO fix after refs fixes
|
||||
var u *models.User
|
||||
u, err = db.Provider.GetUserByPhoneNumber(ctx, phoneNumber)
|
||||
user = *u
|
||||
}
|
||||
if err != nil {
|
||||
log.Debug("Failed to get user by email: ", err)
|
||||
return nil, fmt.Errorf(`user with this email not found`)
|
||||
return nil, fmt.Errorf(`user with this email/phone not found`)
|
||||
}
|
||||
|
||||
if user.RevokedTimestamp != nil {
|
||||
@@ -36,35 +62,38 @@ func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*mod
|
||||
return nil, fmt.Errorf(`user access has been revoked`)
|
||||
}
|
||||
|
||||
if user.EmailVerifiedAt == nil {
|
||||
if email != "" && user.EmailVerifiedAt == nil {
|
||||
log.Debug("User email is not verified")
|
||||
return nil, fmt.Errorf(`email not verified`)
|
||||
}
|
||||
|
||||
if phoneNumber != "" && user.PhoneNumberVerifiedAt == nil {
|
||||
log.Debug("User phone number is not verified")
|
||||
return nil, fmt.Errorf(`phone number not verified`)
|
||||
}
|
||||
|
||||
if !refs.BoolValue(user.IsMultiFactorAuthEnabled) {
|
||||
log.Debug("User multi factor authentication is not enabled")
|
||||
return nil, fmt.Errorf(`multi factor authentication not enabled`)
|
||||
}
|
||||
|
||||
isEmailServiceEnabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyIsEmailServiceEnabled)
|
||||
if err != nil || !isEmailServiceEnabled {
|
||||
log.Debug("Email service not enabled: ", err)
|
||||
return nil, errors.New("email service not enabled")
|
||||
}
|
||||
|
||||
isMFADisabled, err := memorystore.Provider.GetBoolStoreEnvVariable(constants.EnvKeyDisableMultiFactorAuthentication)
|
||||
if err != nil || isMFADisabled {
|
||||
log.Debug("MFA service not enabled: ", err)
|
||||
return nil, errors.New("multi factor authentication is disabled for this instance")
|
||||
}
|
||||
|
||||
// get otp by email
|
||||
otpData, err := db.Provider.GetOTPByEmail(ctx, params.Email)
|
||||
// get otp by email or phone number
|
||||
var otpData *models.OTP
|
||||
if email != "" {
|
||||
otpData, err = db.Provider.GetOTPByEmail(ctx, refs.StringValue(params.Email))
|
||||
} else {
|
||||
otpData, err = db.Provider.GetOTPByPhoneNumber(ctx, refs.StringValue(params.PhoneNumber))
|
||||
}
|
||||
if err != nil {
|
||||
log.Debug("Failed to get otp for given email: ", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if otpData == nil {
|
||||
log.Debug("No otp found for given email: ", params.Email)
|
||||
return &model.Response{
|
||||
@@ -73,28 +102,30 @@ func ResendOTPResolver(ctx context.Context, params model.ResendOTPRequest) (*mod
|
||||
}
|
||||
|
||||
otp := utils.GenerateOTP()
|
||||
otpData, err = db.Provider.UpsertOTP(ctx, &models.OTP{
|
||||
if _, err := db.Provider.UpsertOTP(ctx, &models.OTP{
|
||||
Email: user.Email,
|
||||
Otp: otp,
|
||||
ExpiresAt: time.Now().Add(1 * time.Minute).Unix(),
|
||||
})
|
||||
if err != nil {
|
||||
log.Debug("Error generating new otp: ", err)
|
||||
}); err != nil {
|
||||
log.Debug("Error upserting otp: ", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
go func() {
|
||||
if email != "" {
|
||||
// exec it as go routine so that we can reduce the api latency
|
||||
go email.SendEmail([]string{params.Email}, constants.VerificationTypeOTP, map[string]interface{}{
|
||||
go emailHelper.SendEmail([]string{email}, constants.VerificationTypeOTP, map[string]interface{}{
|
||||
"user": user.ToMap(),
|
||||
"organization": utils.GetOrganization(),
|
||||
"otp": otp,
|
||||
})
|
||||
if err != nil {
|
||||
log.Debug("Error sending otp email: ", otp)
|
||||
}
|
||||
}()
|
||||
|
||||
} else {
|
||||
smsBody := strings.Builder{}
|
||||
smsBody.WriteString("Your verification code is: ")
|
||||
smsBody.WriteString(otp)
|
||||
// exec it as go routine so that we can reduce the api latency
|
||||
go smsproviders.SendSMS(phoneNumber, smsBody.String())
|
||||
}
|
||||
log.Info("OTP has been resent")
|
||||
return &model.Response{
|
||||
Message: `OTP has been sent. Please check your inbox`,
|
||||
}, nil
|
||||
|
||||
@@ -267,6 +267,13 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
||||
updatedData[constants.EnvKeyIsEmailServiceEnabled] = true
|
||||
}
|
||||
|
||||
if updatedData[constants.EnvKeyTwilioAPIKey] == "" || updatedData[constants.EnvKeyTwilioAPISecret] == "" || updatedData[constants.EnvKeyTwilioAccountSID] == "" || updatedData[constants.EnvKeyTwilioSender] == "" {
|
||||
updatedData[constants.EnvKeyIsSMSServiceEnabled] = false
|
||||
if !updatedData[constants.EnvKeyIsSMSServiceEnabled].(bool) {
|
||||
updatedData[constants.EnvKeyDisablePhoneVerification] = true
|
||||
}
|
||||
}
|
||||
|
||||
if !currentData[constants.EnvKeyEnforceMultiFactorAuthentication].(bool) && updatedData[constants.EnvKeyEnforceMultiFactorAuthentication].(bool) && !updatedData[constants.EnvKeyDisableMultiFactorAuthentication].(bool) {
|
||||
go db.Provider.UpdateUsers(ctx, map[string]interface{}{
|
||||
"is_multi_factor_auth_enabled": true,
|
||||
|
||||
@@ -3,6 +3,7 @@ package resolvers
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
||||
@@ -20,17 +21,28 @@ func UserResolver(ctx context.Context, params model.GetUserRequest) (*model.User
|
||||
log.Debug("Failed to get GinContext: ", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if !token.IsSuperAdmin(gc) {
|
||||
log.Debug("Not logged in as super admin.")
|
||||
return nil, fmt.Errorf("unauthorized")
|
||||
}
|
||||
|
||||
res, err := db.Provider.GetUserByID(ctx, params.ID)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get users: ", err)
|
||||
return nil, err
|
||||
// Try getting user by ID
|
||||
if params.ID != nil && strings.Trim(*params.ID, " ") != "" {
|
||||
res, err := db.Provider.GetUserByID(ctx, *params.ID)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get users by ID: ", err)
|
||||
return nil, err
|
||||
}
|
||||
return res.AsAPIUser(), nil
|
||||
}
|
||||
|
||||
return res.AsAPIUser(), nil
|
||||
// Try getting user by email
|
||||
if params.Email != nil && strings.Trim(*params.Email, " ") != "" {
|
||||
res, err := db.Provider.GetUserByEmail(ctx, *params.Email)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get users by email: ", err)
|
||||
return nil, err
|
||||
}
|
||||
return res.AsAPIUser(), nil
|
||||
}
|
||||
// Return error if no params are provided
|
||||
return nil, fmt.Errorf("invalid params, user id or email is required")
|
||||
}
|
||||
|
||||
59
server/resolvers/validate_session.go
Normal file
59
server/resolvers/validate_session.go
Normal file
@@ -0,0 +1,59 @@
|
||||
package resolvers
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/cookie"
|
||||
"github.com/authorizerdev/authorizer/server/db"
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/token"
|
||||
"github.com/authorizerdev/authorizer/server/utils"
|
||||
log "github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
// ValidateSessionResolver is used to validate a cookie session without its rotation
|
||||
func ValidateSessionResolver(ctx context.Context, params *model.ValidateSessionInput) (*model.ValidateSessionResponse, error) {
|
||||
gc, err := utils.GinContextFromContext(ctx)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get GinContext: ", err)
|
||||
return nil, err
|
||||
}
|
||||
sessionToken := params.Cookie
|
||||
if sessionToken == "" {
|
||||
sessionToken, err = cookie.GetSession(gc)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get session token: ", err)
|
||||
return nil, errors.New("unauthorized")
|
||||
}
|
||||
}
|
||||
claims, err := token.ValidateBrowserSession(gc, sessionToken)
|
||||
if err != nil {
|
||||
log.Debug("Failed to validate session token", err)
|
||||
return nil, errors.New("unauthorized")
|
||||
}
|
||||
userID := claims.Subject
|
||||
log := log.WithFields(log.Fields{
|
||||
"user_id": userID,
|
||||
})
|
||||
_, err = db.Provider.GetUserByID(ctx, userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// refresh token has "roles" as claim
|
||||
claimRoleInterface := claims.Roles
|
||||
claimRoles := []string{}
|
||||
claimRoles = append(claimRoles, claimRoleInterface...)
|
||||
if params != nil && params.Roles != nil && len(params.Roles) > 0 {
|
||||
for _, v := range params.Roles {
|
||||
if !utils.StringSliceContains(claimRoles, v) {
|
||||
log.Debug("User does not have required role: ", claimRoles, v)
|
||||
return nil, fmt.Errorf(`unauthorized`)
|
||||
}
|
||||
}
|
||||
}
|
||||
return &model.ValidateSessionResponse{
|
||||
IsValid: true,
|
||||
}, nil
|
||||
}
|
||||
@@ -27,36 +27,53 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
|
||||
log.Debug("Failed to get GinContext: ", err)
|
||||
return res, err
|
||||
}
|
||||
|
||||
otp, err := db.Provider.GetOTPByEmail(ctx, params.Email)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get otp request by email: ", err)
|
||||
return res, fmt.Errorf(`invalid email: %s`, err.Error())
|
||||
if refs.StringValue(params.Email) == "" && refs.StringValue(params.PhoneNumber) == "" {
|
||||
log.Debug("Email or phone number is required")
|
||||
return res, fmt.Errorf(`email or phone_number is required`)
|
||||
}
|
||||
|
||||
currentField := models.FieldNameEmail
|
||||
if refs.StringValue(params.Email) == "" {
|
||||
currentField = models.FieldNamePhoneNumber
|
||||
}
|
||||
var otp *models.OTP
|
||||
if currentField == models.FieldNameEmail {
|
||||
otp, err = db.Provider.GetOTPByEmail(ctx, refs.StringValue(params.Email))
|
||||
} else {
|
||||
otp, err = db.Provider.GetOTPByPhoneNumber(ctx, refs.StringValue(params.PhoneNumber))
|
||||
}
|
||||
if otp == nil && err != nil {
|
||||
log.Debugf("Failed to get otp request for %s: %s", currentField, err.Error())
|
||||
return res, fmt.Errorf(`invalid %s: %s`, currentField, err.Error())
|
||||
}
|
||||
if params.Otp != otp.Otp {
|
||||
log.Debug("Failed to verify otp request: Incorrect value")
|
||||
return res, fmt.Errorf(`invalid otp`)
|
||||
}
|
||||
|
||||
expiresIn := otp.ExpiresAt - time.Now().Unix()
|
||||
|
||||
if expiresIn < 0 {
|
||||
log.Debug("Failed to verify otp request: Timeout")
|
||||
return res, fmt.Errorf("otp expired")
|
||||
}
|
||||
|
||||
user, err := db.Provider.GetUserByEmail(ctx, params.Email)
|
||||
if err != nil {
|
||||
var user models.User
|
||||
if currentField == models.FieldNameEmail {
|
||||
user, err = db.Provider.GetUserByEmail(ctx, refs.StringValue(params.Email))
|
||||
} else {
|
||||
// TODO fix after refs of db providers are fixed
|
||||
var u *models.User
|
||||
u, err = db.Provider.GetUserByPhoneNumber(ctx, refs.StringValue(params.PhoneNumber))
|
||||
user = *u
|
||||
}
|
||||
if user.ID == "" && err != nil {
|
||||
log.Debug("Failed to get user by email: ", err)
|
||||
return res, err
|
||||
}
|
||||
|
||||
isSignUp := user.EmailVerifiedAt == nil
|
||||
|
||||
isSignUp := user.EmailVerifiedAt == nil && user.PhoneNumberVerifiedAt == nil
|
||||
// TODO - Add Login method in DB when we introduce OTP for social media login
|
||||
loginMethod := constants.AuthRecipeMethodBasicAuth
|
||||
|
||||
if currentField == models.FieldNamePhoneNumber {
|
||||
loginMethod = constants.AuthRecipeMethodMobileOTP
|
||||
}
|
||||
roles := strings.Split(user.Roles, ",")
|
||||
scope := []string{"openid", "email", "profile"}
|
||||
code := ""
|
||||
|
||||
49
server/smsproviders/twilio.go
Normal file
49
server/smsproviders/twilio.go
Normal file
@@ -0,0 +1,49 @@
|
||||
package smsproviders
|
||||
|
||||
import (
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/memorystore"
|
||||
log "github.com/sirupsen/logrus"
|
||||
twilio "github.com/twilio/twilio-go"
|
||||
api "github.com/twilio/twilio-go/rest/api/v2010"
|
||||
)
|
||||
|
||||
// SendSMS util to send sms
|
||||
// TODO: Should be restructured to interface when another provider is added
|
||||
func SendSMS(sendTo, messageBody string) error {
|
||||
twilioAPISecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioAPISecret)
|
||||
if err != nil || twilioAPISecret == "" {
|
||||
log.Debug("Failed to get api secret: ", err)
|
||||
return err
|
||||
}
|
||||
twilioAPIKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioAPIKey)
|
||||
if err != nil || twilioAPIKey == "" {
|
||||
log.Debug("Failed to get api key: ", err)
|
||||
return err
|
||||
}
|
||||
twilioSenderFrom, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioSender)
|
||||
if err != nil || twilioSenderFrom == "" {
|
||||
log.Debug("Failed to get sender: ", err)
|
||||
return err
|
||||
}
|
||||
// accountSID is not a must to send sms on twilio
|
||||
twilioAccountSID, _ := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyTwilioAccountSID)
|
||||
client := twilio.NewRestClientWithParams(twilio.ClientParams{
|
||||
Username: twilioAPIKey,
|
||||
Password: twilioAPISecret,
|
||||
AccountSid: twilioAccountSID,
|
||||
})
|
||||
message := &api.CreateMessageParams{}
|
||||
message.SetBody(messageBody)
|
||||
message.SetFrom(twilioSenderFrom)
|
||||
message.SetTo(sendTo)
|
||||
|
||||
_, err = client.Api.CreateMessage(message)
|
||||
|
||||
if err != nil {
|
||||
log.Debug("Failed to send sms: ", err)
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
@@ -46,7 +46,6 @@ func TestResolvers(t *testing.T) {
|
||||
|
||||
for dbType, dbURL := range databases {
|
||||
ctx := context.Background()
|
||||
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDatabaseURL, dbURL)
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDatabaseType, dbType)
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDatabaseName, testDb)
|
||||
@@ -57,6 +56,11 @@ func TestResolvers(t *testing.T) {
|
||||
if dbType == constants.DbTypeDynamoDB {
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvAwsRegion, "ap-south-1")
|
||||
os.Setenv(constants.EnvAwsRegion, "ap-south-1")
|
||||
os.Unsetenv(constants.EnvAwsAccessKeyID)
|
||||
os.Unsetenv(constants.EnvAwsSecretAccessKey)
|
||||
// Remove aws credentials from env, so that local dynamodb can be used
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvAwsAccessKeyID, "")
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvAwsSecretAccessKey, "")
|
||||
}
|
||||
if dbType == constants.DbTypeCouchbaseDB {
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDatabaseUsername, "Administrator")
|
||||
@@ -135,6 +139,7 @@ func TestResolvers(t *testing.T) {
|
||||
validateJwtTokenTest(t, s)
|
||||
verifyOTPTest(t, s)
|
||||
resendOTPTest(t, s)
|
||||
validateSessionTests(t, s)
|
||||
|
||||
updateAllUsersTest(t, s)
|
||||
webhookLogsTest(t, s) // get logs after above resolver tests are done
|
||||
@@ -1,10 +1,9 @@
|
||||
package test
|
||||
|
||||
import (
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/db"
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/refs"
|
||||
"github.com/authorizerdev/authorizer/server/resolvers"
|
||||
@@ -25,11 +24,6 @@ func mobileLoginTests(t *testing.T, s TestSetup) {
|
||||
})
|
||||
assert.NoError(t, err)
|
||||
assert.NotNil(t, signUpRes)
|
||||
assert.Equal(t, email, signUpRes.User.Email)
|
||||
assert.Equal(t, phoneNumber, refs.StringValue(signUpRes.User.PhoneNumber))
|
||||
assert.True(t, strings.Contains(signUpRes.User.SignupMethods, constants.AuthRecipeMethodMobileBasicAuth))
|
||||
assert.Len(t, strings.Split(signUpRes.User.SignupMethods, ","), 1)
|
||||
|
||||
res, err := resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
|
||||
PhoneNumber: phoneNumber,
|
||||
Password: "random_test",
|
||||
@@ -44,15 +38,24 @@ func mobileLoginTests(t *testing.T, s TestSetup) {
|
||||
})
|
||||
assert.Error(t, err)
|
||||
assert.Nil(t, res)
|
||||
|
||||
// should fail because phone is not verified
|
||||
res, err = resolvers.MobileLoginResolver(ctx, model.MobileLoginInput{
|
||||
PhoneNumber: phoneNumber,
|
||||
Password: s.TestInfo.Password,
|
||||
})
|
||||
assert.NotNil(t, err, "should fail because phone is not verified")
|
||||
assert.Nil(t, res)
|
||||
smsRequest, err := db.Provider.GetOTPByPhoneNumber(ctx, phoneNumber)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, res.AccessToken)
|
||||
assert.NotEmpty(t, res.IDToken)
|
||||
|
||||
assert.NotEmpty(t, smsRequest.Otp)
|
||||
verifySMSRequest, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
|
||||
PhoneNumber: &phoneNumber,
|
||||
Otp: smsRequest.Otp,
|
||||
})
|
||||
assert.Nil(t, err)
|
||||
assert.NotEqual(t, verifySMSRequest.Message, "", "message should not be empty")
|
||||
assert.NotEmpty(t, verifySMSRequest.AccessToken)
|
||||
assert.NotEmpty(t, verifySMSRequest.IDToken)
|
||||
cleanData(email)
|
||||
})
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ import (
|
||||
"testing"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/db"
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/memorystore"
|
||||
"github.com/authorizerdev/authorizer/server/refs"
|
||||
@@ -65,16 +66,25 @@ func mobileSingupTest(t *testing.T, s TestSetup) {
|
||||
})
|
||||
assert.Error(t, err)
|
||||
assert.Nil(t, res)
|
||||
|
||||
phoneNumber := "1234567890"
|
||||
res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
|
||||
PhoneNumber: "1234567890",
|
||||
PhoneNumber: phoneNumber,
|
||||
Password: s.TestInfo.Password,
|
||||
ConfirmPassword: s.TestInfo.Password,
|
||||
})
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, res.AccessToken)
|
||||
assert.Equal(t, "1234567890@authorizer.dev", res.User.Email)
|
||||
|
||||
assert.NotNil(t, res)
|
||||
assert.True(t, *res.ShouldShowMobileOtpScreen)
|
||||
// Verify with otp
|
||||
otp, err := db.Provider.GetOTPByPhoneNumber(ctx, phoneNumber)
|
||||
assert.Nil(t, err)
|
||||
assert.NotEmpty(t, otp.Otp)
|
||||
otpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
|
||||
PhoneNumber: &phoneNumber,
|
||||
Otp: otp.Otp,
|
||||
})
|
||||
assert.Nil(t, err)
|
||||
assert.NotEmpty(t, otpRes.Message)
|
||||
res, err = resolvers.MobileSignupResolver(ctx, &model.MobileSignUpInput{
|
||||
PhoneNumber: "1234567890",
|
||||
Password: s.TestInfo.Password,
|
||||
|
||||
@@ -51,7 +51,7 @@ func resendOTPTest(t *testing.T, s TestSetup) {
|
||||
assert.NotNil(t, updateRes)
|
||||
// Resend otp should return error as no initial opt is being sent
|
||||
resendOtpRes, err := resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{
|
||||
Email: email,
|
||||
Email: refs.NewStringRef(email),
|
||||
})
|
||||
assert.Error(t, err)
|
||||
assert.Nil(t, resendOtpRes)
|
||||
@@ -72,7 +72,7 @@ func resendOTPTest(t *testing.T, s TestSetup) {
|
||||
|
||||
// resend otp
|
||||
resendOtpRes, err = resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{
|
||||
Email: email,
|
||||
Email: refs.NewStringRef(email),
|
||||
})
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, resendOtpRes.Message)
|
||||
@@ -84,13 +84,13 @@ func resendOTPTest(t *testing.T, s TestSetup) {
|
||||
|
||||
// Should return error for older otp
|
||||
verifyOtpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
|
||||
Email: email,
|
||||
Email: &email,
|
||||
Otp: otp.Otp,
|
||||
})
|
||||
assert.Error(t, err)
|
||||
assert.Nil(t, verifyOtpRes)
|
||||
verifyOtpRes, err = resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
|
||||
Email: email,
|
||||
Email: &email,
|
||||
Otp: newOtp.Otp,
|
||||
})
|
||||
assert.NoError(t, err)
|
||||
|
||||
@@ -126,6 +126,10 @@ func testSetup() TestSetup {
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeySmtpPassword, "test")
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeySenderEmail, "info@yopmail.com")
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyProtectedRoles, "admin")
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyTwilioAPIKey, "test")
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyTwilioAPISecret, "test")
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyTwilioAccountSID, "test")
|
||||
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyTwilioSender, "1234567890")
|
||||
|
||||
err = db.InitDB()
|
||||
if err != nil {
|
||||
|
||||
@@ -27,7 +27,7 @@ func updateWebhookTest(t *testing.T, s TestSetup) {
|
||||
webhooks, err := db.Provider.GetWebhookByEventName(ctx, constants.UserDeletedWebhookEvent)
|
||||
assert.NoError(t, err)
|
||||
assert.NotNil(t, webhooks)
|
||||
assert.Equal(t, 2, len(webhooks))
|
||||
assert.GreaterOrEqual(t, len(webhooks), 2)
|
||||
for _, webhook := range webhooks {
|
||||
// it should completely replace headers
|
||||
webhook.Headers = map[string]interface{}{
|
||||
@@ -58,7 +58,7 @@ func updateWebhookTest(t *testing.T, s TestSetup) {
|
||||
// Check if webhooks with new name is as per expected len
|
||||
accessWebhooks, err := db.Provider.GetWebhookByEventName(ctx, constants.UserAccessEnabledWebhookEvent)
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, 3, len(accessWebhooks))
|
||||
assert.GreaterOrEqual(t, len(accessWebhooks), 3)
|
||||
// Revert name change
|
||||
res, err = resolvers.UpdateWebhookResolver(ctx, model.UpdateWebhookRequest{
|
||||
ID: w.ID,
|
||||
@@ -69,7 +69,7 @@ func updateWebhookTest(t *testing.T, s TestSetup) {
|
||||
updatedWebhooks, err := db.Provider.GetWebhookByEventName(ctx, constants.UserDeletedWebhookEvent)
|
||||
assert.NoError(t, err)
|
||||
assert.NotNil(t, updatedWebhooks)
|
||||
assert.Equal(t, 2, len(updatedWebhooks))
|
||||
assert.GreaterOrEqual(t, len(updatedWebhooks), 2)
|
||||
for _, updatedWebhook := range updatedWebhooks {
|
||||
assert.Contains(t, refs.StringValue(updatedWebhook.EventName), constants.UserDeletedWebhookEvent)
|
||||
assert.Len(t, updatedWebhook.Headers, 1)
|
||||
|
||||
@@ -8,6 +8,7 @@ import (
|
||||
"github.com/authorizerdev/authorizer/server/crypto"
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/memorystore"
|
||||
"github.com/authorizerdev/authorizer/server/refs"
|
||||
"github.com/authorizerdev/authorizer/server/resolvers"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
@@ -26,7 +27,7 @@ func userTest(t *testing.T, s TestSetup) {
|
||||
assert.NotEmpty(t, res.User)
|
||||
|
||||
userRes, err := resolvers.UserResolver(ctx, model.GetUserRequest{
|
||||
ID: res.User.ID,
|
||||
ID: &res.User.ID,
|
||||
})
|
||||
assert.Nil(t, userRes)
|
||||
assert.NotNil(t, err, "unauthorized")
|
||||
@@ -36,14 +37,36 @@ func userTest(t *testing.T, s TestSetup) {
|
||||
h, err := crypto.EncryptPassword(adminSecret)
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
|
||||
|
||||
// Should throw error for invalid params
|
||||
userRes, err = resolvers.UserResolver(ctx, model.GetUserRequest{})
|
||||
assert.Nil(t, userRes)
|
||||
assert.NotNil(t, err, "invalid params, user id or email is required")
|
||||
// Should throw error for invalid params with empty id
|
||||
userRes, err = resolvers.UserResolver(ctx, model.GetUserRequest{
|
||||
ID: res.User.ID,
|
||||
ID: refs.NewStringRef(" "),
|
||||
})
|
||||
assert.Nil(t, userRes)
|
||||
assert.NotNil(t, err, "invalid params, user id or email is required")
|
||||
// Should throw error for invalid params with empty email
|
||||
userRes, err = resolvers.UserResolver(ctx, model.GetUserRequest{
|
||||
Email: refs.NewStringRef(" "),
|
||||
})
|
||||
assert.Nil(t, userRes)
|
||||
assert.NotNil(t, err, "invalid params, user id or email is required")
|
||||
// Should get user by id
|
||||
userRes, err = resolvers.UserResolver(ctx, model.GetUserRequest{
|
||||
ID: &res.User.ID,
|
||||
})
|
||||
assert.Nil(t, err)
|
||||
assert.Equal(t, res.User.ID, userRes.ID)
|
||||
assert.Equal(t, email, userRes.Email)
|
||||
// Should get user by email
|
||||
userRes, err = resolvers.UserResolver(ctx, model.GetUserRequest{
|
||||
Email: &email,
|
||||
})
|
||||
assert.Nil(t, err)
|
||||
assert.Equal(t, res.User.ID, userRes.ID)
|
||||
assert.Equal(t, email, userRes.Email)
|
||||
|
||||
cleanData(email)
|
||||
})
|
||||
}
|
||||
|
||||
61
server/test/validate_session_test.go
Normal file
61
server/test/validate_session_test.go
Normal file
@@ -0,0 +1,61 @@
|
||||
package test
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/db"
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/memorystore"
|
||||
"github.com/authorizerdev/authorizer/server/resolvers"
|
||||
"github.com/authorizerdev/authorizer/server/token"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
// ValidateSessionTests tests all the validate session resolvers
|
||||
func validateSessionTests(t *testing.T, s TestSetup) {
|
||||
t.Helper()
|
||||
t.Run(`should validate session`, func(t *testing.T) {
|
||||
req, ctx := createContext(s)
|
||||
email := "validate_session." + s.TestInfo.Email
|
||||
|
||||
resolvers.SignupResolver(ctx, model.SignUpInput{
|
||||
Email: email,
|
||||
Password: s.TestInfo.Password,
|
||||
ConfirmPassword: s.TestInfo.Password,
|
||||
})
|
||||
_, err := resolvers.ValidateSessionResolver(ctx, &model.ValidateSessionInput{})
|
||||
assert.NotNil(t, err, "unauthorized")
|
||||
verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
|
||||
assert.NoError(t, err)
|
||||
assert.NotNil(t, verificationRequest)
|
||||
verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
|
||||
Token: verificationRequest.Token,
|
||||
})
|
||||
assert.NoError(t, err)
|
||||
assert.NotNil(t, verifyRes)
|
||||
accessToken := *verifyRes.AccessToken
|
||||
assert.NotEmpty(t, accessToken)
|
||||
claims, err := token.ParseJWTToken(accessToken)
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, claims)
|
||||
sessionKey := constants.AuthRecipeMethodBasicAuth + ":" + verifyRes.User.ID
|
||||
sessionToken, err := memorystore.Provider.GetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, sessionToken)
|
||||
cookie := fmt.Sprintf("%s=%s;", constants.AppCookieName+"_session", sessionToken)
|
||||
cookie = strings.TrimSuffix(cookie, ";")
|
||||
res, err := resolvers.ValidateSessionResolver(ctx, &model.ValidateSessionInput{
|
||||
Cookie: sessionToken,
|
||||
})
|
||||
assert.Nil(t, err)
|
||||
assert.True(t, res.IsValid)
|
||||
req.Header.Set("Cookie", cookie)
|
||||
res, err = resolvers.ValidateSessionResolver(ctx, &model.ValidateSessionInput{})
|
||||
assert.Nil(t, err)
|
||||
assert.True(t, res.IsValid)
|
||||
cleanData(email)
|
||||
})
|
||||
}
|
||||
@@ -65,7 +65,7 @@ func verifyOTPTest(t *testing.T, s TestSetup) {
|
||||
assert.NotEmpty(t, otp.Otp)
|
||||
|
||||
verifyOtpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
|
||||
Email: email,
|
||||
Email: &email,
|
||||
Otp: otp.Otp,
|
||||
})
|
||||
assert.Nil(t, err)
|
||||
|
||||
@@ -28,7 +28,7 @@ func webhookTest(t *testing.T, s TestSetup) {
|
||||
webhooks, err := db.Provider.GetWebhookByEventName(ctx, constants.UserCreatedWebhookEvent)
|
||||
assert.NoError(t, err)
|
||||
assert.NotNil(t, webhooks)
|
||||
assert.Equal(t, 2, len(webhooks))
|
||||
assert.GreaterOrEqual(t, len(webhooks), 2)
|
||||
for _, webhook := range webhooks {
|
||||
res, err := resolvers.WebhookResolver(ctx, model.WebhookRequest{
|
||||
ID: webhook.ID,
|
||||
|
||||
@@ -30,6 +30,6 @@ func webhooksTest(t *testing.T, s TestSetup) {
|
||||
})
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, webhooks)
|
||||
assert.Len(t, webhooks.Webhooks, len(s.TestInfo.TestWebhookEventTypes)*2)
|
||||
assert.GreaterOrEqual(t, len(webhooks.Webhooks), len(s.TestInfo.TestWebhookEventTypes)*2)
|
||||
})
|
||||
}
|
||||
|
||||
@@ -16,6 +16,8 @@ import (
|
||||
log "github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
// RegisterEvent util to register event
|
||||
// TODO change user to user ref
|
||||
func RegisterEvent(ctx context.Context, eventName string, authRecipe string, user models.User) error {
|
||||
webhooks, err := db.Provider.GetWebhookByEventName(ctx, eventName)
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user