commit 1b61bb16cedd78fe4ef9f774e1164c9896a93a7a · julien.rbrt.fr/tangled-core

-173
appview/db/oauth.go
···

       1
       1
       -
       package db

     

       2
       2
       -
       

     

       3
       3
       -
       type OAuthRequest struct {

     

       4
       4
       -
       	ID                  uint

     

       5
       5
       -
       	AuthserverIss       string

     

       6
       6
       -
       	Handle              string

     

       7
       7
       -
       	State               string

     

       8
       8
       -
       	Did                 string

     

       9
       9
       -
       	PdsUrl              string

     

       10
       10
       -
       	PkceVerifier        string

     

       11
       11
       -
       	DpopAuthserverNonce string

     

       12
       12
       -
       	DpopPrivateJwk      string

     

       13
       13
       -
       }

     

       14
       14
       -
       

     

       15
       15
       -
       func SaveOAuthRequest(e Execer, oauthRequest OAuthRequest) error {

     

       16
       16
       -
       	_, err := e.Exec(`

     

       17
       17
       -
       		insert into oauth_requests (

     

       18
       18
       -
       			auth_server_iss,

     

       19
       19
       -
       			state,

     

       20
       20
       -
       			handle,

     

       21
       21
       -
       			did,

     

       22
       22
       -
       			pds_url,

     

       23
       23
       -
       			pkce_verifier,

     

       24
       24
       -
       			dpop_auth_server_nonce,

     

       25
       25
       -
       			dpop_private_jwk

     

       26
       26
       -
       		) values (?, ?, ?, ?, ?, ?, ?, ?)`,

     

       27
       27
       -
       		oauthRequest.AuthserverIss,

     

       28
       28
       -
       		oauthRequest.State,

     

       29
       29
       -
       		oauthRequest.Handle,

     

       30
       30
       -
       		oauthRequest.Did,

     

       31
       31
       -
       		oauthRequest.PdsUrl,

     

       32
       32
       -
       		oauthRequest.PkceVerifier,

     

       33
       33
       -
       		oauthRequest.DpopAuthserverNonce,

     

       34
       34
       -
       		oauthRequest.DpopPrivateJwk,

     

       35
       35
       -
       	)

     

       36
       36
       -
       	return err

     

       37
       37
       -
       }

     

       38
       38
       -
       

     

       39
       39
       -
       func GetOAuthRequestByState(e Execer, state string) (OAuthRequest, error) {

     

       40
       40
       -
       	var req OAuthRequest

     

       41
       41
       -
       	err := e.QueryRow(`

     

       42
       42
       -
       		select

     

       43
       43
       -
       			id,

     

       44
       44
       -
       			auth_server_iss,

     

       45
       45
       -
       			handle,

     

       46
       46
       -
       			state,

     

       47
       47
       -
       			did,

     

       48
       48
       -
       			pds_url,

     

       49
       49
       -
       			pkce_verifier,

     

       50
       50
       -
       			dpop_auth_server_nonce,

     

       51
       51
       -
       			dpop_private_jwk

     

       52
       52
       -
       		from oauth_requests

     

       53
       53
       -
       		where state = ?`, state).Scan(

     

       54
       54
       -
       		&req.ID,

     

       55
       55
       -
       		&req.AuthserverIss,

     

       56
       56
       -
       		&req.Handle,

     

       57
       57
       -
       		&req.State,

     

       58
       58
       -
       		&req.Did,

     

       59
       59
       -
       		&req.PdsUrl,

     

       60
       60
       -
       		&req.PkceVerifier,

     

       61
       61
       -
       		&req.DpopAuthserverNonce,

     

       62
       62
       -
       		&req.DpopPrivateJwk,

     

       63
       63
       -
       	)

     

       64
       64
       -
       	return req, err

     

       65
       65
       -
       }

     

       66
       66
       -
       

     

       67
       67
       -
       func DeleteOAuthRequestByState(e Execer, state string) error {

     

       68
       68
       -
       	_, err := e.Exec(`

     

       69
       69
       -
       		delete from oauth_requests

     

       70
       70
       -
       		where state = ?`, state)

     

       71
       71
       -
       	return err

     

       72
       72
       -
       }

     

       73
       73
       -
       

     

       74
       74
       -
       type OAuthSession struct {

     

       75
       75
       -
       	ID                  uint

     

       76
       76
       -
       	Handle              string

     

       77
       77
       -
       	Did                 string

     

       78
       78
       -
       	PdsUrl              string

     

       79
       79
       -
       	AccessJwt           string

     

       80
       80
       -
       	RefreshJwt          string

     

       81
       81
       -
       	AuthServerIss       string

     

       82
       82
       -
       	DpopPdsNonce        string

     

       83
       83
       -
       	DpopAuthserverNonce string

     

       84
       84
       -
       	DpopPrivateJwk      string

     

       85
       85
       -
       	Expiry              string

     

       86
       86
       -
       }

     

       87
       87
       -
       

     

       88
       88
       -
       func SaveOAuthSession(e Execer, session OAuthSession) error {

     

       89
       89
       -
       	_, err := e.Exec(`

     

       90
       90
       -
         insert into oauth_sessions (

     

       91
       91
       -
          did,

     

       92
       92
       -
          handle,

     

       93
       93
       -
          pds_url,

     

       94
       94
       -
          access_jwt,

     

       95
       95
       -
          refresh_jwt,

     

       96
       96
       -
          auth_server_iss,

     

       97
       97
       -
          dpop_auth_server_nonce,

     

       98
       98
       -
          dpop_private_jwk,

     

       99
       99
       -
          expiry

     

       100
       100
       -
         ) values (?, ?, ?, ?, ?, ?, ?, ?, ?)`,

     

       101
       101
       -
       		session.Did,

     

       102
       102
       -
       		session.Handle,

     

       103
       103
       -
       		session.PdsUrl,

     

       104
       104
       -
       		session.AccessJwt,

     

       105
       105
       -
       		session.RefreshJwt,

     

       106
       106
       -
       		session.AuthServerIss,

     

       107
       107
       -
       		session.DpopAuthserverNonce,

     

       108
       108
       -
       		session.DpopPrivateJwk,

     

       109
       109
       -
       		session.Expiry,

     

       110
       110
       -
       	)

     

       111
       111
       -
       	return err

     

       112
       112
       -
       }

     

       113
       113
       -
       

     

       114
       114
       -
       func RefreshOAuthSession(e Execer, did string, accessJwt, refreshJwt, expiry string) error {

     

       115
       115
       -
       	_, err := e.Exec(`

     

       116
       116
       -
         update oauth_sessions

     

       117
       117
       -
         set access_jwt = ?, refresh_jwt = ?, expiry = ?

     

       118
       118
       -
         where did = ?`,

     

       119
       119
       -
       		accessJwt,

     

       120
       120
       -
       		refreshJwt,

     

       121
       121
       -
       		expiry,

     

       122
       122
       -
       		did,

     

       123
       123
       -
       	)

     

       124
       124
       -
       	return err

     

       125
       125
       -
       }

     

       126
       126
       -
       

     

       127
       127
       -
       func GetOAuthSessionByDid(e Execer, did string) (*OAuthSession, error) {

     

       128
       128
       -
       	var session OAuthSession

     

       129
       129
       -
       	err := e.QueryRow(`

     

       130
       130
       -
         select

     

       131
       131
       -
          id,

     

       132
       132
       -
          did,

     

       133
       133
       -
          handle,

     

       134
       134
       -
          pds_url,

     

       135
       135
       -
          access_jwt,

     

       136
       136
       -
          refresh_jwt,

     

       137
       137
       -
          auth_server_iss,

     

       138
       138
       -
          dpop_auth_server_nonce,

     

       139
       139
       -
          dpop_private_jwk,

     

       140
       140
       -
          expiry

     

       141
       141
       -
         from oauth_sessions

     

       142
       142
       -
         where did = ?`, did).Scan(

     

       143
       143
       -
       		&session.ID,

     

       144
       144
       -
       		&session.Did,

     

       145
       145
       -
       		&session.Handle,

     

       146
       146
       -
       		&session.PdsUrl,

     

       147
       147
       -
       		&session.AccessJwt,

     

       148
       148
       -
       		&session.RefreshJwt,

     

       149
       149
       -
       		&session.AuthServerIss,

     

       150
       150
       -
       		&session.DpopAuthserverNonce,

     

       151
       151
       -
       		&session.DpopPrivateJwk,

     

       152
       152
       -
       		&session.Expiry,

     

       153
       153
       -
       	)

     

       154
       154
       -
       	return &session, err

     

       155
       155
       -
       }

     

       156
       156
       -
       

     

       157
       157
       -
       func DeleteOAuthSessionByDid(e Execer, did string) error {

     

       158
       158
       -
       	_, err := e.Exec(`

     

       159
       159
       -
         delete from oauth_sessions

     

       160
       160
       -
         where did = ?`, did)

     

       161
       161
       -
       	return err

     

       162
       162
       -
       }

     

       163
       163
       -
       

     

       164
       164
       -
       func UpdateDpopPdsNonce(e Execer, did string, dpopPdsNonce string) error {

     

       165
       165
       -
       	_, err := e.Exec(`

     

       166
       166
       -
         update oauth_sessions

     

       167
       167
       -
         set dpop_pds_nonce = ?

     

       168
       168
       -
         where did = ?`,

     

       169
       169
       -
       		dpopPdsNonce,

     

       170
       170
       -
       		did,

     

       171
       171
       -
       	)

     

       172
       172
       -
       	return err

     

       173
       173
       -
       }