add client config

2024-09-13 11:05:36 +02:00 · 2024-09-13 11:05:36 +02:00 · 2e7e4630af
commit 2e7e4630af
parent ec7eab2638
4 changed files with 68 additions and 34 deletions
--- a/Readme.md
+++ b/Readme.md
@ -2,3 +2,4 @@ Small oAuth2 Client to have an easy way to connect to Authentik

 # Links
 * https://www.oauth.com/oauth2-servers/authorization/the-authorization-request/
+* https://connect2id.com/products/server/docs/api/token
--- a/auth.go
+++ b/auth.go
@ -7,27 +7,33 @@ import (
 	"net/http"
 	"net/url"
 	"strings"
+	"time"
 )

 type Auth struct {
-	config       AuthConfig
-	clientID     string
-	clientSecret string
+	authConfig   AuthConfig
+	clientConfig ClientConfig
 }

-func NewAuthWithConfig(config AuthConfig, clientID, clientSecret string) (Auth, error) {
+type Token struct {
+	AccessToken  string `json:"access_token"`
+	TokenType    string `json:"token_type"`
+	ExpiredIn    int    `json:"expires_in"`
+	RefreshToken string `json:"refresh_token"`
+	CreatedAt    time.Time
+}
+
+func NewAuthWithConfig(config ClientConfig, authConfig AuthConfig) (Auth, error) {
 	a := Auth{}
-	a.config = config
-	a.clientID = clientID
-	a.clientSecret = clientSecret
+	a.authConfig = authConfig
+	a.clientConfig = config
 	return a, nil
 }

-func NewAuthWithConfigurationURL(url, clientID, clientSecret string) (Auth, error) {
+func NewAuthWithConfigurationURL(config ClientConfig, url string) (Auth, error) {
 	a := Auth{}
-	a.clientID = clientID
-	a.clientSecret = clientSecret
-	config := AuthConfig{}
+	a.clientConfig = config
+	authConfig := AuthConfig{}

 	res, err := http.Get(url)
 	if err != nil {
@ -40,38 +46,38 @@ func NewAuthWithConfigurationURL(url, clientID, clientSecret string) (Auth, erro
 		return Auth{}, fmt.Errorf("%w: %q", ErrCantGetConfiguratorData, err)
 	}

-	err = json.Unmarshal(bodyContent, &config)
+	err = json.Unmarshal(bodyContent, &authConfig)
 	if err != nil {
 		return Auth{}, fmt.Errorf("%w: %q", ErrCantGetConfiguratorData, err)
 	}

-	a.config = config
+	a.authConfig = authConfig
 	return a, nil
 }

-func (a Auth) GetAuthorizationURL(redirectUrl string, scope []string, state string) (string, error) {
-	if a.config.AuthorizationEndpoint == "" {
+func (a Auth) GetAuthorizationURL(state string) (string, error) {
+	if a.authConfig.AuthorizationEndpoint == "" {
 		return "", fmt.Errorf("%w: %s", ErrCantGetAuthorizationURL, "AuthorizationEndpoint in config is empty")
 	}

-	if a.clientID == "" {
+	if a.clientConfig.ClientID == "" {
 		return "", fmt.Errorf("%w: %s", ErrCantGetAuthorizationURL, "clientid in config is empty")
 	}

-	url, err := url.Parse(a.config.AuthorizationEndpoint)
+	url, err := url.Parse(a.authConfig.AuthorizationEndpoint)
 	if err != nil {
 		return "", fmt.Errorf("%w: %q", ErrCantGetAuthorizationURL, err)
 	}

 	values := url.Query()

-	values.Set("client_id", a.clientID)
-	if redirectUrl != "" {
-		values.Set("redirect_uri", redirectUrl)
+	values.Set("client_id", a.clientConfig.ClientID)
+	if a.clientConfig.RedirectURL != "" {
+		values.Set("redirect_uri", a.clientConfig.RedirectURL)
 	}

-	if len(scope) > 0 {
-		values.Set("scope", strings.Join(scope, "+"))
+	if len(a.clientConfig.Scope) > 0 {
+		values.Set("scope", strings.Join(a.clientConfig.Scope, "+"))
 	}

 	if state != "" {
@ -84,3 +90,13 @@ func (a Auth) GetAuthorizationURL(redirectUrl string, scope []string, state stri

 	return url.String(), nil
 }
+
+func (a Auth) GetTokenFromCode(code string) (Token, error) {
+	t := Token{}
+
+	form := url.Values{}
+	form.Add("grant_type", "authorization_code")
+	form.Add("code", code)
+
+	return t, nil
+}
--- a/auth_test.go
+++ b/auth_test.go
@ -8,21 +8,23 @@ import (
 )

 func TestNewAuthWithConfig(t *testing.T) {
+	clientConfig := ClientConfig{ClientID: "abc", ClientSecret: "def"}
 	config := AuthConfig{}
 	config.TokenEndpoint = "http://localhost/something"
-	client, err := NewAuthWithConfig(config, "abc", "def")
+	client, err := NewAuthWithConfig(clientConfig, config)
 	assert.Equal(t, nil, err, "should return no error while creating Auth")
-	assert.Equal(t, "http://localhost/something", client.config.TokenEndpoint, "should have currect config")
-	assert.Equal(t, "abc", client.clientID, "should have stored currect clientid")
-	assert.Equal(t, "def", client.clientSecret, "should have stored currect client secret")
+	assert.Equal(t, "http://localhost/something", client.authConfig.TokenEndpoint, "should have currect config")
+	assert.Equal(t, "abc", client.clientConfig.ClientID, "should have stored currect clientid")
+	assert.Equal(t, "def", client.clientConfig.ClientSecret, "should have stored currect client secret")
 }

 func TestNewAuthWithConfigurationURL(t *testing.T) {
-	client, err := NewAuthWithConfigurationURL("http://localhost:8084/openid-configuration", "abc", "def")
+	clientConfig := ClientConfig{ClientID: "abc", ClientSecret: "def"}
+	client, err := NewAuthWithConfigurationURL(clientConfig, "http://localhost:8084/openid-configuration")
 	assert.Nil(t, err, "should create client without any error")
-	assert.Equal(t, "https://auth.keks.cloud/application/o/token/", client.config.TokenEndpoint, "token endpoint should match")
-	assert.Equal(t, "abc", client.clientID, "should have stored currect clientid")
-	assert.Equal(t, "def", client.clientSecret, "should have stored currect client secret")
+	assert.Equal(t, "https://auth.keks.cloud/application/o/token/", client.authConfig.TokenEndpoint, "token endpoint should match")
+	assert.Equal(t, "abc", client.clientConfig.ClientID, "should have stored currect clientid")
+	assert.Equal(t, "def", client.clientConfig.ClientSecret, "should have stored currect client secret")
 }

 func TestGetAuthorizationUrl(t *testing.T) {
@ -61,10 +63,12 @@ func TestGetAuthorizationUrl(t *testing.T) {

 	for _, tt := range tts {
 		t.Run(tt.name, func(t *testing.T) {
-			client, err := NewAuthWithConfig(tt.config, "abc", "def")
+			config := ClientConfig{ClientID: "abc", ClientSecret: "def", Scope: tt.scops, RedirectURL: tt.redirectURL}
+
+			client, err := NewAuthWithConfig(config, tt.config)
 			assert.Nil(t, err, "should be able to create client without error")

-			url, err := client.GetAuthorizationURL(tt.redirectURL, tt.scops, tt.state)
+			url, err := client.GetAuthorizationURL(tt.state)
 			if tt.exptError == nil {
 				assert.Nil(t, err, "should get link without error")
 			} else {
@ -76,9 +80,15 @@ func TestGetAuthorizationUrl(t *testing.T) {
 }

 func TestAuthenticLogin(t *testing.T) {
-	client, err := NewAuthWithConfigurationURL("http://localhost:8084/openid-configuration", "abc", "def")
+	t.Skip("dev test")
+	clientConfig := ClientConfig{ClientID: "abc", ClientSecret: "def"}
+	client, err := NewAuthWithConfigurationURL(clientConfig, "http://localhost:8084/openid-configuration")
 	assert.Nil(t, err, "should be able to create client without error")
-	url, err := client.GetAuthorizationURL("http://localhost/something", []string{}, "")
+	url, err := client.GetAuthorizationURL("")
 	assert.Nil(t, err, "should be able to create url without error")
 	fmt.Println(url)
+
+	token, err := client.GetTokenFromCode("e34bc2c7840e4386b17880dd1142c67b")
+	assert.Nil(t, err, "should be able to get code without error")
+	fmt.Println(token)
 }
--- a/config.go
+++ b/config.go
@ -1,5 +1,12 @@
 package kekskurseauth

+type ClientConfig struct {
+	ClientID     string
+	ClientSecret string
+	RedirectURL  string
+	Scope        []string
+}
+
 type AuthConfig struct {
 	TokenEndpoint         string `json:"token_endpoint"`
 	UserinfoEndpoint      string `json:"userinfo_endpoint"`