Compare commits

...

2 Commits

Author SHA1 Message Date
Arnaud Delcasse a51f077358 resolve conflict
Build and Push Docker Image / build_and_push (push) Failing after 1m46s Details
2024-11-04 17:29:19 +01:00
Arnaud Delcasse 4fc08a35de Allow insecure HTTP for OIDC only in local in development mode 2024-11-04 17:24:02 +01:00
9 changed files with 141 additions and 1060 deletions

70
go.mod
View File

@ -1,6 +1,6 @@
module git.coopgo.io/coopgo-apps/parcoursmob
go 1.18
go 1.21
// replace git.coopgo.io/coopgo-platform/mobility-accounts => ../../coopgo-platform/mobility-accounts/
@ -13,10 +13,9 @@ go 1.18
// replace git.coopgo.io/coopgo-platform/emailing => ../../coopgo-platform/emailing/
require (
github.com/coreos/go-oidc v2.2.1+incompatible
github.com/fogleman/gg v1.3.0
github.com/go-playground/validator/v10 v10.11.0
github.com/google/uuid v1.3.0
github.com/google/uuid v1.6.0
github.com/gorilla/mux v1.8.0
github.com/gorilla/sessions v1.2.1
github.com/paulmach/go.geojson v1.4.0
@ -24,53 +23,48 @@ require (
gitlab.scity.coop/maas/navitia-golang v0.0.0-20220429110621-5c22d6efdd0c
go.etcd.io/etcd/client/v3 v3.5.6
golang.org/x/image v0.5.0
golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783
google.golang.org/grpc v1.52.0
google.golang.org/protobuf v1.31.0
golang.org/x/oauth2 v0.21.0
google.golang.org/grpc v1.62.1
google.golang.org/protobuf v1.33.0
)
require (
git.coopgo.io/coopgo-platform/agenda v1.0.0
git.coopgo.io/coopgo-platform/emailing v0.0.0-20221017030337-c71888d90c15
git.coopgo.io/coopgo-platform/fleets v1.0.0
git.coopgo.io/coopgo-platform/groups-management v1.0.0
git.coopgo.io/coopgo-platform/mobility-accounts v1.0.5
git.coopgo.io/coopgo-platform/fleets v0.0.0-20230310144446-feb935f8bf4e
git.coopgo.io/coopgo-platform/groups-management v0.0.0-20230310123255-5ef94ee0746c
git.coopgo.io/coopgo-platform/mobility-accounts v0.0.0-20230329105908-a76c0412a386
github.com/coreos/go-oidc/v3 v3.11.0
github.com/gorilla/securecookie v1.1.1
github.com/minio/minio-go/v7 v7.0.43
github.com/xuri/excelize/v2 v2.7.1
)
require (
ariga.io/atlas v0.13.1 // indirect
ariga.io/atlas v0.12.0 // indirect
github.com/agext/levenshtein v1.2.1 // indirect
github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
github.com/cespare/xxhash v1.1.0 // indirect
github.com/coreos/go-semver v0.3.0 // indirect
github.com/coreos/go-systemd/v22 v22.3.2 // indirect
github.com/dgraph-io/ristretto v0.0.3 // indirect
github.com/dustin/go-humanize v1.0.0 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/go-jose/go-jose/v4 v4.0.2 // indirect
github.com/go-openapi/inflect v0.19.0 // indirect
github.com/go-playground/locales v0.14.0 // indirect
github.com/go-playground/universal-translator v0.18.0 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/golang/snappy v0.0.1 // indirect
github.com/google/go-cmp v0.5.9 // indirect
github.com/gorilla/csrf v1.7.1 // indirect
github.com/gorilla/websocket v1.4.2 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/hashicorp/hcl/v2 v2.16.2 // indirect
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/hashicorp/hcl/v2 v2.10.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.15.9 // indirect
github.com/klauspost/compress v1.17.7 // indirect
github.com/klauspost/cpuid/v2 v2.1.0 // indirect
github.com/leodido/go-urn v1.2.1 // indirect
github.com/lib/pq v1.10.9 // indirect
github.com/magiconair/properties v1.8.7 // indirect
github.com/mattn/goveralls v0.0.6 // indirect
github.com/mb0/wkt v0.0.0-20170420051526-a30afd545ee1 // indirect
github.com/minio/md5-simd v1.1.2 // indirect
github.com/minio/sha256-simd v1.0.0 // indirect
@ -80,55 +74,45 @@ require (
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe // indirect
github.com/ory/fosite v0.42.2 // indirect
github.com/ory/go-acc v0.2.6 // indirect
github.com/ory/go-convenience v0.1.0 // indirect
github.com/ory/viper v1.7.5 // indirect
github.com/ory/x v0.0.214 // indirect
github.com/pborman/uuid v1.2.0 // indirect
github.com/pelletier/go-toml v1.9.5 // indirect
github.com/pelletier/go-toml/v2 v2.0.6 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pquerna/cachecontrol v0.1.0 // indirect
github.com/richardlehane/mscfb v1.0.4 // indirect
github.com/richardlehane/msoleps v1.0.3 // indirect
github.com/rs/xid v1.4.0 // indirect
github.com/santhosh-tekuri/jsonschema/v5 v5.0.0 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
github.com/sergi/go-diff v1.1.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/spf13/afero v1.9.3 // indirect
github.com/spf13/cast v1.5.0 // indirect
github.com/spf13/cobra v1.0.0 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/subosito/gotenv v1.4.2 // indirect
github.com/tidwall/pretty v1.1.0 // indirect
github.com/twpayne/go-geom v1.3.6 // indirect
github.com/twpayne/go-geom v1.5.7 // indirect
github.com/xdg-go/pbkdf2 v1.0.0 // indirect
github.com/xdg-go/scram v1.1.1 // indirect
github.com/xdg-go/stringprep v1.0.3 // indirect
github.com/xuri/efp v0.0.0-20220603152613-6918739fd470 // indirect
github.com/xuri/nfp v0.0.0-20220409054826-5e722a1d9e22 // indirect
github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
github.com/zclconf/go-cty v1.12.1 // indirect
github.com/zclconf/go-cty v1.8.0 // indirect
go.etcd.io/etcd/api/v3 v3.5.6 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.6 // indirect
go.mongodb.org/mongo-driver v1.11.4 // indirect
go.uber.org/atomic v1.9.0 // indirect
go.uber.org/multierr v1.8.0 // indirect
go.uber.org/zap v1.21.0 // indirect
golang.org/x/crypto v0.8.0 // indirect
golang.org/x/net v0.9.0 // indirect
golang.org/x/sync v0.1.0 // indirect
golang.org/x/sys v0.7.0 // indirect
golang.org/x/text v0.9.0 // indirect
golang.org/x/tools v0.6.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef // indirect
golang.org/x/crypto v0.25.0 // indirect
golang.org/x/net v0.27.0 // indirect
golang.org/x/sync v0.7.0 // indirect
golang.org/x/sys v0.22.0 // indirect
golang.org/x/text v0.16.0 // indirect
google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240123012728-ef4313101c80 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7 // indirect
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/mail.v2 v2.3.1 // indirect
gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 // indirect
gopkg.in/square/go-jose.v2 v2.5.2-0.20210529014059-a5c7eec3c614 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)

1076
go.sum Executable file → Normal file

File diff suppressed because it is too large Load Diff

View File

@ -23,6 +23,8 @@ func (h APIHandler) OAuth2Callback(w http.ResponseWriter, r *http.Request) {
return
}
fmt.Println(rawIDToken)
_, err = h.idp.TokenVerifier.Verify(context.Background(), rawIDToken)
if err != nil {
fmt.Println("not able to verify token")

View File

@ -10,7 +10,7 @@ import (
cache "git.coopgo.io/coopgo-apps/parcoursmob/utils/storage"
"git.coopgo.io/coopgo-platform/emailing"
"git.coopgo.io/coopgo-platform/groups-management/storage"
"github.com/coreos/go-oidc"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/spf13/viper"
)

View File

@ -17,7 +17,7 @@ import (
"git.coopgo.io/coopgo-platform/groups-management/storage"
mobilityaccounts "git.coopgo.io/coopgo-platform/mobility-accounts/grpcapi"
mobilityaccountsstorage "git.coopgo.io/coopgo-platform/mobility-accounts/storage"
"github.com/coreos/go-oidc"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/google/uuid"
"github.com/gorilla/mux"
"google.golang.org/protobuf/types/known/structpb"

18
main.go
View File

@ -25,7 +25,7 @@ func main() {
}
var (
//address = cfg.GetString("server.listen")
address = cfg.GetString("server.listen")
service_name = cfg.GetString("service_name")
templates_public_dir = cfg.GetString("templates.public_dir")
dev_env = cfg.GetBool("dev_env")
@ -34,12 +34,12 @@ func main() {
if err != nil {
panic(err)
}
fmt.Println(cfg)
kv, err := cache.NewKVHandler(cfg)
if err != nil {
panic(err)
}
filestorage, err := cache.NewFileStorage(cfg)
filestorage, _ := cache.NewFileStorage(cfg)
idp, err := identification.NewIdentificationProvider(cfg, svc, kv)
if err != nil {
@ -72,6 +72,7 @@ func main() {
r.HandleFunc("/auth/groups/", authHandler.Groups)
r.HandleFunc("/auth/groups/switch", authHandler.GroupSwitch)
r.HandleFunc("/", redirectApp)
//r.Use(trackPage)
api_router := r.PathPrefix("/api").Subrouter()
api_router.HandleFunc("/", apiHandler.NotFound)
@ -176,11 +177,13 @@ func main() {
srv := &http.Server{
Handler: r,
Addr: "0.0.0.0:9000",
Addr: address,
WriteTimeout: 15 * time.Second,
ReadTimeout: 15 * time.Second,
}
fmt.Println("Running on ", address)
log.Fatal(srv.ListenAndServe())
}
@ -188,3 +191,10 @@ func main() {
func redirectApp(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/app/", http.StatusFound)
}
func trackPage(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Println(r.RequestURI)
next.ServeHTTP(w, r.WithContext(r.Context()))
})
}

View File

@ -9,7 +9,7 @@ import (
"git.coopgo.io/coopgo-apps/parcoursmob/utils/identification"
"git.coopgo.io/coopgo-platform/emailing"
"git.coopgo.io/coopgo-platform/groups-management/storage"
"github.com/coreos/go-oidc"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/spf13/viper"
)

View File

@ -19,7 +19,6 @@ func (p *IdentificationProvider) GroupsMiddleware(next http.Handler) http.Handle
o, ok := session.Values["organization"]
if !ok || o == nil {
fmt.Println("no organization")
http.Redirect(w, r, "/auth/groups/", http.StatusFound)
return
}

View File

@ -10,7 +10,7 @@ import (
"git.coopgo.io/coopgo-apps/parcoursmob/services"
"git.coopgo.io/coopgo-apps/parcoursmob/utils/storage"
"github.com/coreos/go-oidc"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/gorilla/sessions"
"github.com/spf13/viper"
"golang.org/x/oauth2"
@ -40,8 +40,28 @@ func NewIdentificationProvider(cfg *viper.Viper, services *services.ServicesHand
provider, err := oidc.NewProvider(context.Background(), providerURL)
if err != nil {
var (
issuerUrl = cfg.GetString("identification.oidc.provider_config.issuer_url")
authUrl = cfg.GetString("identification.oidc.provider_config.auth_url")
tokenUrl = cfg.GetString("identification.oidc.provider_config.token_url")
userInfoUrl = cfg.GetString("identification.oidc.provider_config.user_info_url")
jwksUrl = cfg.GetString("identification.oidc.provider_config.jwks_url")
algorithms = []string{"RS256"}
)
if issuerUrl == "" || authUrl == "" || tokenUrl == "" || jwksUrl == "" {
return nil, err
}
providerConfig := oidc.ProviderConfig{
IssuerURL: issuerUrl,
AuthURL: authUrl,
TokenURL: tokenUrl,
UserInfoURL: userInfoUrl,
JWKSURL: jwksUrl,
Algorithms: algorithms,
}
provider = providerConfig.NewProvider(context.Background())
}
oauth2Config := oauth2.Config{
ClientID: clientID,
@ -75,14 +95,14 @@ func (p *IdentificationProvider) Middleware(next http.Handler) http.Handler {
}
if session.Values["idtoken"] == nil || session.Values["idtoken"] == "" {
state, err := newState()
if err != nil {
panic(err)
}
session.Values["state"] = state
session.Save(r, w)
http.Redirect(w, r, p.OAuth2Config.AuthCodeURL(state), http.StatusFound)
url := p.OAuth2Config.AuthCodeURL(state)
http.Redirect(w, r, url, http.StatusFound)
return
}