Browse Source

Remove concept of AuthModule and ThirdPartyAuth

Replaced by AuthRealm and AuthSession.
pull/7/head
Kegan Dougal 9 years ago
parent
commit
098101015b
  1. 13
      src/github.com/matrix-org/go-neb/auth/auth.go
  2. 22
      src/github.com/matrix-org/go-neb/auth/github/github.go
  3. 32
      src/github.com/matrix-org/go-neb/database/db.go
  4. 46
      src/github.com/matrix-org/go-neb/database/schema.go
  5. 3
      src/github.com/matrix-org/go-neb/goneb.go
  6. 36
      src/github.com/matrix-org/go-neb/types/types.go

13
src/github.com/matrix-org/go-neb/auth/auth.go

@ -1,13 +0,0 @@
package auth
import (
"github.com/matrix-org/go-neb/auth/github"
"github.com/matrix-org/go-neb/database"
"github.com/matrix-org/go-neb/types"
)
// RegisterModules registers all known modules so they can be retrieved via
// type.GetAuthModule
func RegisterModules(db *database.ServiceDB) {
types.RegisterAuthModule(&github.AuthModule{Database: db})
}

22
src/github.com/matrix-org/go-neb/auth/github/github.go

@ -1,22 +0,0 @@
package github
import (
"github.com/matrix-org/go-neb/database"
"github.com/matrix-org/go-neb/types"
)
// AuthModule for github
type AuthModule struct {
Database *database.ServiceDB
}
// Type of the auth module
func (*AuthModule) Type() string {
return "github"
}
// Process a third-party auth request
func (am *AuthModule) Process(tpa types.ThirdPartyAuth) (err error) {
_, err = am.Database.StoreThirdPartyAuth(tpa)
return
}

32
src/github.com/matrix-org/go-neb/database/db.go

@ -95,38 +95,6 @@ func (d *ServiceDB) LoadServicesInRoom(serviceUserID, roomID string) (services [
return
}
// LoadThirdPartyAuth loads third-party credentials that the given userID
// has linked to the given resource. Returns sql.ErrNoRows if there are no
// credentials for the given resource/user combination.
func (d *ServiceDB) LoadThirdPartyAuth(resource, userID string) (tpa types.ThirdPartyAuth, err error) {
err = runTransaction(d.db, func(txn *sql.Tx) error {
tpa, err = selectThirdPartyAuthTxn(txn, resource, userID)
if err != nil {
return err
}
return nil
})
return
}
// StoreThirdPartyAuth stores the ThirdPartyAuth for the given Service. Updates the
// time added/updated values.
// If the auth already exists then it will be updated, otherwise a new auth
// will be inserted. The previous auth is returned.
func (d *ServiceDB) StoreThirdPartyAuth(tpa types.ThirdPartyAuth) (old types.ThirdPartyAuth, err error) {
err = runTransaction(d.db, func(txn *sql.Tx) error {
old, err = selectThirdPartyAuthTxn(txn, tpa.Resource, tpa.UserID)
if err == sql.ErrNoRows {
return insertThirdPartyAuthTxn(txn, tpa)
} else if err != nil {
return err
} else {
return updateThirdPartyAuthTxn(txn, tpa)
}
})
return
}
// StoreService stores a service into the database either by inserting a new
// service or updating an existing service. Returns the old service if there
// was one.

46
src/github.com/matrix-org/go-neb/database/schema.go

@ -35,16 +35,6 @@ CREATE TABLE IF NOT EXISTS matrix_clients (
UNIQUE(user_id)
);
CREATE TABLE IF NOT EXISTS third_party_auth (
user_id TEXT NOT NULL,
type TEXT NOT NULL,
resource TEXT NOT NULL,
auth_json TEXT NOT NULL,
time_added_ms BIGINT NOT NULL,
time_updated_ms BIGINT NOT NULL,
UNIQUE(user_id, resource)
);
CREATE TABLE IF NOT EXISTS auth_realms (
realm_id TEXT NOT NULL,
realm_type TEXT NOT NULL,
@ -221,42 +211,6 @@ func selectRoomServicesTxn(txn *sql.Tx, serviceUserID, roomID string) (serviceID
return
}
const selectThirdPartyAuthSQL = `
SELECT type, auth_json FROM third_party_auth WHERE user_id=$1 AND resource=$2
`
func selectThirdPartyAuthTxn(txn *sql.Tx, resource, userID string) (tpa types.ThirdPartyAuth, err error) {
tpa.Resource = resource
tpa.UserID = userID
err = txn.QueryRow(selectThirdPartyAuthSQL, userID, resource).Scan(&tpa.Type, &tpa.AuthJSON)
return
}
const insertThirdPartyAuthSQL = `
INSERT INTO third_party_auth(
user_id, type, resource, auth_json, time_added_ms, time_updated_ms
) VALUES($1, $2, $3, $4, $5, $6)
`
func insertThirdPartyAuthTxn(txn *sql.Tx, tpa types.ThirdPartyAuth) (err error) {
timeAddedMs := time.Now().UnixNano() / 1000000
_, err = txn.Exec(insertThirdPartyAuthSQL, tpa.UserID, tpa.Type, tpa.Resource,
[]byte(tpa.AuthJSON), timeAddedMs, timeAddedMs)
return
}
const updateThirdPartyAuthSQL = `
UPDATE third_party_auth SET auth_json=$1, time_updated_ms=$2
WHERE user_id=$3 AND resource=$4
`
func updateThirdPartyAuthTxn(txn *sql.Tx, tpa types.ThirdPartyAuth) (err error) {
timeUpdatedMs := time.Now().UnixNano() / 1000000
_, err = txn.Exec(updateThirdPartyAuthSQL, []byte(tpa.AuthJSON), timeUpdatedMs,
tpa.UserID, tpa.Resource)
return err
}
const insertRealmSQL = `
INSERT INTO auth_realms(
realm_id, realm_type, realm_json, time_added_ms, time_updated_ms

3
src/github.com/matrix-org/go-neb/goneb.go

@ -2,7 +2,6 @@ package main
import (
log "github.com/Sirupsen/logrus"
"github.com/matrix-org/go-neb/auth"
"github.com/matrix-org/go-neb/clients"
"github.com/matrix-org/go-neb/database"
_ "github.com/matrix-org/go-neb/realms/github"
@ -30,8 +29,6 @@ func main() {
log.Panic(err)
}
auth.RegisterModules(db)
http.Handle("/test", server.MakeJSONAPI(&heartbeatHandler{}))
http.Handle("/admin/configureClient", server.MakeJSONAPI(&configureClientHandler{db: db, clients: clients}))
http.Handle("/admin/configureService", server.MakeJSONAPI(&configureServiceHandler{db: db, clients: clients}))

36
src/github.com/matrix-org/go-neb/types/types.go

@ -1,7 +1,6 @@
package types
import (
"encoding/json"
"errors"
"github.com/matrix-org/go-neb/matrix"
"github.com/matrix-org/go-neb/plugin"
@ -54,41 +53,6 @@ func CreateService(serviceID, serviceType string) Service {
return f(serviceID)
}
// AuthModule represents a thing which can handle auth requests of a given type.
type AuthModule interface {
Type() string
Process(tpa ThirdPartyAuth) error
}
var authModulesByType = map[string]AuthModule{}
// ThirdPartyAuth represents an individual authorisation entry between
// a third party and the Matrix user.
type ThirdPartyAuth struct {
// The ID of the matrix user who has authed with the third party
UserID string
// The type of auth (e.g. "jira", "github"). This determines which
// auth module is loaded to process the auth.
Type string
// The location of the third party resource e.g. "github.com".
// This is mainly relevant for decentralised services like JIRA which
// may have many different locations (e.g. "matrix.org/jira") for the
// same ServiceType ("jira").
Resource string
// An opaque JSON blob of stored auth data.
AuthJSON json.RawMessage
}
// RegisterAuthModule so it can be used by other parts of NEB.
func RegisterAuthModule(am AuthModule) {
authModulesByType[am.Type()] = am
}
// GetAuthModule for the given auth type. Returns nil if no match.
func GetAuthModule(authType string) AuthModule {
return authModulesByType[authType]
}
// AuthRealm represents a place where a user can authenticate themselves.
// This may static (like github.com) or a specific domain (like matrix.org/jira)
type AuthRealm interface {

Loading…
Cancel
Save