Skip to content

Commit

Permalink
start handling old and new auth types [#581]
Browse files Browse the repository at this point in the history
  • Loading branch information
@roberlander2
roberlander2 committed Aug 30, 2022
1 parent 4f1b4b9 commit d88fe6b
Show file tree
Hide file tree
Showing 20 changed files with 126 additions and 55 deletions.
4 changes: 2 additions & 2 deletions .secrets.baseline
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@
"filename": "core/auth/auth.go",
"hashed_secret": "4d55af37dbbb6a42088d917caa1ca25428ec42c9",
"is_verified": false,
"line_number": 2202
"line_number": 2203
}
],
"core/auth/auth_type_email.go": [
Expand Down Expand Up @@ -279,5 +279,5 @@
}
]
},
"generated_at": "2022-08-30T21:05:41Z"
"generated_at": "2022-08-30T22:07:23Z"
}
19 changes: 10 additions & 9 deletions core/auth/auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -538,9 +538,9 @@ func (a *Auth) applyAuthType(authImpl internalAuthType, appOrg model.Application

authTypeCode := authImpl.code()
if userIdentifier != "" {
if authTypeCode == "twilio_phone" && regProfile.Phone == "" {
if authTypeCode == AuthTypePhone && regProfile.Phone == "" {
regProfile.Phone = userIdentifier
} else if authTypeCode == "email" && regProfile.Email == "" {
} else if authTypeCode == AuthTypeEmail && regProfile.Email == "" {
regProfile.Email = userIdentifier
}
}
Expand Down Expand Up @@ -1277,9 +1277,9 @@ func (a *Auth) getProfileBBData(authTypeCode string, identifier string, l *logs.
var err error

var profileSearch map[string]string
if authTypeCode == "twilio_phone" {
if authTypeCode == AuthTypePhone {
profileSearch = map[string]string{"phone": identifier}
} else if authTypeCode == "illinois_oidc" {
} else if authTypeCode == AuthTypeOidc {
profileSearch = map[string]string{"uin": identifier}
}

Expand Down Expand Up @@ -1661,6 +1661,12 @@ func (a *Auth) unlinkAccountAuthType(accountID string, authTypeCode string, appT
return nil, errors.ErrorData(logutils.StatusMissing, model.TypeAccount, &logutils.FieldArgs{"id": accountID})
}

//validate if the provided auth type is supported by the provided application and organization
_, _, err = a.validateAuthType(authTypeCode, appTypeIdentifier, account.AppOrg.Organization.ID)
if err != nil {
return nil, err
}

for i, aat := range account.AuthTypes {
// unlink auth type with matching code and identifier
if aat.AuthTypeCode == authTypeCode && aat.Identifier == identifier {
Expand Down Expand Up @@ -1949,11 +1955,6 @@ func (a *Auth) validateAppOrgAuthType(authTypeCode string, appID string, orgID s
}

func (a *Auth) getAuthTypeImpl(authType string) (authType, error) {
//illinois_oidc, other_oidc
if strings.HasSuffix(authType, "_oidc") {
authType = "oidc"
}

if auth, ok := a.authTypes[authType]; ok {
return auth, nil
}
Expand Down
6 changes: 3 additions & 3 deletions core/auth/auth_type_phone.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,8 @@ import (
)

const (
//AuthTypeTwilioPhone phone auth type
AuthTypeTwilioPhone string = "twilio_phone"
//AuthTypePhone phone auth type
AuthTypePhone string = "phone"

servicesPathPart = "https://verify.twilio.com/v2/Services"
verificationsPathPart = "Verifications"
Expand Down Expand Up @@ -326,7 +326,7 @@ func (a *twilioPhoneAuthImpl) forgotCredential(credential *model.Credential, ide

// initPhoneAuth initializes and registers a new phone auth instance
func initPhoneAuth(auth *Auth, twilioAccountSID string, twilioToken string, twilioServiceSID string) (*twilioPhoneAuthImpl, error) {
phone := &twilioPhoneAuthImpl{auth: auth, authType: AuthTypeTwilioPhone, twilioAccountSID: twilioAccountSID, twilioToken: twilioToken, twilioServiceSID: twilioServiceSID}
phone := &twilioPhoneAuthImpl{auth: auth, authType: AuthTypePhone, twilioAccountSID: twilioAccountSID, twilioToken: twilioToken, twilioServiceSID: twilioServiceSID}

err := auth.registerAuthType(phone.authType, phone)
if err != nil {
Expand Down
4 changes: 4 additions & 0 deletions driver/web/apis_admin.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -333,6 +333,10 @@ func (h AdminApisHandler) getApplicationAccounts(l *logs.Log, r *http.Request, c
var authType *string
authTypeParam := r.URL.Query().Get("auth-type")
if len(authTypeParam) > 0 {
authTypeParam, err := utils.GetSuffix(authTypeParam, "_")
if err != nil {
return l.HttpResponseErrorAction(logutils.ActionGet, "auth type", nil, err, http.StatusInternalServerError, false)
}
authType = &authTypeParam
}
//auth type identifier
Expand Down
4 changes: 4 additions & 0 deletions driver/web/apis_services.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -726,6 +726,10 @@ func (h ServicesApisHandler) getAccounts(l *logs.Log, r *http.Request, claims *t
var authType *string
authTypeParam := r.URL.Query().Get("auth-type")
if len(authTypeParam) > 0 {
authTypeParam, err := utils.GetSuffix(authTypeParam, "_")
if err != nil {
return l.HttpResponseErrorAction(logutils.ActionGet, "auth type", nil, err, http.StatusInternalServerError, false)
}
authType = &authTypeParam
}
//auth type identifier
Expand Down
49 changes: 30 additions & 19 deletions driver/web/docs/gen/def.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ paths:
summary: Phone - sign in OR sign up
value: |
{
"auth_type": "twilio_phone",
"auth_type": "phone",
"app_type_identifier": "edu.illinois.rokwire",
"org_id": "0a2eff20-e2cd-11eb-af68-60f81db5ecc0",
"api_key": "95a463e3-2ce8-450b-ba75-d8506b874738",
Expand Down Expand Up @@ -133,11 +133,11 @@ paths:
"os": "Android"
}
}
illinois_oidc:
summary: Illinois OIDC login
oidc:
summary: OIDC login
value: |
{
"auth_type": "illinois_oidc",
"auth_type": "oidc",
"app_type_identifier": "edu.illinois.rokwire",
"org_id": "0a2eff20-e2cd-11eb-af68-60f81db5ecc0",
"api_key": "95a463e3-2ce8-450b-ba75-d8506b874738",
Expand Down Expand Up @@ -676,19 +676,19 @@ paths:
summary: Phone
value: |
{
"auth_type": "twilio_phone",
"auth_type": "phone",
"app_type_identifier": "edu.illinois.rokwire",
"org_id": "0a2eff20-e2cd-11eb-af68-60f81db5ecc0",
"api_key": "95a463e3-2ce8-450b-ba75-d8506b874738",
"creds": {
"phone": "+12223334444"
}
}
illinois_oidc:
summary: Illinois OIDC
oidc:
summary: OIDC
value: |
{
"auth_type": "illinois_oidc",
"auth_type": "oidc",
"app_type_identifier": "edu.illinois.rokwire",
"org_id": "0a2eff20-e2cd-11eb-af68-60f81db5ecc0",
"api_key": "95a463e3-2ce8-450b-ba75-d8506b874738",
Expand Down Expand Up @@ -763,15 +763,15 @@ paths:
summary: Phone
value: |
{
"auth_type": "twilio_phone",
"auth_type": "phone",
"app_type_identifier": "edu.illinois.rokwire",
"identifier": "+12223334444"
}
illinois_oidc:
summary: Illinois OIDC
oidc:
summary: OIDC
value: |
{
"auth_type": "illinois_oidc",
"auth_type": "oidc",
"app_type_identifier": "edu.illinois.rokwire",
"identifier": "123456789"
}
Expand Down Expand Up @@ -1466,11 +1466,11 @@ paths:
"os": "Android"
}
}
illinois_oidc:
summary: Illinois OIDC
oidc:
summary: OIDC
value: |
{
"auth_type": "illinois_oidc",
"auth_type": "oidc",
"app_type_identifier": "edu.illinois.rokwire",
"org_id": "0a2eff20-e2cd-11eb-af68-60f81db5ecc0",
"api_key": "95a463e3-2ce8-450b-ba75-d8506b874738",
Expand Down Expand Up @@ -5187,7 +5187,9 @@ components:
type: string
enum:
- email
- phone
- twilio_phone
- oidc
- illinois_oidc
- anonymous
app_type_identifier:
Expand All @@ -5199,7 +5201,7 @@ components:
creds:
anyOf:
- $ref: '#/components/schemas/_shared_req_CredsEmail'
- $ref: '#/components/schemas/_shared_req_CredsTwilioPhone'
- $ref: '#/components/schemas/_shared_req_CredsPhone'
- $ref: '#/components/schemas/_shared_req_CredsOIDC'
- $ref: '#/components/schemas/_shared_req_CredsAPIKey'
params:
Expand Down Expand Up @@ -5274,6 +5276,7 @@ components:
auth_type:
type: string
enum:
- oidc
- illinois_oidc
app_type_identifier:
type: string
Expand Down Expand Up @@ -5319,6 +5322,7 @@ components:
type: string
enum:
- email
- oidc
- illinois_oidc
identifier:
type: string
Expand Down Expand Up @@ -5346,6 +5350,7 @@ components:
type: string
enum:
- email
- oidc
- illinois_oidc
identifier:
type: string
Expand Down Expand Up @@ -5375,7 +5380,9 @@ components:
enum:
- username
- email
- phone
- twilio_phone
- oidc
- illinois_oidc
- anonymous
app_type_identifier:
Expand All @@ -5397,9 +5404,9 @@ components:
type: string
password:
type: string
_shared_req_CredsTwilioPhone:
_shared_req_CredsPhone:
type: object
description: Auth login creds for auth_type="twilio_phone"
description: Auth login creds for auth_type="phone"
required:
- phone
properties:
Expand Down Expand Up @@ -5712,15 +5719,17 @@ components:
type: string
enum:
- email
- phone
- twilio_phone
- oidc
- illinois_oidc
- username
app_type_identifier:
type: string
creds:
anyOf:
- $ref: '#/components/schemas/_shared_req_CredsEmail'
- $ref: '#/components/schemas/_shared_req_CredsTwilioPhone'
- $ref: '#/components/schemas/_shared_req_CredsPhone'
- $ref: '#/components/schemas/_shared_req_CredsOIDC'
params:
type: object
Expand All @@ -5739,7 +5748,9 @@ components:
type: string
enum:
- email
- phone
- twilio_phone
- oidc
- illinois_oidc
- username
app_type_identifier:
Expand Down
26 changes: 24 additions & 2 deletions driver/web/docs/gen/gen_types.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions driver/web/docs/resources/admin/auth/login.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,11 @@ post:
"os": "Android"
}
}
illinois_oidc:
summary: Illinois OIDC
oidc:
summary: OIDC
value: |
{
"auth_type": "illinois_oidc",
"auth_type": "oidc",
"app_type_identifier": "edu.illinois.rokwire",
"org_id": "0a2eff20-e2cd-11eb-af68-60f81db5ecc0",
"api_key": "95a463e3-2ce8-450b-ba75-d8506b874738",
Expand Down
Loading

0 comments on commit d88fe6b

Please sign in to comment.