gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-10 15:14:22 +08:00
Code Issues Projects Releases Packages Wiki Activity

initialized

Browse source
This commit is contained in:
0xdcarns 2021-10-20 14:17:31 -04:00
parent c7b922259f
commit 8a54f50676
5 changed files with 192 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

66
auth/auth.go Normal file
View file

@ -0,0 +1,66 @@
package auth
import (
"net/http"
"github.com/gravitl/netmaker/servercfg"
"golang.org/x/oauth2"
)
// == consts ==
const (
init_provider = "initprovider"
get_user_info = "getuserinfo"
handle_callback = "handlecallback"
handle_login = "handlelogin"
oauth_state_string = "netmaker-oauth-state"
google_provider_name = "google"
azure_ad_provider_name = "azure-ad"
github_provider_name = "github"
)
var auth_provider *oauth2.Config
func getCurrentAuthFunctions() map[string]interface{} {
var authInfo = servercfg.GetAuthProviderInfo()
var authProvider = authInfo[0]
switch authProvider {
case google_provider_name:
return google_functions
case azure_ad_provider_name:
return google_functions
case github_provider_name:
return google_functions
default:
return nil
}
}
// InitializeAuthProvider - initializes the auth provider if any is present
func InitializeAuthProvider() bool {
var functions = getCurrentAuthFunctions()
if functions == nil {
return false
}
var authInfo = servercfg.GetAuthProviderInfo()
functions[init_provider].(func(string, string, string))(servercfg.GetAPIConnString(), authInfo[1], authInfo[2])
return auth_provider != nil
}
// HandleAuthCallback - handles oauth callback
func HandleAuthCallback(w http.ResponseWriter, r *http.Request) {
var functions = getCurrentAuthFunctions()
if functions == nil {
return
}
functions[handle_callback].(func(http.ResponseWriter, *http.Request))(w, r)
}
// HandleAuthLogin - handles oauth login
func HandleAuthLogin(w http.ResponseWriter, r *http.Request) {
var functions = getCurrentAuthFunctions()
if functions == nil {
return
}
functions[handle_login].(func(http.ResponseWriter, *http.Request))(w, r)
}

65
auth/google.go Normal file
View file

@ -0,0 +1,65 @@
package auth
import (
"fmt"
"io/ioutil"
"net/http"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
)
var google_functions = map[string]interface{}{
init_provider: initGoogle,
get_user_info: getUserInfo,
handle_callback: handleGoogleCallback,
handle_login: handleGoogleLogin,
}
// == handle google authentication here ==
func initGoogle(redirectURL string, clientID string, clientSecret string) {
auth_provider = &oauth2.Config{
RedirectURL: redirectURL,
ClientID: clientID,
ClientSecret: clientSecret,
Scopes: []string{"https://www.googleapis.com/auth/userinfo.email"},
Endpoint: google.Endpoint,
}
}
func handleGoogleLogin(w http.ResponseWriter, r *http.Request) {
url := auth_provider.AuthCodeURL(oauth_state_string)
http.Redirect(w, r, url, http.StatusTemporaryRedirect)
}
func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
var content, err = getUserInfo(r.FormValue("state"), r.FormValue("code"))
if err != nil {
fmt.Println(err.Error())
http.Redirect(w, r, "/api/oauth/error", http.StatusTemporaryRedirect)
return
}
fmt.Fprintf(w, "Content: %s\n", content)
}
func getUserInfo(state string, code string) ([]byte, error) {
if state != oauth_state_string {
return nil, fmt.Errorf("invalid oauth state")
}
token, err := auth_provider.Exchange(oauth2.NoContext, code)
if err != nil {
return nil, fmt.Errorf("code exchange failed: %s", err.Error())
}
response, err := http.Get("https://www.googleapis.com/oauth2/v2/userinfo?access_token=" + token.AccessToken)
if err != nil {
return nil, fmt.Errorf("failed getting user info: %s", err.Error())
}
defer response.Body.Close()
contents, err := ioutil.ReadAll(response.Body)
if err != nil {
return nil, fmt.Errorf("failed reading response body: %s", err.Error())
}
return contents, nil
}

4
config/config.go
View file

@ -62,9 +62,11 @@ type ServerConfig struct {
DefaultNodeLimit int32 `yaml:"defaultnodelimit"` DefaultNodeLimit int32 `yaml:"defaultnodelimit"`
Verbosity int32 `yaml:"verbosity"` Verbosity int32 `yaml:"verbosity"`
ServerCheckinInterval int64 `yaml:"servercheckininterval"` ServerCheckinInterval int64 `yaml:"servercheckininterval"`
AuthProvider string `yaml:"authprovider"`
ClientID string `yaml:"clientid"`
ClientSecret string `yaml:"clientsecret"`
} }
// Generic SQL Config // Generic SQL Config
type SQLConfig struct { type SQLConfig struct {
Host string `yaml:"host"` Host string `yaml:"host"`

1
go.mod
View file

@ -17,6 +17,7 @@ require (
github.com/urfave/cli/v2 v2.3.0 github.com/urfave/cli/v2 v2.3.0
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97
golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 // indirect golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 // indirect
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be // indirect
golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e // indirect golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e // indirect
golang.org/x/text v0.3.7-0.20210524175448-3115f89c4b99 // indirect golang.org/x/text v0.3.7-0.20210524175448-3115f89c4b99 // indirect
golang.zx2c4.com/wireguard v0.0.0-20210805125648-3957e9b9dd19 // indirect golang.zx2c4.com/wireguard v0.0.0-20210805125648-3957e9b9dd19 // indirect

26
servercfg/serverconf.go
View file

@ -7,6 +7,7 @@ import (
"net/http" "net/http"
"os" "os"
"strconv" "strconv"
"strings"
"github.com/gravitl/netmaker/config" "github.com/gravitl/netmaker/config"
) )
@ -65,6 +66,12 @@ func GetServerConfig() config.ServerConfig {
cfg.Database = GetDB() cfg.Database = GetDB()
cfg.Platform = GetPlatform() cfg.Platform = GetPlatform()
cfg.Version = GetVersion() cfg.Version = GetVersion()
// == auth config ==
var authInfo = GetAuthProviderInfo()
cfg.AuthProvider = authInfo[0]
cfg.ClientID = authInfo[1]
cfg.ClientSecret = authInfo[2]
return cfg return cfg
} }
func GetAPIConnString() string { func GetAPIConnString() string {
@ -398,6 +405,25 @@ func GetServerCheckinInterval() int64 {
return t return t
} }
// GetAuthProviderInfo = gets the oauth provider info
func GetAuthProviderInfo() []string {
var authProvider = ""
if os.Getenv("AUTH_PROVIDER") != "" && os.Getenv("CLIENT_ID") != "" && os.Getenv("CLIENT_SECRET") != "" {
authProvider = strings.ToLower(os.Getenv("AUTH_PROVIDER"))
if authProvider == "google" || authProvider == "azure-ad" || authProvider == "github" {
return []string{authProvider, os.Getenv("CLIENT_ID"), os.Getenv("CLIENT_SECRET")}
} else {
authProvider = ""
}
} else if config.Config.Server.AuthProvider != "" && config.Config.Server.ClientID != "" && config.Config.Server.ClientSecret != "" {
authProvider = strings.ToLower(config.Config.Server.AuthProvider)
if authProvider == "google" || authProvider == "azure-ad" || authProvider == "github" {
return []string{authProvider, config.Config.Server.ClientID, config.Config.Server.ClientSecret}
}
}
return []string{"", "", ""}
}
// GetMacAddr - get's mac address // GetMacAddr - get's mac address
func getMacAddr() string { func getMacAddr() string {
ifas, err := net.Interfaces() ifas, err := net.Interfaces()