Skip to content

Commit

Permalink
all: flatten package hierarchy and merge files - closes ory#93
Browse files Browse the repository at this point in the history
  • Loading branch information
Aeneas Rekkas (arekkas) authored and arekkas committed Oct 16, 2016
1 parent 6d76d35 commit 9b7ba80
Show file tree
Hide file tree
Showing 19 changed files with 52 additions and 68 deletions.
18 changes: 9 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -69,15 +69,15 @@ You can run this minimalistic example by doing

```
go get github.com/Masterminds/glide
go get -d github.com/ory-am/fosite
cd $GOPATH/src/github.com/ory-am/fosite
go get github.com/ory-am/fosite-example
cd $GOPATH/src/github.com/ory-am/fosite-example
glide install
go install github.com/ory-am/fosite/fosite-example
go install github.com/ory-am/fosite-example
fosite-example
```

There should be a server listening on [localhost:3846](https://localhost:3846/). You can check out the example's
source code [here](fosite-example/main.go).
source code [here](https://github.com/ory-am/fosite-example/).

## A word on quality

Expand Down Expand Up @@ -175,21 +175,21 @@ Instantiating fosite by hand can be painful. Therefore we created a few convenie
It is strongly encouraged to use these well tested composers.

In this very basic example, we will instantiate fosite with all OpenID Connect and OAuth2 handlers enabled. Please refer
to the [example app](fosite-example/main.go) for more details.
to the [example app](https://github.com/ory-am/fosite-example/) for more details.

This little code snippet sets up a full-blown OAuth2 and OpenID Connect example.

```go
import "github.com/ory-am/fosite"
import "github.com/ory-am/fosite/compose"
import "github.com/ory-am/fosite/fosite-example/store"
import "github.com/ory-am/fosite/storage"

// This is the exemplary storage that contains:
// * an OAuth2 Client with id "my-client" and secret "foobar" capable of all oauth2 and open id connect grant and response types.
// * a User for the resource owner password credentials grant type with usename "peter" and password "secret".
//
// You will most likely replace this with your own logic once you set up a real world application.
var storage = store.NewExampleStore()
var storage = storage.NewMemoryStore()

// This secret is being used to sign access and refresh tokens as well as authorize codes.
var secret = []byte{"my super secret password"}
Expand Down Expand Up @@ -319,15 +319,15 @@ func someResourceProviderHandlerFunc(rw http.ResponseWriter, req *http.Request)

Fosite provides integration tests as well as a http server example:

* Fosite ships with an example app that runs in your browser: [Example app](fosite-example/main.go).
* Fosite ships with an example app that runs in your browser: [Example app](https://github.com/ory-am/fosite-example/).
* If you want to check out how to enable specific handlers, check out the [integration tests](integration/).

If you have working examples yourself, please share them with us!

### Exemplary Storage Implementation

Fosite does not ship a storage implementation. This is intended, because requirements vary with every environment.
You can find a reference implementation at [fosite-example/pkg/store.go](fosite-example/pkg/store.go).
You can find a reference implementation at [storage/memory.go](storage/memory.go).
This storage fulfills requirements from all OAuth2 and OpenID Conenct handlers.

### Extensible handlers
Expand Down
7 changes: 3 additions & 4 deletions compose/compose.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import (

"github.com/Sirupsen/logrus"
"github.com/ory-am/fosite"
"github.com/ory-am/fosite/hash"
)

type handler func(config *Config, storage interface{}, strategy interface{}) interface{}
Expand Down Expand Up @@ -35,9 +34,9 @@ func Compose(config *Config, storage interface{}, strategy interface{}, handlers
Store: storage.(fosite.Storage),
AuthorizeEndpointHandlers: fosite.AuthorizeEndpointHandlers{},
TokenEndpointHandlers: fosite.TokenEndpointHandlers{},
TokenValidators: fosite.TokenValidators{},
TokenIntrospectionHandlers: fosite.TokenIntrospectionHandlers{},
RevocationHandlers: fosite.RevocationHandlers{},
Hasher: &hash.BCrypt{WorkFactor: config.GetHashCost()},
Hasher: &fosite.BCrypt{WorkFactor: config.GetHashCost()},
Logger: &logrus.Logger{},
ScopeStrategy: fosite.HierarchicScopeStrategy,
}
Expand All @@ -51,7 +50,7 @@ func Compose(config *Config, storage interface{}, strategy interface{}, handlers
f.TokenEndpointHandlers.Append(th)
}
if tv, ok := res.(fosite.TokenIntrospector); ok {
f.TokenValidators.Append(tv)
f.TokenIntrospectionHandlers.Append(tv)
}
if rh, ok := res.(fosite.RevocationHandler); ok {
f.RevocationHandlers.Append(rh)
Expand Down
37 changes: 11 additions & 26 deletions fosite.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ import (
"reflect"

"github.com/Sirupsen/logrus"
"github.com/ory-am/fosite/hash"
)

// AuthorizeEndpointHandlers is a list of AuthorizeEndpointHandler
Expand Down Expand Up @@ -35,25 +34,11 @@ func (t *TokenEndpointHandlers) Append(h TokenEndpointHandler) {
*t = append(*t, h)
}

// TokenValidators is a list of TokenValidator
type TokenValidators []TokenValidator

// Append adds an AccessTokenValidator to this list. Ignores duplicates based on reflect.TypeOf.
func (t *TokenValidators) Append(h TokenValidator) {
for _, this := range *t {
if reflect.TypeOf(this) == reflect.TypeOf(h) {
return
}
}

*t = append(*t, h)
}

// TokenValidators is a list of TokenValidator
type TokenValidators []TokenIntrospector
// TokenIntrospectionHandlers is a list of TokenValidator
type TokenIntrospectionHandlers []TokenIntrospector

// Add adds an AccessTokenValidator to this list. Ignores duplicates based on reflect.TypeOf.
func (t *TokenValidators) Append(h TokenIntrospector) {
func (t *TokenIntrospectionHandlers) Append(h TokenIntrospector) {
for _, this := range *t {
if reflect.TypeOf(this) == reflect.TypeOf(h) {
return
Expand All @@ -79,12 +64,12 @@ func (t *RevocationHandlers) Append(h RevocationHandler) {

// Fosite implements OAuth2Provider.
type Fosite struct {
Store Storage
AuthorizeEndpointHandlers AuthorizeEndpointHandlers
TokenEndpointHandlers TokenEndpointHandlers
TokenValidators TokenValidators
RevocationHandlers RevocationHandlers
Hasher hash.Hasher
Logger logrus.StdLogger
ScopeStrategy ScopeStrategy
Store Storage
AuthorizeEndpointHandlers AuthorizeEndpointHandlers
TokenEndpointHandlers TokenEndpointHandlers
TokenIntrospectionHandlers TokenIntrospectionHandlers
RevocationHandlers RevocationHandlers
Hasher Hasher
Logger logrus.StdLogger
ScopeStrategy ScopeStrategy
}
2 changes: 1 addition & 1 deletion fosite_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ func TestTokenEndpointHandlers(t *testing.T) {

func TestAuthorizedRequestValidators(t *testing.T) {
h := &oauth2.CoreValidator{}
hs := TokenValidators{}
hs := TokenIntrospectionHandlers{}
hs.Append(h)
hs.Append(h)
hs.Append(&oauth2.CoreValidator{})
Expand Down
1 change: 1 addition & 0 deletions generate-mocks.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
#!/bin/bash

mockgen -package internal -destination internal/hash.go github.com/ory-am/fosite Hasher
mockgen -package internal -destination internal/storage.go github.com/ory-am/fosite Storage
mockgen -package internal -destination internal/oauth2_storage.go github.com/ory-am/fosite/handler/oauth2 CoreStorage
mockgen -package internal -destination internal/oauth2_strategy.go github.com/ory-am/fosite/handler/oauth2 CoreStrategy
Expand Down
6 changes: 3 additions & 3 deletions handler/openid/flow_hybrid_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,13 @@ import (

"github.com/golang/mock/gomock"
"github.com/ory-am/fosite"
store "github.com/ory-am/fosite/fosite-example/pkg"
"github.com/ory-am/fosite/handler/oauth2"
"github.com/ory-am/fosite/internal"
"github.com/ory-am/fosite/token/hmac"
"github.com/ory-am/fosite/token/jwt"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
"github.com/ory-am/fosite/storage"
)

var idStrategy = &DefaultStrategy{
Expand Down Expand Up @@ -62,12 +62,12 @@ func TestHybrid_HandleAuthorizeEndpointRequest(t *testing.T) {
AccessTokenLifespan: time.Hour,
AuthCodeLifespan: time.Hour,
AccessTokenStrategy: hmacStrategy,
AuthorizeCodeGrantStorage: store.NewStore(),
AuthorizeCodeGrantStorage: storage.NewMemoryStore(),
},
AuthorizeImplicitGrantTypeHandler: &oauth2.AuthorizeImplicitGrantTypeHandler{
AccessTokenLifespan: time.Hour,
AccessTokenStrategy: hmacStrategy,
AccessTokenStorage: store.NewStore(),
AccessTokenStorage: storage.NewMemoryStore(),
},
IDTokenHandleHelper: &IDTokenHandleHelper{
IDTokenStrategy: idStrategy,
Expand Down
4 changes: 2 additions & 2 deletions handler/openid/flow_implicit_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,11 @@ import (

"github.com/golang/mock/gomock"
"github.com/ory-am/fosite"
store "github.com/ory-am/fosite/fosite-example/pkg"
"github.com/ory-am/fosite/handler/oauth2"
"github.com/ory-am/fosite/token/jwt"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
"github.com/ory-am/fosite/storage"
)

func TestImplicit_HandleAuthorizeEndpointRequest(t *testing.T) {
Expand All @@ -27,7 +27,7 @@ func TestImplicit_HandleAuthorizeEndpointRequest(t *testing.T) {
AuthorizeImplicitGrantTypeHandler: &oauth2.AuthorizeImplicitGrantTypeHandler{
AccessTokenLifespan: time.Hour,
AccessTokenStrategy: hmacStrategy,
AccessTokenStorage: store.NewStore(),
AccessTokenStorage: storage.NewMemoryStore(),
},
IDTokenHandleHelper: &IDTokenHandleHelper{
IDTokenStrategy: idStrategy,
Expand Down
2 changes: 1 addition & 1 deletion hash/hash.go → hash.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package hash
package fosite

// Hasher defines how a oauth2-compatible hasher should look like.
type Hasher interface {
Expand Down
2 changes: 1 addition & 1 deletion hash/bcyrpt.go → hash_bcrypt.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package hash
package fosite

import (
"github.com/pkg/errors"
Expand Down
2 changes: 1 addition & 1 deletion hash/bcrypt_test.go → hash_bcrypt_test.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package hash
package fosite

import (
"testing"
Expand Down
6 changes: 3 additions & 3 deletions integration/helper_setup_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,15 @@ import (

"github.com/gorilla/mux"
"github.com/ory-am/fosite"
store "github.com/ory-am/fosite/fosite-example/pkg"
"github.com/ory-am/fosite/handler/oauth2"
"github.com/ory-am/fosite/handler/openid"
"github.com/ory-am/fosite/token/hmac"
goauth "golang.org/x/oauth2"
"golang.org/x/oauth2/clientcredentials"
"github.com/ory-am/fosite/storage"
)

var fositeStore = &store.Store{
var fositeStore = &storage.MemoryStore{
Clients: map[string]*fosite.DefaultClient{
"my-client": {
ID: "my-client",
Expand All @@ -26,7 +26,7 @@ var fositeStore = &store.Store{
Scopes: []string{"fosite", "offline", "openid"},
},
},
Users: map[string]store.UserRelation{
Users: map[string]storage.MemoryUserRelation{
"peter": {
Username: "peter",
Password: "secret",
Expand Down
2 changes: 1 addition & 1 deletion internal/hash.go
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
// Automatically generated by MockGen. DO NOT EDIT!
// Source: github.com/ory-am/fosite/hash (interfaces: Hasher)
// Source: github.com/ory-am/fosite (interfaces: Hasher)

package internal

Expand Down
2 changes: 1 addition & 1 deletion introspect.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ func (f *Fosite) IntrospectToken(ctx context.Context, token string, tokenType To
var found bool = false

ar := NewAccessRequest(session)
for _, validator := range f.TokenValidators {
for _, validator := range f.TokenIntrospectionHandlers {
if err := errors.Cause(validator.IntrospectToken(ctx, token, tokenType, ar, scopes)); err == ErrUnknownRequest {
// Nothing to do
} else if err != nil {
Expand Down
6 changes: 3 additions & 3 deletions introspect_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
"github.com/golang/mock/gomock"
. "github.com/ory-am/fosite"
"github.com/ory-am/fosite/compose"
store "github.com/ory-am/fosite/fosite-example/pkg"
"github.com/ory-am/fosite/storage"
"github.com/ory-am/fosite/internal"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
Expand All @@ -20,7 +20,7 @@ func TestIntrospect(t *testing.T) {
validator := internal.NewMockTokenValidator(ctrl)
defer ctrl.Finish()

f := compose.ComposeAllEnabled(new(compose.Config), store.NewStore(), []byte{}, nil).(*Fosite)
f := compose.ComposeAllEnabled(new(compose.Config), storage.NewMemoryStore(), []byte{}, nil).(*Fosite)
httpreq := &http.Request{
Header: http.Header{
"Authorization": []string{"bearer some-token"},
Expand All @@ -45,7 +45,7 @@ func TestIntrospect(t *testing.T) {
description: "should fail",
scopes: []string{"foo"},
setup: func() {
f.TokenValidators = TokenValidators{validator}
f.TokenIntrospectionHandlers = TokenIntrospectionHandlers{validator}
validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(ErrUnknownRequest)
},
expectErr: ErrRequestUnauthorized,
Expand Down
6 changes: 3 additions & 3 deletions oauth2.go
Original file line number Diff line number Diff line change
Expand Up @@ -129,15 +129,15 @@ type OAuth2Provider interface {

// NewIntrospectionRequest initiates token introspection as defined in
// https://tools.ietf.org/search/rfc7662#section-2.1
NewIntrospectionRequest(ctx context.Context, r *http.Request, session interface{}) (IntrospectionResponse, error)
// NewIntrospectionRequest(ctx context.Context, r *http.Request, session interface{}) (IntrospectionResponse, error)

// WriteIntrospectionError responds with an error if token introspection failed as defined in
// https://tools.ietf.org/search/rfc7662#section-2.3
WriteIntrospectionError(rw http.ResponseWriter, error)
// WriteIntrospectionError(rw http.ResponseWriter, err error)

// WriteIntrospectionResponse responds with token metadata discovered by token introspection as defined in
// https://tools.ietf.org/search/rfc7662#section-2.2
WriteIntrospectionResponse(rw http.ResponseWriter, r IntrospectionResponse)
// WriteIntrospectionResponse(rw http.ResponseWriter, r IntrospectionResponse)
}

// IntrospectionResponse is the response object that will be returned when token introspection was successful,
Expand Down
8 changes: 4 additions & 4 deletions storage/memory.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"golang.org/x/net/context"
)

type UserRelation struct {
type MemoryUserRelation struct {
Username string
Password string
}
Expand All @@ -18,7 +18,7 @@ type MemoryStore struct {
AccessTokens map[string]fosite.Requester
Implicit map[string]fosite.Requester
RefreshTokens map[string]fosite.Requester
Users map[string]UserRelation
Users map[string]MemoryUserRelation
// In-memory request ID to token signatures
AccessTokenRequestIDs map[string]string
RefreshTokenRequestIDs map[string]string
Expand All @@ -32,7 +32,7 @@ func NewMemoryStore() *MemoryStore {
AccessTokens: make(map[string]fosite.Requester),
Implicit: make(map[string]fosite.Requester),
RefreshTokens: make(map[string]fosite.Requester),
Users: make(map[string]UserRelation),
Users: make(map[string]MemoryUserRelation),
AccessTokenRequestIDs: make(map[string]string),
RefreshTokenRequestIDs: make(map[string]string),
}
Expand All @@ -51,7 +51,7 @@ func NewExampleStore() *MemoryStore {
Scopes: []string{"fosite", "openid", "photos", "offline"},
},
},
Users: map[string]UserRelation{
Users: map[string]MemoryUserRelation{
"peter": {
// This store simply checks for equality, a real storage implementation would obviously use
// a hashing algorithm for encrypting the user password.
Expand Down
2 changes: 1 addition & 1 deletion rand/bytes.go → token/hmac/bytes.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package rand
package hmac

import (
"crypto/rand"
Expand Down
2 changes: 1 addition & 1 deletion rand/bytes_test.go → token/hmac/bytes_test.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package rand
package hmac

import (
"testing"
Expand Down
5 changes: 2 additions & 3 deletions token/hmac/hmacsha.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,8 @@ import (
"fmt"
"strings"

"github.com/ory-am/fosite"
"github.com/ory-am/fosite/rand"
"github.com/pkg/errors"
"github.com/ory-am/fosite"
)

// HMACStrategy is responsible for generating and validating challenges.
Expand Down Expand Up @@ -48,7 +47,7 @@ func (c *HMACStrategy) Generate() (string, string, error) {
// constructed from a cryptographically strong random or pseudo-random
// number sequence (see [RFC4086] for best current practice) generated
// by the authorization server.
key, err := rand.RandomBytes(c.AuthCodeEntropy)
key, err := RandomBytes(c.AuthCodeEntropy)
if err != nil {
return "", "", errors.Wrap(err, "")
}
Expand Down

0 comments on commit 9b7ba80

Please sign in to comment.