Revert "too much effort into the garbage"
This reverts commit a2e84379a9.
This commit is contained in:
bel
@@ -2,13 +2,12 @@ package server
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
"gitea.inhome.blapointe.com/local/oauth2"
|
||||
"gitea.inhome.blapointe.com/local/router"
|
||||
"gitea.inhome.blapointe.com/local/storage"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
@@ -56,9 +55,9 @@ func (s *Server) authorize(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
func (s *Server) genAuth(scope, user string) {
|
||||
access := uuid.New().String()
|
||||
token := uuid.New().String()
|
||||
s.store.Set(user, []byte(access), ACCESS)
|
||||
s.store.Set(user, []byte(user), ACCESS)
|
||||
s.store.Set(access, []byte(user), ACCESS)
|
||||
s.store.Set(scope+"."+access, []byte(token), TOKEN)
|
||||
}
|
||||
|
||||
func (s *Server) getAccess(scope, user string) (string, bool) {
|
||||
@@ -70,10 +69,7 @@ func (s *Server) getAccess(scope, user string) (string, bool) {
|
||||
return string(access), err == nil
|
||||
}
|
||||
|
||||
func (s *Server) verifyAccess(access string) error {
|
||||
_, err := s.store.Get(access, ACCESS)
|
||||
if err != nil {
|
||||
return fmt.Errorf("access not found: %s", access)
|
||||
}
|
||||
return nil
|
||||
func (s *Server) getToken(scope, access string) (string, bool) {
|
||||
token, err := s.store.Get(scope+"."+access, TOKEN)
|
||||
return string(token), err == nil
|
||||
}
|
||||
|
||||
@@ -2,7 +2,6 @@ package server
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"gitea.inhome.blapointe.com/local/oauth2/oauth2server/config"
|
||||
"gitea.inhome.blapointe.com/local/router"
|
||||
"gitea.inhome.blapointe.com/local/storage"
|
||||
@@ -15,6 +14,7 @@ var wildcard = router.Wildcard
|
||||
const (
|
||||
USERS = "users"
|
||||
ACCESS = "access"
|
||||
TOKEN = "token"
|
||||
SALT = "salt"
|
||||
)
|
||||
|
||||
@@ -42,6 +42,10 @@ func purgeIssuedCredentials(store storage.DB) {
|
||||
for _, access := range accesses {
|
||||
store.Set(access, nil, ACCESS)
|
||||
}
|
||||
tokens, _ := store.List([]string{TOKEN})
|
||||
for _, token := range tokens {
|
||||
store.Set(token, nil, TOKEN)
|
||||
}
|
||||
}
|
||||
|
||||
func wrapBody(title, body string) string {
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
package server
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"gitea.inhome.blapointe.com/local/router"
|
||||
"net/http"
|
||||
)
|
||||
|
||||
func (s *Server) verify(w http.ResponseWriter, r *http.Request) {
|
||||
@@ -14,8 +13,10 @@ func (s *Server) verify(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
access := r.FormValue("access")
|
||||
if err := s.verifyAccess(access); err != nil {
|
||||
token, ok := s.getToken(scope, access)
|
||||
if !ok {
|
||||
http.Error(w, "unknown access", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
w.Write([]byte(token))
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user