mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-01-05 03:40:01 -06:00
2c98d3246c
* initial webfinger stub Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * add webfinger to proxy, return current host Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * some cleanup Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * allow passing multiple rel params Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * introduce interfaces Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * parse oidc auth token Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * add templating, drop chain, use map of relation providers Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * fix ocis url yaml Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * fix typos Co-authored-by: Dominik Schmidt <dschmidt@owncloud.com> * switch to userinfo claims Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * readme cleanup Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * add TODO.md with ideas Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * replace subject on authenticated request responses Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * Apply suggestions from code review Co-authored-by: Martin <github@diemattels.at> * markdown lint Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * return a 401 when bearer token expired, some more docs Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * Apply suggestions from code review Co-authored-by: Martin <github@diemattels.at> * fix docs Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * clarify env var Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * extract handler func Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * use correct service in reflex.conf Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * test relations Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> * Update services/webfinger/pkg/config/config.go --------- Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de> Co-authored-by: Dominik Schmidt <dschmidt@owncloud.com> Co-authored-by: Martin <github@diemattels.at>
88 lines
2.4 KiB
Go
88 lines
2.4 KiB
Go
package relations
|
|
|
|
import (
|
|
"context"
|
|
"net/url"
|
|
"regexp"
|
|
"strings"
|
|
"text/template"
|
|
|
|
"github.com/owncloud/ocis/v2/ocis-pkg/oidc"
|
|
"github.com/owncloud/ocis/v2/services/webfinger/pkg/config"
|
|
"github.com/owncloud/ocis/v2/services/webfinger/pkg/service/v0"
|
|
"github.com/owncloud/ocis/v2/services/webfinger/pkg/webfinger"
|
|
)
|
|
|
|
const (
|
|
OwnCloudInstanceRel = "http://webfinger.owncloud/rel/server-instance"
|
|
)
|
|
|
|
type compiledInstance struct {
|
|
config.Instance
|
|
compiledRegex *regexp.Regexp
|
|
hrefTemplate *template.Template
|
|
}
|
|
|
|
type ownCloudInstance struct {
|
|
instances []compiledInstance
|
|
ocisURL string
|
|
instanceHost string
|
|
}
|
|
|
|
// OwnCloudInstance adds one or more ownCloud instance relations
|
|
func OwnCloudInstance(instances []config.Instance, ocisURL string) (service.RelationProvider, error) {
|
|
compiledInstances := make([]compiledInstance, 0, len(instances))
|
|
var err error
|
|
for _, instance := range instances {
|
|
compiled := compiledInstance{Instance: instance}
|
|
compiled.compiledRegex, err = regexp.Compile(instance.Regex)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
compiled.hrefTemplate, err = template.New(instance.Claim + ":" + instance.Regex + ":" + instance.Href).Parse(instance.Href)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
compiledInstances = append(compiledInstances, compiled)
|
|
}
|
|
|
|
u, err := url.Parse(ocisURL)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &ownCloudInstance{
|
|
instances: compiledInstances,
|
|
ocisURL: ocisURL,
|
|
instanceHost: u.Host + u.Path,
|
|
}, nil
|
|
}
|
|
|
|
func (l *ownCloudInstance) Add(ctx context.Context, jrd *webfinger.JSONResourceDescriptor) {
|
|
if jrd == nil {
|
|
jrd = &webfinger.JSONResourceDescriptor{}
|
|
}
|
|
if claims := oidc.FromContext(ctx); claims != nil {
|
|
if value, ok := claims[oidc.PreferredUsername].(string); ok {
|
|
jrd.Subject = "acct:" + value + "@" + l.instanceHost
|
|
} else if value, ok := claims[oidc.Email].(string); ok {
|
|
jrd.Subject = "mailto:" + value
|
|
}
|
|
// allow referencing OCIS_URL in the template
|
|
claims["OCIS_URL"] = l.ocisURL
|
|
for _, instance := range l.instances {
|
|
if value, ok := claims[instance.Claim].(string); ok && instance.compiledRegex.MatchString(value) {
|
|
var tmplWriter strings.Builder
|
|
instance.hrefTemplate.Execute(&tmplWriter, claims)
|
|
jrd.Links = append(jrd.Links, webfinger.Link{
|
|
Rel: OwnCloudInstanceRel,
|
|
Href: tmplWriter.String(),
|
|
Titles: instance.Titles,
|
|
})
|
|
if instance.Break {
|
|
break
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|