-
Notifications
You must be signed in to change notification settings - Fork 89
/
main.go
119 lines (101 loc) · 2.8 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package main
import (
"context"
"crypto/rsa"
"flag"
"log"
"net/http"
"os"
"time"
"github.com/golang-jwt/jwt/v4"
"github.com/interuss/dss/cmds/dummy-oauth/api"
"github.com/interuss/dss/cmds/dummy-oauth/api/dummyoauth"
)
var (
address = flag.String("addr", ":8085", "address")
keyFile = flag.String("private_key_file", "build/test-certs/auth2.key", "OAuth private key file")
)
type DummyOAuthImplementation struct {
PrivateKey *rsa.PrivateKey
}
func (s *DummyOAuthImplementation) GetToken(ctx context.Context, req *dummyoauth.GetTokenRequest) dummyoauth.GetTokenResponseSet {
resp := dummyoauth.GetTokenResponseSet{}
var intendedAudience string
if req.IntendedAudience != nil {
intendedAudience = *req.IntendedAudience
} else {
msg := "Missing `intended_audience` query parameter"
resp.Response400 = &dummyoauth.BadRequestResponse{Message: &msg}
return resp
}
var scope string
if req.Scope != nil {
scope = *req.Scope
} else {
msg := "Missing `scope` query parameter"
resp.Response400 = &dummyoauth.BadRequestResponse{Message: &msg}
return resp
}
var issuer string
if req.Issuer != nil {
issuer = *req.Issuer
} else {
issuer = "dummyoauth"
}
var expireTime int64
if req.Expire == nil {
expireTime = time.Now().Add(time.Hour).Unix()
} else {
expireTime = int64(*req.Expire)
}
var sub string
if req.Sub != nil {
sub = *req.Sub
} else {
sub = "fake_uss"
}
token := jwt.NewWithClaims(jwt.SigningMethodRS256, jwt.MapClaims{
"aud": intendedAudience,
"scope": scope,
"iss": issuer,
"exp": expireTime,
"sub": sub,
})
// Sign and get the complete encoded token as a string using the secret
tokenString, err := token.SignedString(s.PrivateKey)
if err != nil {
resp.Response500 = &api.InternalServerErrorBody{ErrorMessage: err.Error()}
return resp
}
resp.Response200 = &dummyoauth.TokenResponse{AccessToken: tokenString}
return resp
}
type PermissiveAuthorizer struct{}
func (*PermissiveAuthorizer) Authorize(w http.ResponseWriter, r *http.Request, authOptions []api.AuthorizationOption) api.AuthorizationResult {
return api.AuthorizationResult{}
}
func main() {
flag.Parse()
// Read private key
bytes, err := os.ReadFile(*keyFile)
if err != nil {
log.Panic(err)
}
privateKey, err := jwt.ParseRSAPrivateKeyFromPEM(bytes)
if err != nil {
log.Panic(err)
}
// Define and start HTTP server
impl := DummyOAuthImplementation{PrivateKey: privateKey}
router := dummyoauth.MakeAPIRouter(&impl, &PermissiveAuthorizer{})
multiRouter := api.MultiRouter{Routers: []api.PartialRouter{&router}}
s := &http.Server{
Addr: *address,
Handler: &multiRouter,
ReadHeaderTimeout: 15 * time.Second,
ReadTimeout: 15 * time.Second,
WriteTimeout: 10 * time.Second,
IdleTimeout: 30 * time.Second,
}
log.Fatal(s.ListenAndServe())
}