Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

updated GetRequestingParty APIs to support Basic client authentication #324

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

updated GetRequestingParty APIs to support Basic client authentication #324

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
583c6de
updated GetRequestingParty APIs to support Basic client authentication
vlemaitre Nov 18, 2021
3676e52
Merge branch 'main' of https://github.com/Nerzal/gocloak into feature…
vlemaitre Nov 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -222,9 +222,9 @@ type GoCloak interface {
SetRestyClient(restyClient *resty.Client)

GetToken(ctx context.Context, realm string, options TokenOptions) (*JWT, error)
GetRequestingPartyToken(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*JWT, error)
GetRequestingPartyPermissions(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error)
GetRequestingPartyPermissionDecision(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error)
GetRequestingPartyToken(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*JWT, error)
GetRequestingPartyPermissions(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error)
GetRequestingPartyPermissionDecision(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error)

Login(ctx context.Context, clientID, clientSecret, realm, username, password string) (*JWT, error)
LoginOtp(ctx context.Context, clientID, clientSecret, realm, username, password, totp string) (*JWT, error)
Expand Down
24 changes: 16 additions & 8 deletions client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,8 +84,16 @@ func (client *gocloak) getRequestWithBasicAuth(ctx context.Context, clientID, cl
return req
}

func (client *gocloak) getRequestingParty(ctx context.Context, token string, realm string, options RequestingPartyTokenOptions, res interface{}) (*resty.Response, error) {
return client.getRequestWithBearerAuth(ctx, token).
func (client *gocloak) getRequestingParty(ctx context.Context, token string, clientID string, clientSecret string, realm string, options RequestingPartyTokenOptions, res interface{}) (*resty.Response, error) {
var req *resty.Request

if !NilOrEmpty(&token) {
req = client.getRequestWithBearerAuth(ctx, token)
} else {
req = client.getRequestWithBasicAuth(ctx, clientID, clientSecret)
}

return req.
SetFormData(options.FormData()).
SetFormDataFromValues(url.Values{"permission": PStringSlice(options.Permissions)}).
SetResult(&res).
Expand Down Expand Up @@ -453,12 +461,12 @@ func (client *gocloak) GetToken(ctx context.Context, realm string, options Token
}

// GetRequestingPartyToken returns a requesting party token with permissions granted by the server
func (client *gocloak) GetRequestingPartyToken(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*JWT, error) {
func (client *gocloak) GetRequestingPartyToken(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*JWT, error) {
const errMessage = "could not get requesting party token"

var res JWT

resp, err := client.getRequestingParty(ctx, token, realm, options, &res)
resp, err := client.getRequestingParty(ctx, token, clientID, clientSecret, realm, options, &res)

if err := checkForError(resp, err, errMessage); err != nil {
return nil, err
Expand All @@ -468,14 +476,14 @@ func (client *gocloak) GetRequestingPartyToken(ctx context.Context, token, realm
}

// GetRequestingPartyPermissions returns a requesting party permissions granted by the server
func (client *gocloak) GetRequestingPartyPermissions(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error) {
func (client *gocloak) GetRequestingPartyPermissions(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error) {
const errMessage = "could not get requesting party token"

var res []RequestingPartyPermission

options.ResponseMode = StringP("permissions")

resp, err := client.getRequestingParty(ctx, token, realm, options, &res)
resp, err := client.getRequestingParty(ctx, token, clientID, clientSecret, realm, options, &res)

if err := checkForError(resp, err, errMessage); err != nil {
return nil, err
Expand All @@ -485,14 +493,14 @@ func (client *gocloak) GetRequestingPartyPermissions(ctx context.Context, token,
}

// GetRequestingPartyPermissionDecision returns a requesting party permission decision granted by the server
func (client *gocloak) GetRequestingPartyPermissionDecision(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error) {
func (client *gocloak) GetRequestingPartyPermissionDecision(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error) {
const errMessage = "could not get requesting party token"

var res RequestingPartyPermissionDecision

options.ResponseMode = StringP("decision")

resp, err := client.getRequestingParty(ctx, token, realm, options, &res)
resp, err := client.getRequestingParty(ctx, token, clientID, clientSecret, realm, options, &res)

if err := checkForError(resp, err, errMessage); err != nil {
return nil, err
Expand Down
66 changes: 66 additions & 0 deletions client_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -675,6 +675,8 @@ func Test_RetrospectRequestingPartyToken(t *testing.T) {
rpt, err := client.GetRequestingPartyToken(
context.Background(),
token.AccessToken,
"",
"",
cfg.GoCloak.Realm,
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
Expand All @@ -688,6 +690,8 @@ func Test_RetrospectRequestingPartyToken(t *testing.T) {
rpt, err = client.GetRequestingPartyToken(
context.Background(),
token.AccessToken,
"",
"",
cfg.GoCloak.Realm,
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
Expand Down Expand Up @@ -732,6 +736,8 @@ func Test_GetRequestingPartyPermissions(t *testing.T) {
context.Background(),
token.AccessToken,
"",
"",
"",
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
Permissions: &[]string{
Expand All @@ -744,6 +750,8 @@ func Test_GetRequestingPartyPermissions(t *testing.T) {
rpp, err = client.GetRequestingPartyPermissions(
context.Background(),
token.AccessToken,
"",
"",
cfg.GoCloak.Realm,
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
Expand All @@ -760,6 +768,58 @@ func Test_GetRequestingPartyPermissions(t *testing.T) {
require.Equal(t, "Default Resource", *permissions[0].ResourceName, "GetRequestingPartyPermissions failed")
}

func Test_GetRequestingPartyPermissionsBasicAuth(t *testing.T) {
// t.Parallel()
cfg := GetConfig(t)
client := NewClientWithDebug(t)
SetUpTestUser(t, client)
token, err := client.Login(
context.Background(),
cfg.GoCloak.ClientID,
cfg.GoCloak.ClientSecret,
cfg.GoCloak.Realm,
cfg.GoCloak.UserName,
cfg.GoCloak.Password)
require.NoError(t, err, "login failed")

rpp, err := client.GetRequestingPartyPermissions(
context.Background(),
"",
cfg.GoCloak.ClientID,
cfg.GoCloak.ClientSecret,
"",
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
SubjectToken: gocloak.StringP(token.AccessToken),
Permissions: &[]string{
"Default Resource",
},
})
require.Error(t, err, "GetRequestingPartyPermissions failed")
require.Nil(t, rpp)

rpp, err = client.GetRequestingPartyPermissions(
context.Background(),
"",
cfg.GoCloak.ClientID,
cfg.GoCloak.ClientSecret,
cfg.GoCloak.Realm,
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
SubjectToken: gocloak.StringP(token.AccessToken),
Permissions: &[]string{
"Default Resource",
},
})
require.NoError(t, err, "GetRequestingPartyPermissions failed")
require.NotNil(t, rpp)

t.Log(rpp)
permissions := *rpp
require.Len(t, permissions, 1, "GetRequestingPartyPermissions failed")
require.Equal(t, "Default Resource", *permissions[0].ResourceName, "GetRequestingPartyPermissions failed")
}

func Test_GetRequestingPartyPermissionDecision(t *testing.T) {
// t.Parallel()
cfg := GetConfig(t)
Expand All @@ -778,6 +838,8 @@ func Test_GetRequestingPartyPermissionDecision(t *testing.T) {
context.Background(),
token.AccessToken,
"",
"",
"",
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
})
Expand All @@ -787,6 +849,8 @@ func Test_GetRequestingPartyPermissionDecision(t *testing.T) {
dec, err = client.GetRequestingPartyPermissionDecision(
context.Background(),
token.AccessToken,
"",
"",
cfg.GoCloak.Realm,
gocloak.RequestingPartyTokenOptions{
Audience: gocloak.StringP(cfg.GoCloak.ClientID),
Expand Down Expand Up @@ -1064,6 +1128,8 @@ func Test_GetRequestingPartyToken(t *testing.T) {
rpt, err := client.GetRequestingPartyToken(
context.Background(),
newToken.AccessToken,
"",
"",
cfg.GoCloak.Realm,
gocloak.RequestingPartyTokenOptions{
Audience: &cfg.GoCloak.ClientID,
Expand Down
6 changes: 3 additions & 3 deletions gocloak.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,11 @@ type GoCloak interface {
// GetToken returns a token
GetToken(ctx context.Context, realm string, options TokenOptions) (*JWT, error)
// GetRequestingPartyToken returns a requesting party token with permissions granted by the server
GetRequestingPartyToken(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*JWT, error)
GetRequestingPartyToken(ctx context.Context, token, clientID, cliientSecret, realm string, options RequestingPartyTokenOptions) (*JWT, error)
// GetRequestingPartyPermissions returns a permissions granted by the server to requesting party
GetRequestingPartyPermissions(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error)
GetRequestingPartyPermissions(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error)
// GetRequestingPartyPermissionDecision returns a permission decision granted by the server to requesting party
GetRequestingPartyPermissionDecision(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error)
GetRequestingPartyPermissionDecision(ctx context.Context, token, clientID, clientSecret, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error)
// Login sends a request to the token endpoint using user and client credentials
Login(ctx context.Context, clientID, clientSecret, realm, username, password string) (*JWT, error)
// LoginOtp performs a login with user credentials and otp token
Expand Down