Skip to content

Commit

Permalink
Format code before release
Browse files Browse the repository at this point in the history
  • Loading branch information
@mathieuancelin
mathieuancelin committed Feb 18, 2019
1 parent 83d7363 commit 9bfb0cb
Show file tree
Hide file tree
Showing 8 changed files with 1,427 additions and 1,341 deletions.
66 changes: 36 additions & 30 deletions otoroshi/app/auth/oauth.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,27 +87,27 @@ case class GenericOauth2ModuleConfig(
def `type`: String = "oauth2"
override def authModule(config: GlobalConfig): AuthModule = GenericOauth2Module(this)
override def asJson = Json.obj(
"type" -> "oauth2",
"id" -> this.id,
"name" -> this.name,
"desc" -> this.desc,
"sessionMaxAge" -> this.sessionMaxAge,
"clientId" -> this.clientId,
"clientSecret" -> this.clientSecret,
"authorizeUrl" -> this.authorizeUrl,
"tokenUrl" -> this.tokenUrl,
"userInfoUrl" -> this.userInfoUrl,
"loginUrl" -> this.loginUrl,
"logoutUrl" -> this.logoutUrl,
"scope" -> this.scope,
"useJson" -> this.useJson,
"type" -> "oauth2",
"id" -> this.id,
"name" -> this.name,
"desc" -> this.desc,
"sessionMaxAge" -> this.sessionMaxAge,
"clientId" -> this.clientId,
"clientSecret" -> this.clientSecret,
"authorizeUrl" -> this.authorizeUrl,
"tokenUrl" -> this.tokenUrl,
"userInfoUrl" -> this.userInfoUrl,
"loginUrl" -> this.loginUrl,
"logoutUrl" -> this.logoutUrl,
"scope" -> this.scope,
"useJson" -> this.useJson,
"readProfileFromToken" -> this.readProfileFromToken,
"accessTokenField" -> this.accessTokenField,
"jwtVerifier" -> jwtVerifier.map(_.asJson).getOrElse(JsNull).as[JsValue],
"nameField" -> this.nameField,
"emailField" -> this.emailField,
"otoroshiDataField" -> this.otoroshiDataField,
"callbackUrl" -> this.callbackUrl
"accessTokenField" -> this.accessTokenField,
"jwtVerifier" -> jwtVerifier.map(_.asJson).getOrElse(JsNull).as[JsValue],
"nameField" -> this.nameField,
"emailField" -> this.emailField,
"otoroshiDataField" -> this.otoroshiDataField,
"callbackUrl" -> this.callbackUrl
)
def save()(implicit ec: ExecutionContext, env: Env): Future[Boolean] = env.datastores.authConfigsDataStore.set(this)
override def cookieSuffix(desc: ServiceDescriptor) = s"global-oauth-$id"
Expand Down Expand Up @@ -222,14 +222,17 @@ case class GenericOauth2Module(authConfig: OAuth2ModuleConfig) extends AuthModul
)
)(writeableOf_urlEncodedSimpleForm)
}
future1.flatMap { resp =>
future1
.flatMap { resp =>
val accessToken = (resp.json \ authConfig.accessTokenField).as[String]
if (authConfig.readProfileFromToken && authConfig.jwtVerifier.isDefined) {
val algoSettings = authConfig.jwtVerifier.get
val tokenHeader = Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(0)))).getOrElse(Json.obj())
val tokenBody = Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(1)))).getOrElse(Json.obj())
val kid = (tokenHeader \ "kid").asOpt[String]
val alg = (tokenHeader \ "alg").asOpt[String].getOrElse("RS256")
val tokenHeader =
Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(0)))).getOrElse(Json.obj())
val tokenBody =
Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(1)))).getOrElse(Json.obj())
val kid = (tokenHeader \ "kid").asOpt[String]
val alg = (tokenHeader \ "alg").asOpt[String].getOrElse("RS256")
algoSettings.asAlgorithmF(InputMode(alg, kid)).flatMap {
case Some(algo) => {
Try(JWT.require(algo).acceptLeeway(10000).build().verify(accessToken)).map { _ =>
Expand Down Expand Up @@ -323,14 +326,17 @@ case class GenericOauth2Module(authConfig: OAuth2ModuleConfig) extends AuthModul
)
)(writeableOf_urlEncodedSimpleForm)
}
future1.flatMap { resp =>
future1
.flatMap { resp =>
val accessToken = (resp.json \ authConfig.accessTokenField).as[String]
if (authConfig.readProfileFromToken && authConfig.jwtVerifier.isDefined) {
val algoSettings = authConfig.jwtVerifier.get
val tokenHeader = Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(0)))).getOrElse(Json.obj())
val tokenBody = Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(1)))).getOrElse(Json.obj())
val kid = (tokenHeader \ "kid").asOpt[String]
val alg = (tokenHeader \ "alg").asOpt[String].getOrElse("RS256")
val tokenHeader =
Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(0)))).getOrElse(Json.obj())
val tokenBody =
Try(Json.parse(ApacheBase64.decodeBase64(accessToken.split("\\.")(1)))).getOrElse(Json.obj())
val kid = (tokenHeader \ "kid").asOpt[String]
val alg = (tokenHeader \ "alg").asOpt[String].getOrElse("RS256")
algoSettings.asAlgorithmF(InputMode(alg, kid)).flatMap {
case Some(algo) => {
Try(JWT.require(algo).acceptLeeway(10000).build().verify(accessToken)).map { _ =>
Expand Down
95 changes: 56 additions & 39 deletions otoroshi/app/controllers/BackOfficeController.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -754,18 +754,22 @@ class BackOfficeController(BackOfficeAction: BackOfficeAction,
}

def fetchOpenIdConfiguration() = BackOfficeActionAuth.async(parse.json) { ctx =>

import scala.concurrent.duration._

val id = (ctx.request.body \ "id").asOpt[String].getOrElse(IdGenerator.token(64))
val id = (ctx.request.body \ "id").asOpt[String].getOrElse(IdGenerator.token(64))
val name = (ctx.request.body \ "name").asOpt[String].getOrElse("new oauth config")
val desc = (ctx.request.body \ "desc").asOpt[String].getOrElse("new oauth config")
(ctx.request.body \ "url").asOpt[String] match {
case None => FastFuture.successful(Ok(GenericOauth2ModuleConfig(
id = id,
name = name,
desc = desc
).asJson))
case None =>
FastFuture.successful(
Ok(
GenericOauth2ModuleConfig(
id = id,
name = name,
desc = desc
).asJson
)
)
case Some(url) => {
env.Ws.url(url).withRequestTimeout(10.seconds).get().map { resp =>
if (resp.status == 200) {
Expand All @@ -775,44 +779,57 @@ class BackOfficeController(BackOfficeAction: BackOfficeAction,
name = name,
desc = desc
)
val body = Json.parse(resp.body)
val issuer = (body \ "issuer").asOpt[String].getOrElse("http://localhost:8082/")
val tokenUrl = (body \ "token_endpoint").asOpt[String].getOrElse(config.tokenUrl)
val body = Json.parse(resp.body)
val issuer = (body \ "issuer").asOpt[String].getOrElse("http://localhost:8082/")
val tokenUrl = (body \ "token_endpoint").asOpt[String].getOrElse(config.tokenUrl)
val authorizeUrl = (body \ "authorization_endpoint").asOpt[String].getOrElse(config.authorizeUrl)
val userInfoUrl = (body \ "userinfo_endpoint").asOpt[String].getOrElse(config.userInfoUrl)
val loginUrl = (body \ "authorization_endpoint").asOpt[String].getOrElse(authorizeUrl)
val logoutUrl = (body \ "end_session_endpoint").asOpt[String].getOrElse((issuer + "/logout").replace("//logout", "/logout"))
val userInfoUrl = (body \ "userinfo_endpoint").asOpt[String].getOrElse(config.userInfoUrl)
val loginUrl = (body \ "authorization_endpoint").asOpt[String].getOrElse(authorizeUrl)
val logoutUrl = (body \ "end_session_endpoint")
.asOpt[String]
.getOrElse((issuer + "/logout").replace("//logout", "/logout"))
val jwksUri = (body \ "jwks_uri").asOpt[String]
Ok(config.copy(
tokenUrl = tokenUrl,
authorizeUrl = authorizeUrl,
userInfoUrl = userInfoUrl,
loginUrl = loginUrl,
logoutUrl = logoutUrl,
accessTokenField = jwksUri.map(_ => "id_token").getOrElse("access_token"),
useJson = true,
readProfileFromToken = jwksUri.isDefined,
jwtVerifier = jwksUri.map(url => JWKSAlgoSettings(
url = url,
headers = Map.empty[String, String],
timeout = FiniteDuration(2000, TimeUnit.MILLISECONDS),
ttl = FiniteDuration(60 * 60 * 1000, TimeUnit.MILLISECONDS),
kty = KeyType.RSA
))
).asJson)
Ok(
config
.copy(
tokenUrl = tokenUrl,
authorizeUrl = authorizeUrl,
userInfoUrl = userInfoUrl,
loginUrl = loginUrl,
logoutUrl = logoutUrl,
accessTokenField = jwksUri.map(_ => "id_token").getOrElse("access_token"),
useJson = true,
readProfileFromToken = jwksUri.isDefined,
jwtVerifier = jwksUri.map(
url =>
JWKSAlgoSettings(
url = url,
headers = Map.empty[String, String],
timeout = FiniteDuration(2000, TimeUnit.MILLISECONDS),
ttl = FiniteDuration(60 * 60 * 1000, TimeUnit.MILLISECONDS),
kty = KeyType.RSA
)
)
)
.asJson
)
} getOrElse {
Ok(GenericOauth2ModuleConfig(
Ok(
GenericOauth2ModuleConfig(
id = id,
name = name,
desc = desc
).asJson
)
}
} else {
Ok(
GenericOauth2ModuleConfig(
id = id,
name = name,
desc = desc
).asJson)
}
} else {
Ok(GenericOauth2ModuleConfig(
id = id,
name = name,
desc = desc
).asJson)
).asJson
)
}
}
}
Expand Down
6 changes: 4 additions & 2 deletions otoroshi/app/env/Env.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,9 +138,11 @@ class Env(val configuration: Configuration,
lazy val clusterAgent: ClusterAgent = ClusterAgent(clusterConfig, this)
lazy val clusterLeaderAgent: ClusterLeaderAgent = ClusterLeaderAgent(clusterConfig, this)

lazy val globalMaintenanceMode: Boolean = configuration.getOptional[Boolean]("otoroshi.maintenanceMode").getOrElse(false)
lazy val globalMaintenanceMode: Boolean =
configuration.getOptional[Boolean]("otoroshi.maintenanceMode").getOrElse(false)

lazy val requestTimeout: FiniteDuration = configuration.getOptional[Int]("app.proxy.requestTimeout").map(_.millis).getOrElse(1.hour)
lazy val requestTimeout: FiniteDuration =
configuration.getOptional[Int]("app.proxy.requestTimeout").map(_.millis).getOrElse(1.hour)
lazy val healthAccessKey: Option[String] = configuration.getOptional[String]("app.health.accessKey")
lazy val overheadThreshold: Double = configuration.getOptional[Double]("app.overheadThreshold").getOrElse(500.0)
lazy val healthLimit: Double = configuration.getOptional[Double]("app.health.limit").getOrElse(1000.0)
Expand Down
Loading

0 comments on commit 9bfb0cb

Please sign in to comment.