|
|
|
package auth
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"encoding/json"
|
|
|
|
"fmt"
|
|
|
|
"log"
|
|
|
|
"net/http"
|
|
|
|
"path"
|
|
|
|
|
|
|
|
"git.phc.dm.unipi.it/phc/website/model"
|
|
|
|
)
|
|
|
|
|
|
|
|
// ldapUser represents an LDAP User, most fields are inherited from [auth.User]
|
|
|
|
type ldapUser struct {
|
|
|
|
Uid string `json:"username"`
|
|
|
|
NumericId int `json:"id"`
|
|
|
|
Name string `json:"name"`
|
|
|
|
Surname string `json:"surname"`
|
|
|
|
Email string `json:"email"`
|
|
|
|
Role string `json:"role"`
|
|
|
|
Gecos string `json:"gecos"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// AsUser converts an [ldapUser] to an instance of [auth.User]
|
|
|
|
func (u ldapUser) AsUser() *model.User {
|
|
|
|
return &model.User{
|
|
|
|
Username: u.Uid,
|
|
|
|
Name: u.Name,
|
|
|
|
Surname: u.Surname,
|
|
|
|
Email: u.Email,
|
|
|
|
FullName: u.Gecos,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// LDAPAuthService just holds the remote host of the HTTP LDAP service to make requests to
|
|
|
|
type LDAPAuthService struct {
|
|
|
|
Host string
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewLDAPAuthService(host string) Service {
|
|
|
|
return &LDAPAuthService{host}
|
|
|
|
}
|
|
|
|
|
|
|
|
// doGetRequest is a utility to make HTTP GET requests
|
|
|
|
func (a *LDAPAuthService) doGetRequest(url string, response interface{}) error {
|
|
|
|
req, err := http.NewRequest(
|
|
|
|
"GET", path.Join(a.Host, "poisson-ldap", url), bytes.NewBuffer([]byte("")),
|
|
|
|
)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
log.Printf(`GET %q resulted in %v`, url, err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
res, err := http.DefaultClient.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
log.Printf(`GET %q resulted in %v`, url, err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := json.NewDecoder(res.Body).Decode(response); err != nil {
|
|
|
|
log.Printf(`GET %q resulted in %v`, url, err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// doPostRequest is a utility to make HTTP POST requests
|
|
|
|
func (a *LDAPAuthService) doPostRequest(url string, request interface{}, response interface{}) error {
|
|
|
|
jsonStr, err := json.Marshal(request)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", path.Join(a.Host, "ldap", url), bytes.NewBuffer(jsonStr))
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
|
|
|
|
res, err := http.DefaultClient.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return json.NewDecoder(res.Body).Decode(response)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *LDAPAuthService) GetUser(username string) (*model.User, error) {
|
|
|
|
var user ldapUser
|
|
|
|
if err := a.doGetRequest(fmt.Sprintf("/user/%s", username), &user); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return user.AsUser(), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *LDAPAuthService) GetUsers() ([]*model.User, error) {
|
|
|
|
ldapUsers := []*ldapUser{}
|
|
|
|
if err := a.doGetRequest("/users", &ldapUsers); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
users := make([]*model.User, len(ldapUsers))
|
|
|
|
for i, u := range ldapUsers {
|
|
|
|
users[i] = u.AsUser()
|
|
|
|
}
|
|
|
|
|
|
|
|
return users, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *LDAPAuthService) GetSession(token string) (*model.Session, error) {
|
|
|
|
var response model.Session
|
|
|
|
if err := a.doGetRequest(fmt.Sprintf("/session/%s", token), &response); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return &response, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *LDAPAuthService) Login(username, password string) (*model.Session, error) {
|
|
|
|
reqBody := map[string]interface{}{
|
|
|
|
"username": username,
|
|
|
|
"password": password,
|
|
|
|
}
|
|
|
|
|
|
|
|
var response model.Session
|
|
|
|
if err := a.doPostRequest("/login", reqBody, &response); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return &response, nil
|
|
|
|
}
|