From ab318ffb78fefb657277b7aefe759efddbf04153 Mon Sep 17 00:00:00 2001 From: Vivek Shankar Date: Sun, 1 Sep 2024 22:27:49 +0800 Subject: [PATCH] fix: add compose functions --- compose/compose_rfc8693.go | 63 +++++++++++++++++++ handler/rfc8693/access_token_type_handler.go | 2 +- .../rfc8693/actor_token_validation_handler.go | 2 +- handler/rfc8693/client.go | 2 +- handler/rfc8693/custom_jwt_type_handler.go | 22 +++++-- handler/rfc8693/flow_token_exchange.go | 2 +- handler/rfc8693/id_token_type_handler.go | 2 +- handler/rfc8693/refresh_token_type_handler.go | 2 +- handler/rfc8693/session.go | 2 +- handler/rfc8693/storage.go | 2 +- handler/rfc8693/token_exchange_test.go | 2 +- handler/rfc8693/token_type.go | 2 +- handler/rfc8693/token_type_jwt.go | 2 +- 13 files changed, 90 insertions(+), 17 deletions(-) create mode 100644 compose/compose_rfc8693.go diff --git a/compose/compose_rfc8693.go b/compose/compose_rfc8693.go new file mode 100644 index 000000000..dd91c525c --- /dev/null +++ b/compose/compose_rfc8693.go @@ -0,0 +1,63 @@ +// Copyright © 2024 Ory Corp +// SPDX-License-Identifier: Apache-2.0 + +package compose + +import ( + "github.com/ory/fosite" + "github.com/ory/fosite/handler/oauth2" + "github.com/ory/fosite/handler/openid" + "github.com/ory/fosite/handler/rfc8693" + "github.com/ory/fosite/token/jwt" +) + +// RFC8693AccessTokenTypeHandlerFactory creates a access token type handler. +func RFC8693AccessTokenTypeHandlerFactory(config fosite.Configurator, storage interface{}, strategy interface{}) interface{} { + return &rfc8693.AccessTokenTypeHandler{ + CoreStrategy: strategy.(oauth2.CoreStrategy), + Storage: storage.(rfc8693.Storage), + Config: config, + } +} + +// RFC8693RefreshTokenTypeHandlerFactory creates a refresh token type handler. +func RFC8693RefreshTokenTypeHandlerFactory(config fosite.Configurator, storage interface{}, strategy interface{}) interface{} { + return &rfc8693.RefreshTokenTypeHandler{ + CoreStrategy: strategy.(oauth2.CoreStrategy), + Storage: storage.(rfc8693.Storage), + Config: config, + } +} + +// RFC8693ActorTokenValidationHandlerFactory creates a actor token validation handler. +func RFC8693ActorTokenValidationHandlerFactory(config fosite.Configurator, storage interface{}, strategy interface{}) interface{} { + return &rfc8693.ActorTokenValidationHandler{} +} + +// RFC8693CustomJWTTypeHandlerFactory creates a custom JWT token type handler. +func RFC8693CustomJWTTypeHandlerFactory(config fosite.Configurator, storage interface{}, strategy interface{}) interface{} { + return &rfc8693.CustomJWTTypeHandler{ + JWTStrategy: strategy.(jwt.Signer), + Storage: storage.(rfc8693.Storage), + Config: config, + } +} + +// RFC8693TokenExchangeGrantHandlerFactory creates the request validation handler for token exchange. This should be the first +// in the list. +func RFC8693TokenExchangeGrantHandlerFactory(config fosite.Configurator, storage interface{}, strategy interface{}) interface{} { + return &rfc8693.TokenExchangeGrantHandler{ + Config: config, + } +} + +// RFC8693IDTokenTypeHandlerFactory creates a ID token type handler. +func RFC8693IDTokenTypeHandlerFactory(config fosite.Configurator, storage interface{}, strategy interface{}) interface{} { + return &rfc8693.IDTokenTypeHandler{ + JWTStrategy: strategy.(jwt.Signer), + Storage: storage.(rfc8693.Storage), + Config: config, + IssueStrategy: strategy.(openid.OpenIDConnectTokenStrategy), + ValidationStrategy: strategy.(openid.OpenIDConnectTokenValidationStrategy), + } +} diff --git a/handler/rfc8693/access_token_type_handler.go b/handler/rfc8693/access_token_type_handler.go index 5175977db..936b5430e 100644 --- a/handler/rfc8693/access_token_type_handler.go +++ b/handler/rfc8693/access_token_type_handler.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/actor_token_validation_handler.go b/handler/rfc8693/actor_token_validation_handler.go index 75268e337..e65c0a889 100644 --- a/handler/rfc8693/actor_token_validation_handler.go +++ b/handler/rfc8693/actor_token_validation_handler.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/client.go b/handler/rfc8693/client.go index 1494cb8d5..d94b1db30 100644 --- a/handler/rfc8693/client.go +++ b/handler/rfc8693/client.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/custom_jwt_type_handler.go b/handler/rfc8693/custom_jwt_type_handler.go index f276d309b..3651ca55d 100644 --- a/handler/rfc8693/custom_jwt_type_handler.go +++ b/handler/rfc8693/custom_jwt_type_handler.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 @@ -16,7 +16,7 @@ import ( ) type CustomJWTTypeHandler struct { - Config fosite.RFC8693ConfigProvider + Config fosite.Configurator JWTStrategy jwt.Signer Storage } @@ -32,8 +32,13 @@ func (c *CustomJWTTypeHandler) HandleTokenEndpointRequest(ctx context.Context, r return errorsx.WithStack(fosite.ErrServerError.WithDebug("Failed to perform token exchange because the session is not of the right type.")) } + teConfig, _ := c.Config.(fosite.RFC8693ConfigProvider) + if teConfig == nil { + return errorsx.WithStack(fosite.ErrServerError.WithDebug("Failed to perform token exchange because the config is not of the right type.")) + } + form := request.GetRequestForm() - tokenTypes := c.Config.GetTokenTypes(ctx) + tokenTypes := teConfig.GetTokenTypes(ctx) actorTokenType := tokenTypes[form.Get("actor_token_type")] subjectTokenType := tokenTypes[form.Get("subject_token_type")] if actorTokenType != nil && actorTokenType.GetType(ctx) == JWTTokenType { @@ -75,13 +80,18 @@ func (c *CustomJWTTypeHandler) PopulateTokenEndpointResponse(ctx context.Context return errorsx.WithStack(fosite.ErrServerError.WithDebug("Failed to perform token exchange because the session is not of the right type.")) } + teConfig, _ := c.Config.(fosite.RFC8693ConfigProvider) + if teConfig == nil { + return errorsx.WithStack(fosite.ErrServerError.WithDebug("Failed to perform token exchange because the config is not of the right type.")) + } + form := request.GetRequestForm() requestedTokenType := form.Get("requested_token_type") if requestedTokenType == "" { - requestedTokenType = c.Config.GetDefaultRequestedTokenType(ctx) + requestedTokenType = teConfig.GetDefaultRequestedTokenType(ctx) } - tokenTypes := c.Config.GetTokenTypes(ctx) + tokenTypes := teConfig.GetTokenTypes(ctx) tokenType := tokenTypes[requestedTokenType] if tokenType == nil || tokenType.GetType(ctx) != JWTTokenType { return nil @@ -106,7 +116,7 @@ func (c *CustomJWTTypeHandler) CanHandleTokenEndpointRequest(ctx context.Context return requester.GetGrantTypes().ExactOne("urn:ietf:params:oauth:grant-type:token-exchange") } -func (c *CustomJWTTypeHandler) validate(ctx context.Context, request fosite.AccessRequester, tokenType fosite.RFC8693TokenType, token string) (map[string]interface{}, error) { +func (c *CustomJWTTypeHandler) validate(ctx context.Context, _ fosite.AccessRequester, tokenType fosite.RFC8693TokenType, token string) (map[string]interface{}, error) { jwtType, _ := tokenType.(*JWTType) if jwtType == nil { diff --git a/handler/rfc8693/flow_token_exchange.go b/handler/rfc8693/flow_token_exchange.go index b2455666b..d334e1502 100644 --- a/handler/rfc8693/flow_token_exchange.go +++ b/handler/rfc8693/flow_token_exchange.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/id_token_type_handler.go b/handler/rfc8693/id_token_type_handler.go index 6c46f9c11..9b9bf9c1c 100644 --- a/handler/rfc8693/id_token_type_handler.go +++ b/handler/rfc8693/id_token_type_handler.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/refresh_token_type_handler.go b/handler/rfc8693/refresh_token_type_handler.go index 760f39b43..6c46c8908 100644 --- a/handler/rfc8693/refresh_token_type_handler.go +++ b/handler/rfc8693/refresh_token_type_handler.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/session.go b/handler/rfc8693/session.go index 5378e2db9..d2538279a 100644 --- a/handler/rfc8693/session.go +++ b/handler/rfc8693/session.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/storage.go b/handler/rfc8693/storage.go index ebc85c2da..3626c413c 100644 --- a/handler/rfc8693/storage.go +++ b/handler/rfc8693/storage.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/token_exchange_test.go b/handler/rfc8693/token_exchange_test.go index 09cffa9c0..352c68af6 100644 --- a/handler/rfc8693/token_exchange_test.go +++ b/handler/rfc8693/token_exchange_test.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693_test diff --git a/handler/rfc8693/token_type.go b/handler/rfc8693/token_type.go index d415f6981..85ec5efb3 100644 --- a/handler/rfc8693/token_type.go +++ b/handler/rfc8693/token_type.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693 diff --git a/handler/rfc8693/token_type_jwt.go b/handler/rfc8693/token_type_jwt.go index fa8d5757f..e00ca272b 100644 --- a/handler/rfc8693/token_type_jwt.go +++ b/handler/rfc8693/token_type_jwt.go @@ -1,4 +1,4 @@ -// Copyright © 2023 Ory Corp +// Copyright © 2024 Ory Corp // SPDX-License-Identifier: Apache-2.0 package rfc8693