OAuth working. Config refactor to actually work.

glide.yaml

@@ -6,3 +6,5 @@ import:
 - package: github.com/gin-gonic/gin
   version: ^1.1.4
 - package: github.com/spf13/viper
+- package: gopkg.in/ldap.v2
+  version: ^2.5.0

main.go

@@ -34,11 +34,12 @@ Usage:
 	brood --version
 
 Options:
-	--config <config>            The brood config [default: /etc/brood/brood.json].
+	--config <config>            The brood config [default: /etc/brood/brood.toml].
 	--help                       Show this screen.
 	--version                    Show version.
 `
 
+// main entrypoint
 func main() {
 	// Parse args
 	args, argsErr := docopt.Parse(usage, nil, true, version, false)
@@ -53,12 +54,8 @@ func main() {
 	if args["server"].(bool) {
 		// Load config
 		configFile := args["--config"].(string)
-		log.Printf("using config: %v\n", configFile)
 
-		config, configError := config.LoadConfig(configFile)
-		if configError != nil {
-			log.Printf("unable to read config file %v: %v\n", configFile, configError)
-		}
+		config := config.LoadConfig(configFile)
 
 		// Build and run web server
 		serv := server.BuildServer()

server/apiv1/apiv1.go

@@ -0,0 +1,17 @@
+package apiv1
+
+import (
+	"github.com/Buhrietoe/brood/server/middleware"
+
+	"github.com/gin-gonic/gin"
+)
+
+// func apiV1 defines routes of the v1 rest api
+func APIV1(api gin.RouterGroup) {
+	api.Use(middleware.ServerHeader("brood/api/v1"))
+
+	// Test endpoint
+	api.GET("/ping", func(c *gin.Context) {
+		c.String(200, "pong")
+	})
+}

server/apiv1/auth/auth.go

@@ -0,0 +1,15 @@
+package auth
+
+import "github.com/Buhrietoe/brood/server/apiv1/auth/oauth"
+
+type Auth struct {
+	OAuth oauth.OAuthProvider // OAuth config
+}
+
+// Provider interface for authentication providers
+type Provider interface {
+	Authenticate(username, password string) (authenticated bool, token string, err error)
+	SetSigningKey(key string)
+	Connect() error
+	Close()
+}

server/apiv1/auth/oauth/oauth.go

@@ -0,0 +1,88 @@
+package oauth
+
+import (
+	"bytes"
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"time"
+
+	tk "github.com/Buhrietoe/brood/server/apiv1/auth/token"
+)
+
+type OAuthProvider struct {
+	Host         string `toml:"host"`
+	ClientID     string `toml:"client_id"`
+	ResponseType string `toml:"response_type"`
+	signingKey   string
+}
+
+func (op *OAuthProvider) SetSigningKey(key string) {
+	op.signingKey = key
+}
+
+func (op *OAuthProvider) Authenticate(username, password string) (authenticated bool, token string, err error) {
+	tr := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
+	client := &http.Client{
+		Transport: tr,
+		CheckRedirect: func(req *http.Request, via []*http.Request) error {
+			return http.ErrUseLastResponse
+		},
+	}
+
+	url := fmt.Sprintf("https://%s/oauth/authorize", op.Host)
+
+	body := bytes.NewBuffer([]byte(`{}`))
+	req, err := http.NewRequest("POST", url, body)
+
+	if err != nil {
+		OAuthFailed(err)
+		return
+	}
+
+	q := req.URL.Query()
+	q.Add("client_id", op.ClientID)
+	q.Add("response_type", op.ResponseType)
+	req.URL.RawQuery = q.Encode()
+
+	req.Header.Add("Content-Type", "application/json; charset=utf-8")
+	req.SetBasicAuth(username, password)
+
+	err = req.ParseForm()
+	if err != nil {
+		OAuthFailed(err)
+		return
+	}
+
+	resp, err := client.Do(req)
+
+	if err != nil {
+		OAuthFailed(err)
+		return
+	}
+
+	if resp.StatusCode == 302 {
+		authenticated = true
+		token = tk.CreateExpiringToken(username, op.signingKey, time.Hour*48, "oauth")
+		return
+	} else {
+		message, _ := ioutil.ReadAll(resp.Body)
+		OAuthFailed(errors.New(fmt.Sprintf("response code: %d message: %s", resp.StatusCode, message)))
+		return
+	}
+}
+
+func OAuthFailed(err error) {
+	fmt.Println("oauth failed: ", err.Error())
+}
+
+func (op *OAuthProvider) Connect() error {
+	return nil
+}
+func (op *OAuthProvider) Close() {
+
+}