Bypass mode
This commit is contained in:
18
README.md
18
README.md
@@ -62,3 +62,21 @@ If default Swagger page is displayed instead of tyour api, change url in swagger
|
|||||||
│───────────────────────────────────────────────────────────►│
|
│───────────────────────────────────────────────────────────►│
|
||||||
│ │
|
│ │
|
||||||
│ ◄──────────────────────────────────────────────────────────│
|
│ ◄──────────────────────────────────────────────────────────│
|
||||||
|
|
||||||
|
Browser
|
||||||
|
↓
|
||||||
|
Hydra /oauth2/auth
|
||||||
|
↓
|
||||||
|
Redirect → /login?login_challenge=abc123
|
||||||
|
↓
|
||||||
|
Frontend Login Page
|
||||||
|
↓
|
||||||
|
POST username/password/login_challenge
|
||||||
|
↓
|
||||||
|
TON backend
|
||||||
|
↓
|
||||||
|
Hydra Admin API (accept login)
|
||||||
|
↓
|
||||||
|
Hydra retourne redirect_to
|
||||||
|
↓
|
||||||
|
Frontend redirige
|
||||||
|
|||||||
@@ -139,9 +139,11 @@ func (o *OAuthController) Refresh() {
|
|||||||
o.Data["json"] = err
|
o.Data["json"] = err
|
||||||
o.Ctx.ResponseWriter.WriteHeader(401)
|
o.Ctx.ResponseWriter.WriteHeader(401)
|
||||||
} else {
|
} else {
|
||||||
|
newToken.ExpiresIn = 3600
|
||||||
o.Data["json"] = newToken
|
o.Data["json"] = newToken
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
token.ExpiresIn = 3600
|
||||||
o.Data["json"] = token
|
o.Data["json"] = token
|
||||||
}
|
}
|
||||||
o.ServeJSON()
|
o.ServeJSON()
|
||||||
|
|||||||
2
go.mod
2
go.mod
@@ -3,7 +3,7 @@ module oc-auth
|
|||||||
go 1.24.6
|
go 1.24.6
|
||||||
|
|
||||||
require (
|
require (
|
||||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1
|
cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13
|
||||||
github.com/beego/beego/v2 v2.3.1
|
github.com/beego/beego/v2 v2.3.1
|
||||||
github.com/smartystreets/goconvey v1.7.2
|
github.com/smartystreets/goconvey v1.7.2
|
||||||
go.uber.org/zap v1.27.0
|
go.uber.org/zap v1.27.0
|
||||||
|
|||||||
2
go.sum
2
go.sum
@@ -2,6 +2,8 @@ cloud.o-forge.io/core/oc-lib v0.0.0-20260204083845-d9f646aac28b h1:/TkmuO5ERpHJC
|
|||||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260204083845-d9f646aac28b/go.mod h1:T0UCxRd8w+qCVVC0NEyDiWIGC5ADwEbQ7hFcvftd4Ks=
|
cloud.o-forge.io/core/oc-lib v0.0.0-20260204083845-d9f646aac28b/go.mod h1:T0UCxRd8w+qCVVC0NEyDiWIGC5ADwEbQ7hFcvftd4Ks=
|
||||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1 h1:CSPqJlSepu0efDRFV8tv62Fg5XP2UwSZKfaaL81YuVY=
|
cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1 h1:CSPqJlSepu0efDRFV8tv62Fg5XP2UwSZKfaaL81YuVY=
|
||||||
cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo=
|
cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo=
|
||||||
|
cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13 h1:DNIPQ7C+7wjbj5RUx29wLxuIe/wiSOcuUMlLRIv6Fvs=
|
||||||
|
cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo=
|
||||||
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
|
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
|
||||||
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
|
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
|
||||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||||
|
|||||||
@@ -71,7 +71,6 @@ func (a HydraConnector) challenge(username string, url string, challenge string,
|
|||||||
resp, err := a.Caller.CallRaw(http.MethodPut,
|
resp, err := a.Caller.CallRaw(http.MethodPut,
|
||||||
a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1],
|
a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1],
|
||||||
body, "application/json", true, cookies...) // "remember": true, "subject": username
|
body, "application/json", true, cookies...) // "remember": true, "subject": username
|
||||||
fmt.Println(a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1], resp, err)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, s[1], cookies, err
|
return nil, s[1], cookies, err
|
||||||
}
|
}
|
||||||
@@ -80,7 +79,6 @@ func (a HydraConnector) challenge(username string, url string, challenge string,
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, s[1], cookies, err
|
return nil, s[1], cookies, err
|
||||||
}
|
}
|
||||||
fmt.Println(string(b))
|
|
||||||
var token Redirect
|
var token Redirect
|
||||||
err = json.Unmarshal(b, &token)
|
err = json.Unmarshal(b, &token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -260,6 +258,11 @@ func (a HydraConnector) Introspect(token string, cookie ...*http.Cookie) (bool,
|
|||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
introspect.AccessToken = token
|
introspect.AccessToken = token
|
||||||
|
|
||||||
|
// temporary TODO : real oauth2
|
||||||
|
introspect.Active = true
|
||||||
|
introspect.ExpiresIn = 3600
|
||||||
|
|
||||||
return introspect.Active, nil
|
return introspect.Active, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user