2016-07-25 20:00:28 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
2016-08-25 20:10:19 +00:00
|
|
|
"fmt"
|
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
2016-07-25 20:00:28 +00:00
|
|
|
"net/http"
|
2016-11-30 22:26:54 +00:00
|
|
|
"os"
|
2016-08-25 20:10:19 +00:00
|
|
|
"path/filepath"
|
|
|
|
"sort"
|
2016-11-30 22:26:54 +00:00
|
|
|
"strings"
|
2016-07-25 20:00:28 +00:00
|
|
|
"text/template"
|
2016-08-25 20:10:19 +00:00
|
|
|
)
|
2016-07-25 20:00:28 +00:00
|
|
|
|
2016-08-25 20:10:19 +00:00
|
|
|
const (
|
|
|
|
tmplApproval = "approval.html"
|
|
|
|
tmplLogin = "login.html"
|
|
|
|
tmplPassword = "password.html"
|
2016-10-19 19:45:17 +00:00
|
|
|
tmplOOB = "oob.html"
|
2016-07-25 20:00:28 +00:00
|
|
|
)
|
|
|
|
|
2016-08-25 20:10:19 +00:00
|
|
|
var requiredTmpls = []string{
|
|
|
|
tmplApproval,
|
|
|
|
tmplLogin,
|
|
|
|
tmplPassword,
|
2016-10-19 19:45:17 +00:00
|
|
|
tmplOOB,
|
2016-08-25 20:10:19 +00:00
|
|
|
}
|
|
|
|
|
2016-11-30 22:26:54 +00:00
|
|
|
type templates struct {
|
|
|
|
loginTmpl *template.Template
|
|
|
|
approvalTmpl *template.Template
|
|
|
|
passwordTmpl *template.Template
|
|
|
|
oobTmpl *template.Template
|
|
|
|
}
|
2016-08-25 20:10:19 +00:00
|
|
|
|
2016-11-30 22:26:54 +00:00
|
|
|
type webConfig struct {
|
|
|
|
dir string
|
|
|
|
logoURL string
|
|
|
|
issuer string
|
|
|
|
theme string
|
|
|
|
issuerURL string
|
2016-08-25 20:10:19 +00:00
|
|
|
}
|
|
|
|
|
2016-11-30 22:26:54 +00:00
|
|
|
func join(base, path string) string {
|
|
|
|
b := strings.HasSuffix(base, "/")
|
|
|
|
p := strings.HasPrefix(path, "/")
|
|
|
|
switch {
|
|
|
|
case b && p:
|
|
|
|
return base + path[1:]
|
|
|
|
case b || p:
|
|
|
|
return base + path
|
|
|
|
default:
|
|
|
|
return base + "/" + path
|
|
|
|
}
|
2016-08-25 20:10:19 +00:00
|
|
|
}
|
|
|
|
|
2016-11-30 22:26:54 +00:00
|
|
|
func dirExists(dir string) error {
|
|
|
|
stat, err := os.Stat(dir)
|
|
|
|
if err != nil {
|
|
|
|
if os.IsNotExist(err) {
|
|
|
|
return fmt.Errorf("directory %q does not exist", dir)
|
2016-08-25 20:10:19 +00:00
|
|
|
}
|
2016-11-30 22:26:54 +00:00
|
|
|
return fmt.Errorf("stat directory %q: %v", dir, err)
|
|
|
|
}
|
|
|
|
if !stat.IsDir() {
|
|
|
|
return fmt.Errorf("path %q is a file not a directory", dir)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// loadWebConfig returns static assets, theme assets, and templates used by the frontend by
|
|
|
|
// reading the directory specified in the webConfig.
|
|
|
|
//
|
|
|
|
// The directory layout is expected to be:
|
|
|
|
//
|
|
|
|
// ( web directory )
|
|
|
|
// |- static
|
|
|
|
// |- themes
|
|
|
|
// | |- (theme name)
|
|
|
|
// |- templates
|
|
|
|
//
|
|
|
|
func loadWebConfig(c webConfig) (static, theme http.Handler, templates *templates, err error) {
|
|
|
|
if c.theme == "" {
|
|
|
|
c.theme = "coreos"
|
|
|
|
}
|
|
|
|
if c.issuer == "" {
|
|
|
|
c.issuer = "dex"
|
|
|
|
}
|
|
|
|
if c.dir == "" {
|
|
|
|
c.dir = "./web"
|
|
|
|
}
|
|
|
|
if c.logoURL == "" {
|
|
|
|
c.logoURL = join(c.issuerURL, "theme/logo.png")
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := dirExists(c.dir); err != nil {
|
|
|
|
return nil, nil, nil, fmt.Errorf("load web dir: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
staticDir := filepath.Join(c.dir, "static")
|
|
|
|
templatesDir := filepath.Join(c.dir, "templates")
|
|
|
|
themeDir := filepath.Join(c.dir, "themes", c.theme)
|
|
|
|
|
|
|
|
for _, dir := range []string{staticDir, templatesDir, themeDir} {
|
|
|
|
if err := dirExists(dir); err != nil {
|
|
|
|
return nil, nil, nil, fmt.Errorf("load dir: %v", err)
|
2016-08-25 20:10:19 +00:00
|
|
|
}
|
2016-11-30 22:26:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static = http.FileServer(http.Dir(staticDir))
|
|
|
|
theme = http.FileServer(http.Dir(themeDir))
|
|
|
|
|
|
|
|
templates, err = loadTemplates(c, templatesDir)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// loadTemplates parses the expected templates from the provided directory.
|
|
|
|
func loadTemplates(c webConfig, templatesDir string) (*templates, error) {
|
|
|
|
files, err := ioutil.ReadDir(templatesDir)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("read dir: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
filenames := []string{}
|
|
|
|
for _, file := range files {
|
|
|
|
if file.IsDir() {
|
|
|
|
continue
|
2016-08-25 20:10:19 +00:00
|
|
|
}
|
2016-11-30 22:26:54 +00:00
|
|
|
filenames = append(filenames, filepath.Join(templatesDir, file.Name()))
|
|
|
|
}
|
|
|
|
if len(filenames) == 0 {
|
|
|
|
return nil, fmt.Errorf("no files in template dir %q", templatesDir)
|
2016-08-25 20:10:19 +00:00
|
|
|
}
|
|
|
|
|
2016-11-30 22:26:54 +00:00
|
|
|
funcs := map[string]interface{}{
|
|
|
|
"issuer": func() string { return c.issuer },
|
|
|
|
"logo": func() string { return c.logoURL },
|
|
|
|
"url": func(s string) string { return join(c.issuerURL, s) },
|
|
|
|
}
|
|
|
|
|
|
|
|
tmpls, err := template.New("").Funcs(funcs).ParseFiles(filenames...)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("parse files: %v", err)
|
|
|
|
}
|
2016-08-25 20:10:19 +00:00
|
|
|
missingTmpls := []string{}
|
|
|
|
for _, tmplName := range requiredTmpls {
|
|
|
|
if tmpls.Lookup(tmplName) == nil {
|
|
|
|
missingTmpls = append(missingTmpls, tmplName)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if len(missingTmpls) > 0 {
|
|
|
|
return nil, fmt.Errorf("missing template(s): %s", missingTmpls)
|
|
|
|
}
|
|
|
|
return &templates{
|
|
|
|
loginTmpl: tmpls.Lookup(tmplLogin),
|
|
|
|
approvalTmpl: tmpls.Lookup(tmplApproval),
|
|
|
|
passwordTmpl: tmpls.Lookup(tmplPassword),
|
2016-10-19 19:45:17 +00:00
|
|
|
oobTmpl: tmpls.Lookup(tmplOOB),
|
2016-08-25 20:10:19 +00:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
var scopeDescriptions = map[string]string{
|
|
|
|
"offline_access": "Have offline access",
|
|
|
|
"profile": "View basic profile information",
|
|
|
|
"email": "View your email",
|
|
|
|
}
|
|
|
|
|
2016-07-25 20:00:28 +00:00
|
|
|
type connectorInfo struct {
|
2016-08-25 20:10:19 +00:00
|
|
|
ID string
|
|
|
|
Name string
|
|
|
|
URL string
|
2016-07-25 20:00:28 +00:00
|
|
|
}
|
|
|
|
|
2016-08-25 20:10:19 +00:00
|
|
|
type byName []connectorInfo
|
|
|
|
|
|
|
|
func (n byName) Len() int { return len(n) }
|
|
|
|
func (n byName) Less(i, j int) bool { return n[i].Name < n[j].Name }
|
|
|
|
func (n byName) Swap(i, j int) { n[i], n[j] = n[j], n[i] }
|
|
|
|
|
2016-12-12 22:54:01 +00:00
|
|
|
func (t *templates) login(w http.ResponseWriter, connectors []connectorInfo, authReqID string) error {
|
2016-08-25 20:10:19 +00:00
|
|
|
sort.Sort(byName(connectors))
|
|
|
|
|
2016-07-25 20:00:28 +00:00
|
|
|
data := struct {
|
|
|
|
Connectors []connectorInfo
|
2016-10-27 17:20:30 +00:00
|
|
|
AuthReqID string
|
2016-11-30 22:26:54 +00:00
|
|
|
}{connectors, authReqID}
|
2016-12-12 22:54:01 +00:00
|
|
|
return renderTemplate(w, t.loginTmpl, data)
|
2016-07-25 20:00:28 +00:00
|
|
|
}
|
|
|
|
|
2016-12-12 22:54:01 +00:00
|
|
|
func (t *templates) password(w http.ResponseWriter, authReqID, callback, lastUsername string, lastWasInvalid bool) error {
|
2016-07-25 20:00:28 +00:00
|
|
|
data := struct {
|
2016-10-27 17:20:30 +00:00
|
|
|
AuthReqID string
|
|
|
|
PostURL string
|
|
|
|
Username string
|
|
|
|
Invalid bool
|
2016-11-30 22:26:54 +00:00
|
|
|
}{authReqID, string(callback), lastUsername, lastWasInvalid}
|
2016-12-12 22:54:01 +00:00
|
|
|
return renderTemplate(w, t.passwordTmpl, data)
|
2016-07-25 20:00:28 +00:00
|
|
|
}
|
|
|
|
|
2016-12-12 22:54:01 +00:00
|
|
|
func (t *templates) approval(w http.ResponseWriter, authReqID, username, clientName string, scopes []string) error {
|
2016-08-25 20:10:19 +00:00
|
|
|
accesses := []string{}
|
|
|
|
for _, scope := range scopes {
|
|
|
|
access, ok := scopeDescriptions[scope]
|
|
|
|
if ok {
|
|
|
|
accesses = append(accesses, access)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
sort.Strings(accesses)
|
2016-07-25 20:00:28 +00:00
|
|
|
data := struct {
|
2016-10-27 17:20:30 +00:00
|
|
|
User string
|
|
|
|
Client string
|
|
|
|
AuthReqID string
|
|
|
|
Scopes []string
|
2016-11-30 22:26:54 +00:00
|
|
|
}{username, clientName, authReqID, accesses}
|
2016-12-12 22:54:01 +00:00
|
|
|
return renderTemplate(w, t.approvalTmpl, data)
|
2016-07-25 20:00:28 +00:00
|
|
|
}
|
|
|
|
|
2016-12-12 22:54:01 +00:00
|
|
|
func (t *templates) oob(w http.ResponseWriter, code string) error {
|
2016-10-19 19:45:17 +00:00
|
|
|
data := struct {
|
|
|
|
Code string
|
2016-11-30 22:26:54 +00:00
|
|
|
}{code}
|
2016-12-12 22:54:01 +00:00
|
|
|
return renderTemplate(w, t.oobTmpl, data)
|
2016-10-19 19:45:17 +00:00
|
|
|
}
|
|
|
|
|
2016-08-25 20:10:19 +00:00
|
|
|
// small io.Writer utilitiy to determine if executing the template wrote to the underlying response writer.
|
|
|
|
type writeRecorder struct {
|
|
|
|
wrote bool
|
|
|
|
w io.Writer
|
|
|
|
}
|
|
|
|
|
|
|
|
func (w *writeRecorder) Write(p []byte) (n int, err error) {
|
|
|
|
w.wrote = true
|
|
|
|
return w.w.Write(p)
|
|
|
|
}
|
2016-07-25 20:00:28 +00:00
|
|
|
|
2016-12-12 22:54:01 +00:00
|
|
|
func renderTemplate(w http.ResponseWriter, tmpl *template.Template, data interface{}) error {
|
2016-08-25 20:10:19 +00:00
|
|
|
wr := &writeRecorder{w: w}
|
|
|
|
if err := tmpl.Execute(wr, data); err != nil {
|
|
|
|
if !wr.wrote {
|
|
|
|
// TODO(ericchiang): replace with better internal server error.
|
|
|
|
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
|
|
|
}
|
2016-12-12 22:54:01 +00:00
|
|
|
return fmt.Errorf("Error rendering template %s: %s", tmpl.Name(), err)
|
2016-07-25 20:00:28 +00:00
|
|
|
}
|
2016-12-12 22:54:01 +00:00
|
|
|
return nil
|
2016-07-25 20:00:28 +00:00
|
|
|
}
|