Skip to content
Snippets Groups Projects

Grdf adict

Closed Grdf adict
grdf-adict into master
Closed Hugo NOUTS requested to merge grdf-adict into master
Compare
and
1 file
+ 196
2
Compare changes
  • Side-by-side
  • Inline
main.go
+ 196
2
@@ -20,9 +20,10 @@ var (
@@ -20,9 +20,10 @@ var (
logLevel = flag.String("loglevel", LookupEnvOrString("LOGLEVEL", "debug"), "log level (debug, info, warning, error) (defaults to debug)")
logLevel = flag.String("loglevel", LookupEnvOrString("LOGLEVEL", "debug"), "log level (debug, info, warning, error) (defaults to debug)")
cozyDomain = flag.String("cozy_domain", LookupEnvOrString("COZY_DOMAIN", "cozy.wf.alpha.grandlyon.com"), "Cozy domain (defaults to cozy.wf.alpha.grandlyon.com)")
cozyDomain = flag.String("cozy_domain", LookupEnvOrString("COZY_DOMAIN", "cozy.wf.alpha.grandlyon.com"), "Cozy domain (defaults to cozy.wf.alpha.grandlyon.com)")
cozyRedirectURI = flag.String("cozy_redirect_uri", LookupEnvOrString("COZY_REDIRECT_URI", "/accounts/enedisgrandlyon/redirect"), "Cozy redirect URI (defaults to /accounts/enedisgrandlyon/redirect)")
cozyRedirectURI = flag.String("cozy_redirect_uri", LookupEnvOrString("COZY_REDIRECT_URI", "/accounts/enedisgrandlyon/redirect"), "Cozy redirect URI (defaults to /accounts/enedisgrandlyon/redirect)")
 
cozyGrdfRedirectURI = flag.String("cozy_redirect_uri", LookupEnvOrString("COZY_REDIRECT_URI", "/accounts/grdfgrandlyon/redirect"), "Cozy redirect URI (defaults to /accounts/grdfgrandlyon/redirect)")
)
)
type TokenResponse struct {
type EnedisTokenResponse struct {
AccessToken string `json:"access_token"`
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
TokenType string `json:"token_type"`
ExpiresIn int `json:"expires_in"`
ExpiresIn int `json:"expires_in"`
@@ -33,6 +34,14 @@ type TokenResponse struct {
@@ -33,6 +34,14 @@ type TokenResponse struct {
UsagePointId string `json:"usage_points_id"`
UsagePointId string `json:"usage_points_id"`
}
}
 
type GrdfTokenResponse struct {
 
AccessToken string `json:"access_token"`
 
IdToken string `json:"id_token"`
 
TokenType string `json:"token_type"`
 
ExpiresIn int `json:"expires_in"`
 
Scope string `json:"scope"`
 
}
 
func LookupEnvOrString(key string, defaultVal string) string {
func LookupEnvOrString(key string, defaultVal string) string {
if val, ok := os.LookupEnv(key); ok {
if val, ok := os.LookupEnv(key); ok {
return val
return val
@@ -101,6 +110,7 @@ func main() {
@@ -101,6 +110,7 @@ func main() {
io.WriteString(w, "OK\n")
io.WriteString(w, "OK\n")
})
})
 
// ENEDIS AUTH ENDPOINT
mux.HandleFunc("/auth", func(w http.ResponseWriter, r *http.Request) {
mux.HandleFunc("/auth", func(w http.ResponseWriter, r *http.Request) {
log.Debug("New auth request")
log.Debug("New auth request")
query := r.URL.Query()
query := r.URL.Query()
@@ -135,6 +145,38 @@ func main() {
@@ -135,6 +145,38 @@ func main() {
http.Redirect(w, r, redirectUrl, 302)
http.Redirect(w, r, redirectUrl, 302)
})
})
 
// GRDF ADICT AUTHORIZE ENDPOINT
 
mux.HandleFunc("/grdf_authorize", func(w http.ResponseWriter, r *http.Request) {
 
log.Debug("New grdf auth request")
 
query := r.URL.Query()
 
log.Debug("Query received - ", query)
 
 
clientId := query.Get("client_id")
 
state := query.Get("state")
 
cozyOrigin := query.Get("redirect_uri")
 
splitIndexStart := strings.Index(cozyOrigin, ":")
 
if splitIndexStart == -1 {
 
log.Error("redirect_uri bad format " + cozyOrigin)
 
http.Error(w, http.StatusText(500), 500)
 
}
 
splitIndexEnd := strings.Index(cozyOrigin, ".")
 
if splitIndexEnd == -1 {
 
log.Error("redirect_uri bad format " + cozyOrigin)
 
http.Error(w, http.StatusText(500), 500)
 
}
 
instanceName := cozyOrigin[splitIndexStart+3:splitIndexEnd]
 
 
redirectProxy := "https://oauth-proxy.wf.alpha.grandlyon.com"
 
authURL := "https://sofit-sso-oidc.grdf.fr/openam/oauth2/realms/externeGrdf/authorize"
 
 
redirectUrl := authURL + "?client_id=" + clientId + "&scope=openid&response_type=code&redirect_uri="+ redirectProxy + "&state=" + state + "-" + instanceName
 
 
// TODO Add Login Hint in request
 
log.Debug("Redirect to - ", redirectUrl)
 
http.Redirect(w, r, redirectUrl, 302)
 
})
 
 
//ENEDIS REDIRECT ENDPOINT
mux.HandleFunc("/redirect", func(w http.ResponseWriter, r *http.Request) {
mux.HandleFunc("/redirect", func(w http.ResponseWriter, r *http.Request) {
log.Debug("New redirect request")
log.Debug("New redirect request")
query := r.URL.Query()
query := r.URL.Query()
@@ -169,6 +211,30 @@ func main() {
@@ -169,6 +211,30 @@ func main() {
}
}
})
})
 
//GRDF REDIRECT ENDPOINT
 
mux.HandleFunc("/redirect-grdf", func(w http.ResponseWriter, r *http.Request) {
 
log.Debug("New redirection on grdf-redirect")
 
query := r.URL.Query()
 
log.Debug(query)
 
 
code := query.Get("code")
 
req_state := query.Get("state")
 
//TODO Get pce_id
 
splitIndex := strings.Index(req_state, "-")
 
if splitIndex == -1 {
 
log.Warning("No host found")
 
}
 
state := req_state[0:splitIndex]
 
host := req_state[splitIndex+1:]
 
 
cozyURL := "https://" + host + "." + *cozyDomain + *cozyGrdfRedirectURI
 
 
redir := cozyURL + "?code=" + code + "&state=" + state
 
log.Debug("Redirect to -", redir)
 
http.Redirect(w, r, redir, 302)
 
})
 
 
//ENEDIS TOKEN ENDPOINT
mux.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
mux.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
log.Debug("New token request")
log.Debug("New token request")
query := r.URL.Query()
query := r.URL.Query()
@@ -278,7 +344,7 @@ func main() {
@@ -278,7 +344,7 @@ func main() {
w.Header().Add("Content-Type", "application/json")
w.Header().Add("Content-Type", "application/json")
// Decode response Body using the defined type "TokenResponse"
// Decode response Body using the defined type "TokenResponse"
data := TokenResponse{}
data := EnedisTokenResponse{}
decodeError := json.NewDecoder(response.Body).Decode(&data)
decodeError := json.NewDecoder(response.Body).Decode(&data)
if decodeError != nil {
if decodeError != nil {
http.Error(w, decodeError.Error(), 500)
http.Error(w, decodeError.Error(), 500)
@@ -297,5 +363,133 @@ func main() {
@@ -297,5 +363,133 @@ func main() {
}
}
})
})
 
//GRDF TOKEN ENDPOINT
 
mux.HandleFunc("/grdf_token", func(w http.ResponseWriter, r *http.Request) {
 
log.Debug("New GRDF token request")
 
query := r.URL.Query()
 
log.Debug(query)
 
 
clientId := ""
 
clientSecret := ""
 
code := ""
 
grantType := ""
 
scope := ""
 
 
// For request token params are into query parameters
 
 
if len(query) == 0 {
 
log.Warn("No params found in url query \nStack probably asks for a refresh token \nTrying to catch them from body")
 
contents, err := ioutil.ReadAll(r.Body)
 
if err != nil {
 
log.Error(err)
 
}
 
pageContent := string(contents)
 
//Check for client_id
 
clientIdStartIndex := strings.Index(pageContent, "client_id=")
 
if clientIdStartIndex == -1 {
 
log.Error("No client_id found")
 
http.Error(w, http.StatusText(500), 500)
 
}
 
clientIdStartIndex += 10
 
clientId = pageContent[clientIdStartIndex : clientIdStartIndex+36]
 
//Check for client_secret
 
clientSecretStartIndex := strings.Index(pageContent, "client_secret=")
 
if clientSecretStartIndex == -1 {
 
log.Error("No client_secret found")
 
http.Error(w, http.StatusText(500), 500)
 
}
 
clientSecretStartIndex += 14
 
clientSecret = pageContent[clientSecretStartIndex : clientSecretStartIndex+36]
 
//Check for code
 
codeStartIndex := strings.Index(pageContent, "code=")
 
if codeStartIndex == -1 {
 
log.Info("No code found (optional param)")
 
} else {
 
codeStartIndex += 5
 
code = pageContent[codeStartIndex : codeStartIndex+30]
 
}
 
//Check for grant_type
 
grandTypeStartIndex := strings.Index(pageContent, "grant_type=")
 
if grandTypeStartIndex == -1 {
 
log.Error("No grant_type found")
 
http.Error(w, http.StatusText(500), 500)
 
}
 
grandTypeStartIndex += 11
 
tempGrandTypeString := pageContent[grandTypeStartIndex:]
 
grandTypeEndIndex := strings.Index(tempGrandTypeString, "&")
 
if grandTypeEndIndex == -1 {
 
log.Error("No closing tag for grant_type found")
 
http.Error(w, http.StatusText(500), 500)
 
}
 
grantType = tempGrandTypeString[0:grandTypeEndIndex]
 
 
} else {
 
// Retrieve params from query
 
clientId = query.Get("client_id")
 
clientSecret = query.Get("client_secret")
 
code = query.Get("code")
 
grantType = query.Get("grant_type")
 
scope = query.Get("scope")
 
redirectUri = query.Get("redirect_uri")
 
}
 
 
 
// Print out the result
 
log.WithFields(log.Fields{
 
"client_id": clientId,
 
"client_secret": clientSecret,
 
"code": code,
 
"grant_type": grantType,
 
"redirect_uri": redirectUri
 
"scope": scope,
 
}).Debug("result")
 
 
tokenUrl := "https://sofit-sso-oidc.grdf.fr/openam/oauth2/realms/externeGrdf/access_token"
 
 
data := url.Values{}
 
data.Set("client_id", clientId)
 
data.Set("client_secret", clientSecret)
 
data.Set("grant_type", grantType)
 
data.Set("redirect_uri", redirectUri)
 
if grantType == "authorization_code" {
 
data.Set("code", code)
 
} else {
 
data.Set("scope", scope)
 
}
 
 
log.Debug("Send request to token endpoint: ", tokenUrl)
 
response, err := http.PostForm(tokenUrl, data)
 
if err != nil {
 
log.Error(err)
 
} else {
 
log.Debug("Endpoint response with status", response.Status)
 
defer response.Body.Close()
 
if response.StatusCode >= 200 && response.StatusCode <= 299 {
 
// Set Content-Type in response header
 
w.Header().Add("Content-Type", "application/json")
 
 
// Decode response Body using the defined type "GrdfTokenResponse"
 
data := GrdfTokenResponse{}
 
decodeError := json.NewDecoder(response.Body).Decode(&data)
 
if decodeError != nil {
 
http.Error(w, decodeError.Error(), 500)
 
return
 
}
 
log.Info("json token data: ", data)
 
// if data.id_token {
 
// DECODE JWT
 
// }
 
// Response with json data
 
jsonError := json.NewEncoder(w).Encode(data)
 
if jsonError != nil {
 
http.Error(w, jsonError.Error(), 500)
 
return
 
}
 
} else {
 
http.Error(w, http.StatusText(response.StatusCode), response.StatusCode)
 
}
 
}
 
})
 
log.Fatal(http.ListenAndServe(":"+strconv.Itoa(*httpPort), mux))
log.Fatal(http.ListenAndServe(":"+strconv.Itoa(*httpPort), mux))
}
}