remove settings endpoint

greenpau · Mar 24, 2024 · baf1a38 · baf1a38
1 parent bfaeabc
commit baf1a38
Show file tree

Hide file tree

Showing 11 changed files with 105 additions and 1,027 deletions.
diff --git a/pkg/authn/handle_http_barcode.go b/pkg/authn/handle_http_barcode.go
@@ -0,0 +1,72 @@
+// Copyright 2022 Paul Greenberg [email protected]
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package authn
+
+import (
+	"context"
+	"encoding/base64"
+	"net/http"
+	"strings"
+
+	"github.com/greenpau/go-authcrunch/pkg/requests"
+	"github.com/greenpau/go-authcrunch/pkg/user"
+	"github.com/skip2/go-qrcode"
+)
+
+func (p *Portal) handleHTTPProfileMfaBarcode(ctx context.Context, w http.ResponseWriter, r *http.Request, rr *requests.Request, parsedUser *user.User) error {
+	p.disableClientCache(w)
+	p.injectRedirectURL(ctx, w, r, rr)
+	if parsedUser == nil {
+		if rr.Response.RedirectURL == "" {
+			return p.handleHTTPRedirect(ctx, w, r, rr, "/login?redirect_url="+r.RequestURI)
+		}
+		return p.handleHTTPRedirect(ctx, w, r, rr, "/login")
+	}
+
+	endpoint, err := getEndpoint(r.URL.Path, "/barcode")
+	if err != nil {
+		return p.handleHTTPError(ctx, w, r, rr, http.StatusBadRequest)
+	}
+
+	qrCodeEncoded := strings.TrimPrefix(endpoint, "/mfa/")
+	qrCodeEncoded = strings.TrimSuffix(qrCodeEncoded, ".png")
+	codeURI, err := base64.StdEncoding.DecodeString(qrCodeEncoded)
+	if err != nil {
+		return p.handleHTTPRenderPlainText(ctx, w, http.StatusBadRequest)
+	}
+	png, err := qrcode.Encode(string(codeURI), qrcode.Medium, 256)
+	if err != nil {
+		return p.handleHTTPRenderPlainText(ctx, w, http.StatusInternalServerError)
+	}
+	w.Header().Set("Content-Type", "image/png")
+	w.Write(png)
+	return nil
+}
+
+func (p *Portal) handleHTTPSandboxMfaBarcode(ctx context.Context, w http.ResponseWriter, _ *http.Request, endpoint string) error {
+	qrCodeEncoded := strings.TrimPrefix(endpoint, "/mfa/barcode/")
+	qrCodeEncoded = strings.TrimSuffix(qrCodeEncoded, ".png")
+	codeURI, err := base64.StdEncoding.DecodeString(qrCodeEncoded)
+	if err != nil {
+		return p.handleHTTPRenderPlainText(ctx, w, http.StatusBadRequest)
+	}
+	png, err := qrcode.Encode(string(codeURI), qrcode.Medium, 256)
+	if err != nil {
+		return p.handleHTTPRenderPlainText(ctx, w, http.StatusInternalServerError)
+	}
+	w.Header().Set("Content-Type", "image/png")
+	w.Write(png)
+	return nil
+}
diff --git a/pkg/authn/handle_http_portal.go b/pkg/authn/handle_http_portal.go
@@ -16,14 +16,37 @@ package authn
 
 import (
 	"context"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strings"
+
 	"github.com/greenpau/go-authcrunch/pkg/requests"
 	"github.com/greenpau/go-authcrunch/pkg/user"
 	addrutil "github.com/greenpau/go-authcrunch/pkg/util/addr"
 	"go.uber.org/zap"
-	"net/http"
-	"net/url"
 )
 
+func getEndpoint(p, s string) (string, error) {
+	i := strings.Index(p, s)
+	if i < 0 {
+		return s, fmt.Errorf("%s is not in %s", p, s)
+	}
+	return strings.TrimPrefix(p[i:], s), nil
+}
+
+func getEndpointKeyID(p, s string) (string, error) {
+	sp, err := getEndpoint(p, s)
+	if err != nil {
+		return "", err
+	}
+	arr := strings.Split(sp, "/")
+	if len(arr) != 1 {
+		return "", fmt.Errorf("invalid key id")
+	}
+	return arr[0], nil
+}
+
 func (p *Portal) handleHTTPPortal(ctx context.Context, w http.ResponseWriter, r *http.Request, rr *requests.Request, parsedUser *user.User) error {
 	p.disableClientCache(w)
 	p.injectRedirectURL(ctx, w, r, rr)

diff --git a/pkg/authn/handle_http_sandbox.go b/pkg/authn/handle_http_sandbox.go
@@ -114,7 +114,7 @@ func (p *Portal) handleHTTPSandbox(ctx context.Context, w http.ResponseWriter, r
 	case strings.HasPrefix(sandboxPartition, "mfa-app-barcode/"):
 		// Handle App Portal barcode.
 		sandboxPartition = strings.TrimPrefix(sandboxPartition, "mfa-app-barcode/")
-		return p.handleHTTPMfaBarcode(ctx, w, r, sandboxPartition)
+		return p.handleHTTPSandboxMfaBarcode(ctx, w, r, sandboxPartition)
 	case sandboxPartition == "terminate":
 		p.sandboxes.Delete(sandboxID)
 		return p.handleHTTPRedirectSeeOther(ctx, w, r, rr, "login")

diff --git a/pkg/authn/handle_http_settings.go b/pkg/authn/handle_http_settings.go