mirror of
https://codeberg.org/superseriousbusiness/gotosocial.git
synced 2024-12-30 04:48:18 +03:00
3a369d834a
* [chore] Upgrade our Go version to 1.22 With Go 1.22 having been released at the start of February, it's now been a few months. No major issues have shown up, and the two point release since then have primarily been security fixes plus some general bug fixing. This sets the required Go version to 1.22, as there's nothing in 1.22.1 or 1.22.2 that we would explicitly require. It sets the toolchain to the latest point release, to ensure we pick up any fixes from there when building releases etc. * [chore] Update CI to Go 1.22 * [chore] Update golangci-lint to 1.25.7 Newer version should know about Go 1.22 and run fine. * [chore] Update Docker container to Go 1.22 * [chore] Update Dockerfile to newer Alpine version * sign drone.yml * add missing license header --------- Co-authored-by: tobi <tobi.smethurst@protonmail.com>
107 lines
3.4 KiB
Go
107 lines
3.4 KiB
Go
// GoToSocial
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package oauth
|
|
|
|
import (
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
|
"github.com/superseriousbusiness/oauth2/v4"
|
|
"github.com/superseriousbusiness/oauth2/v4/errors"
|
|
)
|
|
|
|
// Auth wraps an authorized token, application, user, and account.
|
|
// It is used in the functions GetAuthed and MustAuth.
|
|
// Because the user might *not* be authed, any of the fields in this struct
|
|
// might be nil, so make sure to check that when you're using this struct anywhere.
|
|
type Auth struct {
|
|
Token oauth2.TokenInfo
|
|
Application *gtsmodel.Application
|
|
User *gtsmodel.User
|
|
Account *gtsmodel.Account
|
|
}
|
|
|
|
// Authed is a convenience function for returning an Authed struct from a gin context.
|
|
// In essence, it tries to extract a token, application, user, and account from the context,
|
|
// and then sets them on a struct for convenience.
|
|
//
|
|
// If any are not present in the context, they will be set to nil on the returned Authed struct.
|
|
//
|
|
// If *ALL* are not present, then nil and an error will be returned.
|
|
//
|
|
// If something goes wrong during parsing, then nil and an error will be returned (consider this not authed).
|
|
// Authed is like GetAuthed, but will fail if one of the requirements is not met.
|
|
func Authed(c *gin.Context, requireToken bool, requireApp bool, requireUser bool, requireAccount bool) (*Auth, error) {
|
|
ctx := c.Copy()
|
|
a := &Auth{}
|
|
var i interface{}
|
|
var ok bool
|
|
|
|
i, ok = ctx.Get(SessionAuthorizedToken)
|
|
if ok {
|
|
parsed, ok := i.(oauth2.TokenInfo)
|
|
if !ok {
|
|
return nil, errors.New("could not parse token from session context")
|
|
}
|
|
a.Token = parsed
|
|
}
|
|
|
|
i, ok = ctx.Get(SessionAuthorizedApplication)
|
|
if ok {
|
|
parsed, ok := i.(*gtsmodel.Application)
|
|
if !ok {
|
|
return nil, errors.New("could not parse application from session context")
|
|
}
|
|
a.Application = parsed
|
|
}
|
|
|
|
i, ok = ctx.Get(SessionAuthorizedUser)
|
|
if ok {
|
|
parsed, ok := i.(*gtsmodel.User)
|
|
if !ok {
|
|
return nil, errors.New("could not parse user from session context")
|
|
}
|
|
a.User = parsed
|
|
}
|
|
|
|
i, ok = ctx.Get(SessionAuthorizedAccount)
|
|
if ok {
|
|
parsed, ok := i.(*gtsmodel.Account)
|
|
if !ok {
|
|
return nil, errors.New("could not parse account from session context")
|
|
}
|
|
a.Account = parsed
|
|
}
|
|
|
|
if requireToken && a.Token == nil {
|
|
return nil, errors.New("token not supplied")
|
|
}
|
|
|
|
if requireApp && a.Application == nil {
|
|
return nil, errors.New("application not supplied")
|
|
}
|
|
|
|
if requireUser && a.User == nil {
|
|
return nil, errors.New("user not supplied or not authorized")
|
|
}
|
|
|
|
if requireAccount && a.Account == nil {
|
|
return nil, errors.New("account not supplied or not authorized")
|
|
}
|
|
|
|
return a, nil
|
|
}
|