summaryrefslogtreecommitdiff
path: root/internal/server/secureinternet.go
blob: 3498bcceb8a9e741cee0bd1dbf66b0733e3a96e3 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

package server

import (
	"fmt"

	"github.com/jwijenbergh/eduvpn-common/internal/fsm"
	"github.com/jwijenbergh/eduvpn-common/internal/oauth"
	"github.com/jwijenbergh/eduvpn-common/internal/types"
	"github.com/jwijenbergh/eduvpn-common/internal/util"
)

// A secure internet server which has its own OAuth tokens
// It specifies the current location url it is connected to
type SecureInternetHomeServer struct {
	DisplayName map[string]string `json:"display_name"`
	OAuth       oauth.OAuth       `json:"oauth"`

	// The home server has a list of info for each configured server location
	BaseMap map[string]*ServerBase `json:"base_map"`

	// We have the authorization URL template, the home organization ID and the current location
	AuthorizationTemplate string `json:"authorization_template"`
	HomeOrganizationID    string `json:"home_organization_id"`
	CurrentLocation       string `json:"current_location"`
}

func (secure *SecureInternetHomeServer) GetOAuth() *oauth.OAuth {
	return &secure.OAuth
}

func (secure *SecureInternetHomeServer) GetTemplateAuth() func(string) string {
	return func(authURL string) string {
		return util.ReplaceWAYF(secure.AuthorizationTemplate, authURL, secure.HomeOrganizationID)
	}
}

func (server *SecureInternetHomeServer) GetBase() (*ServerBase, error) {
	errorMessage := "failed getting current secure internet home base"
	if server.BaseMap == nil {
		return nil, &types.WrappedErrorMessage{
			Message: errorMessage,
			Err:     &ServerSecureInternetMapNotFoundError{},
		}
	}

	base, exists := server.BaseMap[server.CurrentLocation]

	if !exists {
		return nil, &types.WrappedErrorMessage{
			Message: errorMessage,
			Err:     &ServerSecureInternetBaseNotFoundError{Current: server.CurrentLocation},
		}
	}
	return base, nil
}

func (servers *Servers) HasSecureLocation() bool {
	return servers.SecureInternetHomeServer.CurrentLocation != ""
}

func (secure *SecureInternetHomeServer) addLocation(
	locationServer *types.DiscoveryServer,
	fsm *fsm.FSM,
) (*ServerBase, error) {
	errorMessage := "failed adding a location"
	// Initialize the base map if it is non-nil
	if secure.BaseMap == nil {
		secure.BaseMap = make(map[string]*ServerBase)
	}

	// Add the location to the base map
	base, exists := secure.BaseMap[locationServer.CountryCode]

	if !exists || base == nil {
		// Create the base to be added to the map
		base = &ServerBase{}
		base.URL = locationServer.BaseURL
		base.DisplayName = secure.DisplayName
		base.SupportContact = locationServer.SupportContact
		base.Type = "secure_internet"
		endpoints, endpointsErr := APIGetEndpoints(locationServer.BaseURL)
		if endpointsErr != nil {
			return nil, &types.WrappedErrorMessage{Message: errorMessage, Err: endpointsErr}
		}
		base.Endpoints = *endpoints
	}

	// Pass the fsm
	base.FSM = fsm

	// Ensure it is in the map
	secure.BaseMap[locationServer.CountryCode] = base
	return base, nil
}

// Initializes the home server and adds its own location
func (secure *SecureInternetHomeServer) init(
	homeOrg *types.DiscoveryOrganization,
	homeLocation *types.DiscoveryServer,
	fsm *fsm.FSM,
) error {
	errorMessage := "failed initializing secure internet home server"

	if secure.HomeOrganizationID != homeOrg.OrgId {
		// New home organisation, clear everything
		*secure = SecureInternetHomeServer{}
	}

	// Make sure to set the organization ID
	secure.HomeOrganizationID = homeOrg.OrgId
	secure.DisplayName = homeOrg.DisplayName

	// Make sure to set the authorization URL template
	secure.AuthorizationTemplate = homeLocation.AuthenticationURLTemplate

	base, baseErr := secure.addLocation(homeLocation, fsm)

	if baseErr != nil {
		return &types.WrappedErrorMessage{Message: errorMessage, Err: baseErr}
	}

	// Make sure oauth contains our endpoints
	secure.OAuth.Init(base.Endpoints.API.V3.Authorization, base.Endpoints.API.V3.Token, fsm)
	return nil
}

type ServerGetSecureInternetHomeError struct{}

func (e *ServerGetSecureInternetHomeError) Error() string {
	return "failed to get secure internet home server, not found"
}

type ServerSecureInternetMapNotFoundError struct{}

func (e *ServerSecureInternetMapNotFoundError) Error() string {
	return "secure internet map not found"
}

type ServerSecureInternetBaseNotFoundError struct {
	Current string
}

func (e *ServerSecureInternetBaseNotFoundError) Error() string {
	return fmt.Sprintf("secure internet base not found with current location: %s", e.Current)
}