1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
|
package server
import (
"errors"
"fmt"
"github.com/eduvpn/eduvpn-common/internal/oauth"
"github.com/eduvpn/eduvpn-common/internal/util"
"github.com/eduvpn/eduvpn-common/types"
)
// A secure internet server which has its own OAuth tokens
// It specifies the current location url it is connected to
type SecureInternetHomeServer struct {
DisplayName map[string]string `json:"display_name"`
OAuth oauth.OAuth `json:"oauth"`
// The home server has a list of info for each configured server location
BaseMap map[string]*ServerBase `json:"base_map"`
// We have the authorization URL template, the home organization ID and the current location
AuthorizationTemplate string `json:"authorization_template"`
HomeOrganizationID string `json:"home_organization_id"`
CurrentLocation string `json:"current_location"`
}
func (servers *Servers) GetSecureInternetHomeServer() (*SecureInternetHomeServer, error) {
if !servers.HasSecureLocation() {
return nil, errors.New("No secure internet home server")
}
return &servers.SecureInternetHomeServer, nil
}
func (servers *Servers) SetSecureInternet(server Server) error {
errorMessage := "failed setting secure internet server"
base, baseErr := server.GetBase()
if baseErr != nil {
return &types.WrappedErrorMessage{Message: errorMessage, Err: baseErr}
}
if base.Type != "secure_internet" {
return &types.WrappedErrorMessage{Message: errorMessage, Err: errors.New("Not a secure internet server")}
}
// The location should already be configured
// TODO: check for location?
servers.IsType = SecureInternetServerType
return nil
}
func (servers *Servers) RemoveSecureInternet() {
// Empty out the struct
servers.SecureInternetHomeServer = SecureInternetHomeServer{}
// If the current server is secure internet, default to custom server
if servers.IsType == SecureInternetServerType {
servers.IsType = CustomServerType
}
}
func (secure *SecureInternetHomeServer) GetOAuth() *oauth.OAuth {
return &secure.OAuth
}
func (secure *SecureInternetHomeServer) GetTemplateAuth() func(string) string {
return func(authURL string) string {
return util.ReplaceWAYF(secure.AuthorizationTemplate, authURL, secure.HomeOrganizationID)
}
}
func (server *SecureInternetHomeServer) GetBase() (*ServerBase, error) {
errorMessage := "failed getting current secure internet home base"
if server.BaseMap == nil {
return nil, &types.WrappedErrorMessage{
Message: errorMessage,
Err: &ServerSecureInternetMapNotFoundError{},
}
}
base, exists := server.BaseMap[server.CurrentLocation]
if !exists {
return nil, &types.WrappedErrorMessage{
Message: errorMessage,
Err: &ServerSecureInternetBaseNotFoundError{Current: server.CurrentLocation},
}
}
return base, nil
}
func (servers *Servers) HasSecureLocation() bool {
return servers.SecureInternetHomeServer.CurrentLocation != ""
}
func (secure *SecureInternetHomeServer) addLocation(
locationServer *types.DiscoveryServer,
) (*ServerBase, error) {
errorMessage := "failed adding a location"
// Initialize the base map if it is non-nil
if secure.BaseMap == nil {
secure.BaseMap = make(map[string]*ServerBase)
}
// Add the location to the base map
base, exists := secure.BaseMap[locationServer.CountryCode]
if !exists || base == nil {
// Create the base to be added to the map
base = &ServerBase{}
base.URL = locationServer.BaseURL
base.DisplayName = secure.DisplayName
base.SupportContact = locationServer.SupportContact
base.Type = "secure_internet"
endpoints, endpointsErr := APIGetEndpoints(locationServer.BaseURL)
if endpointsErr != nil {
return nil, &types.WrappedErrorMessage{Message: errorMessage, Err: endpointsErr}
}
base.Endpoints = *endpoints
}
// Ensure it is in the map
secure.BaseMap[locationServer.CountryCode] = base
return base, nil
}
// Initializes the home server and adds its own location
func (secure *SecureInternetHomeServer) init(
homeOrg *types.DiscoveryOrganization,
homeLocation *types.DiscoveryServer,
) error {
errorMessage := "failed initializing secure internet home server"
if secure.HomeOrganizationID != homeOrg.OrgId {
// New home organisation, clear everything
*secure = SecureInternetHomeServer{}
}
// Make sure to set the organization ID
secure.HomeOrganizationID = homeOrg.OrgId
secure.DisplayName = homeOrg.DisplayName
// Make sure to set the authorization URL template
secure.AuthorizationTemplate = homeLocation.AuthenticationURLTemplate
base, baseErr := secure.addLocation(homeLocation)
if baseErr != nil {
return &types.WrappedErrorMessage{Message: errorMessage, Err: baseErr}
}
// Make sure oauth contains our endpoints
secure.OAuth.Init(base.Endpoints.API.V3.Authorization, base.Endpoints.API.V3.Token)
return nil
}
type ServerGetSecureInternetHomeError struct{}
func (e *ServerGetSecureInternetHomeError) Error() string {
return "failed to get secure internet home server, not found"
}
type ServerSecureInternetMapNotFoundError struct{}
func (e *ServerSecureInternetMapNotFoundError) Error() string {
return "secure internet map not found"
}
type ServerSecureInternetBaseNotFoundError struct {
Current string
}
func (e *ServerSecureInternetBaseNotFoundError) Error() string {
return fmt.Sprintf("secure internet base not found with current location: %s", e.Current)
}
|
