@@ -128,6 +128,11 @@ type writestore interface { | |||||
GetUserLastPostTime(id int64) (*time.Time, error) | GetUserLastPostTime(id int64) (*time.Time, error) | ||||
GetCollectionLastPostTime(id int64) (*time.Time, error) | GetCollectionLastPostTime(id int64) (*time.Time, error) | ||||
GetIDForRemoteUser(ctx context.Context, remoteUserID int64) (int64, error) | |||||
RecordRemoteUserID(ctx context.Context, localUserID, remoteUserID int64) error | |||||
ValidateOAuthState(ctx context.Context, state string) error | |||||
GenerateOAuthState(ctx context.Context) (string, error) | |||||
DatabaseInitialized() bool | DatabaseInitialized() bool | ||||
} | } | ||||
@@ -2489,7 +2494,7 @@ func (db *datastore) RecordRemoteUserID(ctx context.Context, localUserID, remote | |||||
if db.driverName == driverSQLite { | if db.driverName == driverSQLite { | ||||
_, err = db.ExecContext(ctx, "INSERT OR REPLACE INTO users_oauth (user_id, remote_user_id) VALUES (?, ?)", localUserID, remoteUserID) | _, err = db.ExecContext(ctx, "INSERT OR REPLACE INTO users_oauth (user_id, remote_user_id) VALUES (?, ?)", localUserID, remoteUserID) | ||||
} else { | } else { | ||||
_, err = db.ExecContext(ctx, "INSERT INTO users_oauth (user_id, remote_user_id) VALUES (?, ?) "+db.upsert("user_id"), localUserID, remoteUserID) | |||||
_, err = db.ExecContext(ctx, "INSERT INTO users_oauth (user_id, remote_user_id) VALUES (?, ?) "+db.upsert("user_id") + " user_id = ?", localUserID, remoteUserID, localUserID) | |||||
} | } | ||||
if err != nil { | if err != nil { | ||||
log.Error("Unable to INSERT users_oauth for '%d': %v", localUserID, err) | log.Error("Unable to INSERT users_oauth for '%d': %v", localUserID, err) | ||||
@@ -0,0 +1,43 @@ | |||||
package writefreely | |||||
import ( | |||||
"context" | |||||
"database/sql" | |||||
"github.com/stretchr/testify/assert" | |||||
"testing" | |||||
) | |||||
func TestOAuthDatastore(t *testing.T) { | |||||
if !runMySQLTests() { | |||||
t.Skip("skipping mysql tests") | |||||
} | |||||
withTestDB(t, func(db *sql.DB) { | |||||
ctx := context.Background() | |||||
ds := &datastore{ | |||||
DB: db, | |||||
driverName: "", | |||||
} | |||||
state, err := ds.GenerateOAuthState(ctx) | |||||
assert.NoError(t, err) | |||||
assert.Len(t, state, 24) | |||||
countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `oauth_client_state` WHERE `state` = ? AND `used` = false", state) | |||||
err = ds.ValidateOAuthState(ctx, state) | |||||
assert.NoError(t, err) | |||||
countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `oauth_client_state` WHERE `state` = ? AND `used` = true", state) | |||||
var localUserID int64 = 99 | |||||
var remoteUserID int64 = 100 | |||||
err = ds.RecordRemoteUserID(ctx, localUserID, remoteUserID) | |||||
assert.NoError(t, err) | |||||
countRows(t, ctx, db, 1, "SELECT COUNT(*) FROM `users_oauth` WHERE `user_id` = ? AND `remote_user_id` = ?", localUserID, remoteUserID) | |||||
foundUserID, err := ds.GetIDForRemoteUser(ctx, remoteUserID) | |||||
assert.NoError(t, err) | |||||
assert.Equal(t, localUserID, foundUserID) | |||||
}) | |||||
} |
@@ -0,0 +1,271 @@ | |||||
package db | |||||
import ( | |||||
"fmt" | |||||
"strings" | |||||
) | |||||
type DialectType int | |||||
type ColumnType int | |||||
type OptionalInt struct { | |||||
Set bool | |||||
Value int | |||||
} | |||||
type OptionalString struct { | |||||
Set bool | |||||
Value string | |||||
} | |||||
type SQLBuilder interface { | |||||
ToSQL() (string, error) | |||||
} | |||||
type Column struct { | |||||
Dialect DialectType | |||||
Name string | |||||
Nullable bool | |||||
Default OptionalString | |||||
Type ColumnType | |||||
Size OptionalInt | |||||
PrimaryKey bool | |||||
} | |||||
type CreateTableSqlBuilder struct { | |||||
Dialect DialectType | |||||
Name string | |||||
IfNotExists bool | |||||
ColumnOrder []string | |||||
Columns map[string]*Column | |||||
Constraints []string | |||||
} | |||||
const ( | |||||
DialectSQLite DialectType = iota | |||||
DialectMySQL DialectType = iota | |||||
) | |||||
const ( | |||||
ColumnTypeBool ColumnType = iota | |||||
ColumnTypeSmallInt ColumnType = iota | |||||
ColumnTypeInteger ColumnType = iota | |||||
ColumnTypeChar ColumnType = iota | |||||
ColumnTypeVarChar ColumnType = iota | |||||
ColumnTypeText ColumnType = iota | |||||
ColumnTypeDateTime ColumnType = iota | |||||
) | |||||
var _ SQLBuilder = &CreateTableSqlBuilder{} | |||||
var UnsetSize OptionalInt = OptionalInt{Set: false, Value: 0} | |||||
var UnsetDefault OptionalString = OptionalString{Set: false, Value: ""} | |||||
func (d DialectType) Column(name string, t ColumnType, size OptionalInt) *Column { | |||||
switch d { | |||||
case DialectSQLite: | |||||
return &Column{Dialect: DialectSQLite, Name: name, Type: t, Size: size} | |||||
case DialectMySQL: | |||||
return &Column{Dialect: DialectMySQL, Name: name, Type: t, Size: size} | |||||
default: | |||||
panic(fmt.Sprintf("unexpected dialect: %d", d)) | |||||
} | |||||
} | |||||
func (d DialectType) Table(name string) *CreateTableSqlBuilder { | |||||
switch d { | |||||
case DialectSQLite: | |||||
return &CreateTableSqlBuilder{Dialect: DialectSQLite, Name: name} | |||||
case DialectMySQL: | |||||
return &CreateTableSqlBuilder{Dialect: DialectMySQL, Name: name} | |||||
default: | |||||
panic(fmt.Sprintf("unexpected dialect: %d", d)) | |||||
} | |||||
} | |||||
func (d ColumnType) Format(dialect DialectType, size OptionalInt) (string, error) { | |||||
if dialect != DialectMySQL && dialect != DialectSQLite { | |||||
return "", fmt.Errorf("unsupported column type %d for dialect %d and size %v", d, dialect, size) | |||||
} | |||||
switch d { | |||||
case ColumnTypeSmallInt: | |||||
{ | |||||
if dialect == DialectSQLite { | |||||
return "INTEGER", nil | |||||
} | |||||
mod := "" | |||||
if size.Set { | |||||
mod = fmt.Sprintf("(%d)", size.Value) | |||||
} | |||||
return "SMALLINT" + mod, nil | |||||
} | |||||
case ColumnTypeInteger: | |||||
{ | |||||
if dialect == DialectSQLite { | |||||
return "INTEGER", nil | |||||
} | |||||
mod := "" | |||||
if size.Set { | |||||
mod = fmt.Sprintf("(%d)", size.Value) | |||||
} | |||||
return "INT" + mod, nil | |||||
} | |||||
case ColumnTypeChar: | |||||
{ | |||||
if dialect == DialectSQLite { | |||||
return "TEXT", nil | |||||
} | |||||
mod := "" | |||||
if size.Set { | |||||
mod = fmt.Sprintf("(%d)", size.Value) | |||||
} | |||||
return "CHAR" + mod, nil | |||||
} | |||||
case ColumnTypeVarChar: | |||||
{ | |||||
if dialect == DialectSQLite { | |||||
return "TEXT", nil | |||||
} | |||||
mod := "" | |||||
if size.Set { | |||||
mod = fmt.Sprintf("(%d)", size.Value) | |||||
} | |||||
return "VARCHAR" + mod, nil | |||||
} | |||||
case ColumnTypeBool: | |||||
{ | |||||
if dialect == DialectSQLite { | |||||
return "INTEGER", nil | |||||
} | |||||
return "TINYINT(1)", nil | |||||
} | |||||
case ColumnTypeDateTime: | |||||
return "DATETIME", nil | |||||
case ColumnTypeText: | |||||
return "TEXT", nil | |||||
} | |||||
return "", fmt.Errorf("unsupported column type %d for dialect %d and size %v", d, dialect, size) | |||||
} | |||||
func (c *Column) SetName(name string) *Column { | |||||
c.Name = name | |||||
return c | |||||
} | |||||
func (c *Column) SetNullable(nullable bool) *Column { | |||||
c.Nullable = nullable | |||||
return c | |||||
} | |||||
func (c *Column) SetPrimaryKey(pk bool) *Column { | |||||
c.PrimaryKey = pk | |||||
return c | |||||
} | |||||
func (c *Column) SetDefault(value string) *Column { | |||||
c.Default = OptionalString{Set: true, Value: value} | |||||
return c | |||||
} | |||||
func (c *Column) SetType(t ColumnType) *Column { | |||||
c.Type = t | |||||
return c | |||||
} | |||||
func (c *Column) SetSize(size int) *Column { | |||||
c.Size = OptionalInt{Set: true, Value: size} | |||||
return c | |||||
} | |||||
func (c *Column) String() (string, error) { | |||||
var str strings.Builder | |||||
str.WriteString(c.Name) | |||||
str.WriteString(" ") | |||||
typeStr, err := c.Type.Format(c.Dialect, c.Size) | |||||
if err != nil { | |||||
return "", err | |||||
} | |||||
str.WriteString(typeStr) | |||||
if !c.Nullable { | |||||
str.WriteString(" NOT NULL") | |||||
} | |||||
if c.Default.Set { | |||||
str.WriteString(" DEFAULT ") | |||||
str.WriteString(c.Default.Value) | |||||
} | |||||
if c.PrimaryKey { | |||||
str.WriteString(" PRIMARY KEY") | |||||
} | |||||
return str.String(), nil | |||||
} | |||||
func (b *CreateTableSqlBuilder) Column(column *Column) *CreateTableSqlBuilder { | |||||
if b.Columns == nil { | |||||
b.Columns = make(map[string]*Column) | |||||
} | |||||
b.Columns[column.Name] = column | |||||
b.ColumnOrder = append(b.ColumnOrder, column.Name) | |||||
return b | |||||
} | |||||
func (b *CreateTableSqlBuilder) UniqueConstraint(columns ...string) *CreateTableSqlBuilder { | |||||
for _, column := range columns { | |||||
if _, ok := b.Columns[column]; !ok { | |||||
// This fails silently. | |||||
return b | |||||
} | |||||
} | |||||
b.Constraints = append(b.Constraints, fmt.Sprintf("UNIQUE(%s)", strings.Join(columns, ","))) | |||||
return b | |||||
} | |||||
func (b *CreateTableSqlBuilder) SetIfNotExists(ine bool) *CreateTableSqlBuilder { | |||||
b.IfNotExists = ine | |||||
return b | |||||
} | |||||
func (b *CreateTableSqlBuilder) ToSQL() (string, error) { | |||||
var str strings.Builder | |||||
str.WriteString("CREATE TABLE ") | |||||
if b.IfNotExists { | |||||
str.WriteString("IF NOT EXISTS ") | |||||
} | |||||
str.WriteString(b.Name) | |||||
var things []string | |||||
for _, columnName := range b.ColumnOrder { | |||||
column, ok := b.Columns[columnName] | |||||
if !ok { | |||||
return "", fmt.Errorf("column not found: %s", columnName) | |||||
} | |||||
columnStr, err := column.String() | |||||
if err != nil { | |||||
return "", err | |||||
} | |||||
things = append(things, columnStr) | |||||
} | |||||
for _, constraint := range b.Constraints { | |||||
things = append(things, constraint) | |||||
} | |||||
if thingLen := len(things); thingLen > 0 { | |||||
str.WriteString(" ( ") | |||||
for i, thing := range things { | |||||
str.WriteString(thing) | |||||
if i < thingLen-1 { | |||||
str.WriteString(", ") | |||||
} | |||||
} | |||||
str.WriteString(" )") | |||||
} | |||||
return str.String(), nil | |||||
} |
@@ -0,0 +1,146 @@ | |||||
package db | |||||
import ( | |||||
"github.com/stretchr/testify/assert" | |||||
"testing" | |||||
) | |||||
func TestDialect_Column(t *testing.T) { | |||||
c1 := DialectSQLite.Column("foo", ColumnTypeBool, UnsetSize) | |||||
assert.Equal(t, DialectSQLite, c1.Dialect) | |||||
c2 := DialectMySQL.Column("foo", ColumnTypeBool, UnsetSize) | |||||
assert.Equal(t, DialectMySQL, c2.Dialect) | |||||
} | |||||
func TestColumnType_Format(t *testing.T) { | |||||
type args struct { | |||||
dialect DialectType | |||||
size OptionalInt | |||||
} | |||||
tests := []struct { | |||||
name string | |||||
d ColumnType | |||||
args args | |||||
want string | |||||
wantErr bool | |||||
}{ | |||||
{"Sqlite bool", ColumnTypeBool, args{dialect: DialectSQLite}, "INTEGER", false}, | |||||
{"Sqlite small int", ColumnTypeSmallInt, args{dialect: DialectSQLite}, "INTEGER", false}, | |||||
{"Sqlite int", ColumnTypeInteger, args{dialect: DialectSQLite}, "INTEGER", false}, | |||||
{"Sqlite char", ColumnTypeChar, args{dialect: DialectSQLite}, "TEXT", false}, | |||||
{"Sqlite varchar", ColumnTypeVarChar, args{dialect: DialectSQLite}, "TEXT", false}, | |||||
{"Sqlite text", ColumnTypeText, args{dialect: DialectSQLite}, "TEXT", false}, | |||||
{"Sqlite datetime", ColumnTypeDateTime, args{dialect: DialectSQLite}, "DATETIME", false}, | |||||
{"MySQL bool", ColumnTypeBool, args{dialect: DialectMySQL}, "TINYINT(1)", false}, | |||||
{"MySQL small int", ColumnTypeSmallInt, args{dialect: DialectMySQL}, "SMALLINT", false}, | |||||
{"MySQL small int with param", ColumnTypeSmallInt, args{dialect: DialectMySQL, size: OptionalInt{true, 3}}, "SMALLINT(3)", false}, | |||||
{"MySQL int", ColumnTypeInteger, args{dialect: DialectMySQL}, "INT", false}, | |||||
{"MySQL int with param", ColumnTypeInteger, args{dialect: DialectMySQL, size: OptionalInt{true, 11}}, "INT(11)", false}, | |||||
{"MySQL char", ColumnTypeChar, args{dialect: DialectMySQL}, "CHAR", false}, | |||||
{"MySQL char with param", ColumnTypeChar, args{dialect: DialectMySQL, size: OptionalInt{true, 4}}, "CHAR(4)", false}, | |||||
{"MySQL varchar", ColumnTypeVarChar, args{dialect: DialectMySQL}, "VARCHAR", false}, | |||||
{"MySQL varchar with param", ColumnTypeVarChar, args{dialect: DialectMySQL, size: OptionalInt{true, 25}}, "VARCHAR(25)", false}, | |||||
{"MySQL text", ColumnTypeText, args{dialect: DialectMySQL}, "TEXT", false}, | |||||
{"MySQL datetime", ColumnTypeDateTime, args{dialect: DialectMySQL}, "DATETIME", false}, | |||||
{"invalid column type", 10000, args{dialect: DialectMySQL}, "", true}, | |||||
{"invalid dialect", ColumnTypeBool, args{dialect: 10000}, "", true}, | |||||
} | |||||
for _, tt := range tests { | |||||
t.Run(tt.name, func(t *testing.T) { | |||||
got, err := tt.d.Format(tt.args.dialect, tt.args.size) | |||||
if (err != nil) != tt.wantErr { | |||||
t.Errorf("Format() error = %v, wantErr %v", err, tt.wantErr) | |||||
return | |||||
} | |||||
if got != tt.want { | |||||
t.Errorf("Format() got = %v, want %v", got, tt.want) | |||||
} | |||||
}) | |||||
} | |||||
} | |||||
func TestColumn_Build(t *testing.T) { | |||||
type fields struct { | |||||
Dialect DialectType | |||||
Name string | |||||
Nullable bool | |||||
Default OptionalString | |||||
Type ColumnType | |||||
Size OptionalInt | |||||
PrimaryKey bool | |||||
} | |||||
tests := []struct { | |||||
name string | |||||
fields fields | |||||
want string | |||||
wantErr bool | |||||
}{ | |||||
{"Sqlite bool", fields{DialectSQLite, "foo", false, UnsetDefault, ColumnTypeBool, UnsetSize, false}, "foo INTEGER NOT NULL", false}, | |||||
{"Sqlite bool nullable", fields{DialectSQLite, "foo", true, UnsetDefault, ColumnTypeBool, UnsetSize, false}, "foo INTEGER", false}, | |||||
{"Sqlite small int", fields{DialectSQLite, "foo", false, UnsetDefault, ColumnTypeSmallInt, UnsetSize, true}, "foo INTEGER NOT NULL PRIMARY KEY", false}, | |||||
{"Sqlite small int nullable", fields{DialectSQLite, "foo", true, UnsetDefault, ColumnTypeSmallInt, UnsetSize, false}, "foo INTEGER", false}, | |||||
{"Sqlite int", fields{DialectSQLite, "foo", false, UnsetDefault, ColumnTypeInteger, UnsetSize, false}, "foo INTEGER NOT NULL", false}, | |||||
{"Sqlite int nullable", fields{DialectSQLite, "foo", true, UnsetDefault, ColumnTypeInteger, UnsetSize, false}, "foo INTEGER", false}, | |||||
{"Sqlite char", fields{DialectSQLite, "foo", false, UnsetDefault, ColumnTypeChar, UnsetSize, false}, "foo TEXT NOT NULL", false}, | |||||
{"Sqlite char nullable", fields{DialectSQLite, "foo", true, UnsetDefault, ColumnTypeChar, UnsetSize, false}, "foo TEXT", false}, | |||||
{"Sqlite varchar", fields{DialectSQLite, "foo", false, UnsetDefault, ColumnTypeVarChar, UnsetSize, false}, "foo TEXT NOT NULL", false}, | |||||
{"Sqlite varchar nullable", fields{DialectSQLite, "foo", true, UnsetDefault, ColumnTypeVarChar, UnsetSize, false}, "foo TEXT", false}, | |||||
{"Sqlite text", fields{DialectSQLite, "foo", false, UnsetDefault, ColumnTypeText, UnsetSize, false}, "foo TEXT NOT NULL", false}, | |||||
{"Sqlite text nullable", fields{DialectSQLite, "foo", true, UnsetDefault, ColumnTypeText, UnsetSize, false}, "foo TEXT", false}, | |||||
{"Sqlite datetime", fields{DialectSQLite, "foo", false, UnsetDefault, ColumnTypeDateTime, UnsetSize, false}, "foo DATETIME NOT NULL", false}, | |||||
{"Sqlite datetime nullable", fields{DialectSQLite, "foo", true, UnsetDefault, ColumnTypeDateTime, UnsetSize, false}, "foo DATETIME", false}, | |||||
{"MySQL bool", fields{DialectMySQL, "foo", false, UnsetDefault, ColumnTypeBool, UnsetSize, false}, "foo TINYINT(1) NOT NULL", false}, | |||||
{"MySQL bool nullable", fields{DialectMySQL, "foo", true, UnsetDefault, ColumnTypeBool, UnsetSize, false}, "foo TINYINT(1)", false}, | |||||
{"MySQL small int", fields{DialectMySQL, "foo", false, UnsetDefault, ColumnTypeSmallInt, UnsetSize, true}, "foo SMALLINT NOT NULL PRIMARY KEY", false}, | |||||
{"MySQL small int nullable", fields{DialectMySQL, "foo", true, UnsetDefault, ColumnTypeSmallInt, UnsetSize, false}, "foo SMALLINT", false}, | |||||
{"MySQL int", fields{DialectMySQL, "foo", false, UnsetDefault, ColumnTypeInteger, UnsetSize, false}, "foo INT NOT NULL", false}, | |||||
{"MySQL int nullable", fields{DialectMySQL, "foo", true, UnsetDefault, ColumnTypeInteger, UnsetSize, false}, "foo INT", false}, | |||||
{"MySQL char", fields{DialectMySQL, "foo", false, UnsetDefault, ColumnTypeChar, UnsetSize, false}, "foo CHAR NOT NULL", false}, | |||||
{"MySQL char nullable", fields{DialectMySQL, "foo", true, UnsetDefault, ColumnTypeChar, UnsetSize, false}, "foo CHAR", false}, | |||||
{"MySQL varchar", fields{DialectMySQL, "foo", false, UnsetDefault, ColumnTypeVarChar, UnsetSize, false}, "foo VARCHAR NOT NULL", false}, | |||||
{"MySQL varchar nullable", fields{DialectMySQL, "foo", true, UnsetDefault, ColumnTypeVarChar, UnsetSize, false}, "foo VARCHAR", false}, | |||||
{"MySQL text", fields{DialectMySQL, "foo", false, UnsetDefault, ColumnTypeText, UnsetSize, false}, "foo TEXT NOT NULL", false}, | |||||
{"MySQL text nullable", fields{DialectMySQL, "foo", true, UnsetDefault, ColumnTypeText, UnsetSize, false}, "foo TEXT", false}, | |||||
{"MySQL datetime", fields{DialectMySQL, "foo", false, UnsetDefault, ColumnTypeDateTime, UnsetSize, false}, "foo DATETIME NOT NULL", false}, | |||||
{"MySQL datetime nullable", fields{DialectMySQL, "foo", true, UnsetDefault, ColumnTypeDateTime, UnsetSize, false}, "foo DATETIME", false}, | |||||
} | |||||
for _, tt := range tests { | |||||
t.Run(tt.name, func(t *testing.T) { | |||||
c := &Column{ | |||||
Dialect: tt.fields.Dialect, | |||||
Name: tt.fields.Name, | |||||
Nullable: tt.fields.Nullable, | |||||
Default: tt.fields.Default, | |||||
Type: tt.fields.Type, | |||||
Size: tt.fields.Size, | |||||
PrimaryKey: tt.fields.PrimaryKey, | |||||
} | |||||
if got, err := c.String(); got != tt.want { | |||||
if (err != nil) != tt.wantErr { | |||||
t.Errorf("String() error = %v, wantErr %v", err, tt.wantErr) | |||||
return | |||||
} | |||||
if got != tt.want { | |||||
t.Errorf("String() got = %v, want %v", got, tt.want) | |||||
} | |||||
} | |||||
}) | |||||
} | |||||
} | |||||
func TestCreateTableSqlBuilder_ToSQL(t *testing.T) { | |||||
sql, err := DialectMySQL. | |||||
Table("foo"). | |||||
SetIfNotExists(true). | |||||
Column(DialectMySQL.Column("bar", ColumnTypeInteger, UnsetSize).SetPrimaryKey(true)). | |||||
Column(DialectMySQL.Column("baz", ColumnTypeText, UnsetSize)). | |||||
Column(DialectMySQL.Column("qux", ColumnTypeDateTime, UnsetSize).SetDefault("NOW()")). | |||||
UniqueConstraint("bar"). | |||||
UniqueConstraint("bar", "baz"). | |||||
ToSQL() | |||||
assert.NoError(t, err) | |||||
assert.Equal(t, "CREATE TABLE IF NOT EXISTS foo ( bar INT NOT NULL PRIMARY KEY, baz TEXT NOT NULL, qux DATETIME NOT NULL DEFAULT NOW(), UNIQUE(bar), UNIQUE(bar,baz) )", sql) | |||||
} |
@@ -0,0 +1,26 @@ | |||||
package db | |||||
import ( | |||||
"context" | |||||
"database/sql" | |||||
) | |||||
// TransactionScopedWork describes code executed within a database transaction. | |||||
type TransactionScopedWork func(ctx context.Context, db *sql.Tx) error | |||||
// RunTransactionWithOptions executes a block of code within a database transaction. | |||||
func RunTransactionWithOptions(ctx context.Context, db *sql.DB, txOpts *sql.TxOptions, txWork TransactionScopedWork) error { | |||||
tx, err := db.BeginTx(ctx, txOpts) | |||||
if err != nil { | |||||
return err | |||||
} | |||||
if err = txWork(ctx, tx); err != nil { | |||||
if txErr := tx.Rollback(); txErr != nil { | |||||
return txErr | |||||
} | |||||
return err | |||||
} | |||||
return tx.Commit() | |||||
} | |||||
@@ -49,7 +49,7 @@ require ( | |||||
golang.org/x/lint v0.0.0-20181217174547-8f45f776aaf1 // indirect | golang.org/x/lint v0.0.0-20181217174547-8f45f776aaf1 // indirect | ||||
golang.org/x/net v0.0.0-20190206173232-65e2d4e15006 // indirect | golang.org/x/net v0.0.0-20190206173232-65e2d4e15006 // indirect | ||||
golang.org/x/sys v0.0.0-20190209173611-3b5209105503 // indirect | golang.org/x/sys v0.0.0-20190209173611-3b5209105503 // indirect | ||||
golang.org/x/tools v0.0.0-20190208222737-3744606dbb67 // indirect | |||||
golang.org/x/tools v0.0.0-20190208222737-3744606dbb67 | |||||
google.golang.org/appengine v1.4.0 // indirect | google.golang.org/appengine v1.4.0 // indirect | ||||
gopkg.in/alecthomas/kingpin.v3-unstable v3.0.0-20180810215634-df19058c872c // indirect | gopkg.in/alecthomas/kingpin.v3-unstable v3.0.0-20180810215634-df19058c872c // indirect | ||||
gopkg.in/ini.v1 v1.41.0 | gopkg.in/ini.v1 v1.41.0 | ||||
@@ -64,7 +64,6 @@ github.com/jtolds/gls v4.2.1+incompatible h1:fSuqC+Gmlu6l/ZYAoZzx2pyucC8Xza35fpR | |||||
github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= | github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= | ||||
github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a h1:FaWFmfWdAUKbSCtOU2QjDaorUexogfaMgbipgYATUMU= | github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a h1:FaWFmfWdAUKbSCtOU2QjDaorUexogfaMgbipgYATUMU= | ||||
github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a/go.mod h1:UJSiEoRfvx3hP73CvoARgeLjaIOjybY9vj8PUPPFGeU= | github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a/go.mod h1:UJSiEoRfvx3hP73CvoARgeLjaIOjybY9vj8PUPPFGeU= | ||||
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= | |||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= | ||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= | ||||
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= | github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= | ||||
@@ -1,18 +1,153 @@ | |||||
package writefreely | package writefreely | ||||
import ( | import ( | ||||
"context" | |||||
"database/sql" | |||||
"encoding/gob" | "encoding/gob" | ||||
"errors" | |||||
"fmt" | |||||
uuid "github.com/nu7hatch/gouuid" | |||||
"github.com/stretchr/testify/assert" | |||||
"math/rand" | "math/rand" | ||||
"os" | "os" | ||||
"strings" | |||||
"testing" | "testing" | ||||
"time" | "time" | ||||
) | ) | ||||
var testDB *sql.DB | |||||
type ScopedTestBody func(*sql.DB) | |||||
// TestMain provides testing infrastructure within this package. | // TestMain provides testing infrastructure within this package. | ||||
func TestMain(m *testing.M) { | func TestMain(m *testing.M) { | ||||
rand.Seed(time.Now().UTC().UnixNano()) | rand.Seed(time.Now().UTC().UnixNano()) | ||||
gob.Register(&User{}) | gob.Register(&User{}) | ||||
os.Exit(m.Run()) | |||||
if runMySQLTests() { | |||||
var err error | |||||
testDB, err = initMySQL(os.Getenv("WF_USER"), os.Getenv("WF_PASSWORD"), os.Getenv("WF_DB"), os.Getenv("WF_HOST")) | |||||
if err != nil { | |||||
fmt.Println(err) | |||||
return | |||||
} | |||||
} | |||||
code := m.Run() | |||||
if runMySQLTests() { | |||||
if closeErr := testDB.Close(); closeErr != nil { | |||||
fmt.Println(closeErr) | |||||
} | |||||
} | |||||
os.Exit(code) | |||||
} | |||||
func runMySQLTests() bool { | |||||
return len(os.Getenv("TEST_MYSQL")) > 0 | |||||
} | |||||
func initMySQL(dbUser, dbPassword, dbName, dbHost string) (*sql.DB, error) { | |||||
if dbUser == "" || dbPassword == "" { | |||||
return nil, errors.New("database user or password not set") | |||||
} | |||||
if dbHost == "" { | |||||
dbHost = "localhost" | |||||
} | |||||
if dbName == "" { | |||||
dbName = "writefreely" | |||||
} | |||||
dsn := fmt.Sprintf("%s:%s@tcp(%s:3306)/%s?charset=utf8mb4&parseTime=true", dbUser, dbPassword, dbHost, dbName) | |||||
db, err := sql.Open("mysql", dsn) | |||||
if err != nil { | |||||
return nil, err | |||||
} | |||||
if err := ensureMySQL(db); err != nil { | |||||
return nil, err | |||||
} | |||||
return db, nil | |||||
} | |||||
func ensureMySQL(db *sql.DB) error { | |||||
if err := db.Ping(); err != nil { | |||||
return err | |||||
} | |||||
db.SetMaxOpenConns(250) | |||||
return nil | |||||
} | |||||
// withTestDB provides a scoped database connection. | |||||
func withTestDB(t *testing.T, testBody ScopedTestBody) { | |||||
db, cleanup, err := newTestDatabase(testDB, | |||||
os.Getenv("WF_USER"), | |||||
os.Getenv("WF_PASSWORD"), | |||||
os.Getenv("WF_DB"), | |||||
os.Getenv("WF_HOST"), | |||||
) | |||||
assert.NoError(t, err) | |||||
defer func() { | |||||
assert.NoError(t, cleanup()) | |||||
}() | |||||
testBody(db) | |||||
} | |||||
// newTestDatabase creates a new temporary test database. When a test | |||||
// database connection is returned, it will have created a new database and | |||||
// initialized it with tables from a reference database. | |||||
func newTestDatabase(base *sql.DB, dbUser, dbPassword, dbName, dbHost string) (*sql.DB, func() error, error) { | |||||
var err error | |||||
var baseName = dbName | |||||
if baseName == "" { | |||||
row := base.QueryRow("SELECT DATABASE()") | |||||
err := row.Scan(&baseName) | |||||
if err != nil { | |||||
return nil, nil, err | |||||
} | |||||
} | |||||
tUUID, _ := uuid.NewV4() | |||||
suffix := strings.Replace(tUUID.String(), "-", "_", -1) | |||||
newDBName := baseName + suffix | |||||
_, err = base.Exec("CREATE DATABASE " + newDBName) | |||||
if err != nil { | |||||
return nil, nil, err | |||||
} | |||||
newDB, err := initMySQL(dbUser, dbPassword, newDBName, dbHost) | |||||
if err != nil { | |||||
return nil, nil, err | |||||
} | |||||
rows, err := base.Query("SHOW TABLES IN " + baseName) | |||||
if err != nil { | |||||
return nil, nil, err | |||||
} | |||||
for rows.Next() { | |||||
var tableName string | |||||
if err := rows.Scan(&tableName); err != nil { | |||||
return nil, nil, err | |||||
} | |||||
query := fmt.Sprintf("CREATE TABLE %s LIKE %s.%s", tableName, baseName, tableName) | |||||
if _, err := newDB.Exec(query); err != nil { | |||||
return nil, nil, err | |||||
} | |||||
} | |||||
cleanup := func() error { | |||||
if closeErr := newDB.Close(); closeErr != nil { | |||||
fmt.Println(closeErr) | |||||
} | |||||
_, err = base.Exec("DROP DATABASE " + newDBName) | |||||
return err | |||||
} | |||||
return newDB, cleanup, nil | |||||
} | |||||
func countRows(t *testing.T, ctx context.Context, db *sql.DB, count int, query string, args ...interface{}) { | |||||
var returned int | |||||
err := db.QueryRowContext(ctx, query, args...).Scan(&returned) | |||||
assert.NoError(t, err, "error executing query %s and args %s", query, args) | |||||
assert.Equal(t, count, returned, "unexpected return count %d, expected %d from %s and args %s", returned, count, query, args) | |||||
} | } |
@@ -59,6 +59,7 @@ var migrations = []Migration{ | |||||
New("support user invites", supportUserInvites), // -> V1 (v0.8.0) | New("support user invites", supportUserInvites), // -> V1 (v0.8.0) | ||||
New("support dynamic instance pages", supportInstancePages), // V1 -> V2 (v0.9.0) | New("support dynamic instance pages", supportInstancePages), // V1 -> V2 (v0.9.0) | ||||
New("support users suspension", supportUserStatus), // V2 -> V3 (v0.11.0) | New("support users suspension", supportUserStatus), // V2 -> V3 (v0.11.0) | ||||
New("support oauth", oauth), // V3 -> V4 | |||||
} | } | ||||
// CurrentVer returns the current migration version the application is on | // CurrentVer returns the current migration version the application is on | ||||
@@ -0,0 +1,46 @@ | |||||
package migrations | |||||
import ( | |||||
"context" | |||||
"database/sql" | |||||
wf_db "github.com/writeas/writefreely/db" | |||||
) | |||||
func oauth(db *datastore) error { | |||||
dialect := wf_db.DialectMySQL | |||||
if db.driverName == driverSQLite { | |||||
dialect = wf_db.DialectSQLite | |||||
} | |||||
return wf_db.RunTransactionWithOptions(context.Background(), db.DB, &sql.TxOptions{}, func(ctx context.Context, tx *sql.Tx) error { | |||||
createTableUsersOauth, err := dialect. | |||||
Table("users_oauth"). | |||||
SetIfNotExists(true). | |||||
Column(dialect.Column("user_id", wf_db.ColumnTypeInteger, wf_db.UnsetSize)). | |||||
Column(dialect.Column("remote_user_id", wf_db.ColumnTypeInteger, wf_db.UnsetSize)). | |||||
UniqueConstraint("user_id"). | |||||
UniqueConstraint("remote_user_id"). | |||||
ToSQL() | |||||
if err != nil { | |||||
return err | |||||
} | |||||
createTableOauthClientState, err := dialect. | |||||
Table("oauth_client_state"). | |||||
SetIfNotExists(true). | |||||
Column(dialect.Column("state", wf_db.ColumnTypeVarChar, wf_db.OptionalInt{Set: true, Value: 255})). | |||||
Column(dialect.Column("used", wf_db.ColumnTypeBool, wf_db.UnsetSize)). | |||||
Column(dialect.Column("created_at", wf_db.ColumnTypeDateTime, wf_db.UnsetSize).SetDefault("NOW()")). | |||||
UniqueConstraint("state"). | |||||
ToSQL() | |||||
if err != nil { | |||||
return err | |||||
} | |||||
for _, table := range []string{createTableUsersOauth, createTableOauthClientState} { | |||||
if _, err := tx.ExecContext(ctx, table); err != nil { | |||||
return err | |||||
} | |||||
} | |||||
return nil | |||||
}) | |||||
} |
@@ -3,9 +3,9 @@ package writefreely | |||||
import ( | import ( | ||||
"context" | "context" | ||||
"encoding/json" | "encoding/json" | ||||
"fmt" | |||||
"github.com/gorilla/sessions" | "github.com/gorilla/sessions" | ||||
"github.com/guregu/null/zero" | "github.com/guregu/null/zero" | ||||
"github.com/writeas/impart" | |||||
"github.com/writeas/web-core/auth" | "github.com/writeas/web-core/auth" | ||||
"github.com/writeas/web-core/log" | "github.com/writeas/web-core/log" | ||||
"github.com/writeas/writefreely/config" | "github.com/writeas/writefreely/config" | ||||
@@ -67,12 +67,15 @@ type HttpClient interface { | |||||
} | } | ||||
type oauthHandler struct { | type oauthHandler struct { | ||||
Config *config.Config | |||||
DB OAuthDatastore | |||||
Store sessions.Store | |||||
HttpClient HttpClient | HttpClient HttpClient | ||||
} | } | ||||
// buildAuthURL returns a URL used to initiate authentication. | // buildAuthURL returns a URL used to initiate authentication. | ||||
func buildAuthURL(app OAuthDatastoreProvider, ctx context.Context, clientID, authLocation, callbackURL string) (string, error) { | |||||
state, err := app.DB().GenerateOAuthState(ctx) | |||||
func buildAuthURL(db OAuthDatastore, ctx context.Context, clientID, authLocation, callbackURL string) (string, error) { | |||||
state, err := db.GenerateOAuthState(ctx) | |||||
if err != nil { | if err != nil { | ||||
return "", err | return "", err | ||||
} | } | ||||
@@ -91,44 +94,50 @@ func buildAuthURL(app OAuthDatastoreProvider, ctx context.Context, clientID, aut | |||||
return u.String(), nil | return u.String(), nil | ||||
} | } | ||||
func (h oauthHandler) viewOauthInit(app OAuthDatastoreProvider, w http.ResponseWriter, r *http.Request) error { | |||||
location, err := buildAuthURL(app, r.Context(), app.Config().App.OAuthClientID, app.Config().App.OAuthProviderAuthLocation, app.Config().App.OAuthClientCallbackLocation) | |||||
// app *App, w http.ResponseWriter, r *http.Request | |||||
func (h oauthHandler) viewOauthInit(w http.ResponseWriter, r *http.Request) { | |||||
location, err := buildAuthURL(h.DB, r.Context(), h.Config.App.OAuthClientID, h.Config.App.OAuthProviderAuthLocation, h.Config.App.OAuthClientCallbackLocation) | |||||
if err != nil { | if err != nil { | ||||
log.ErrorLog.Println(err) | |||||
return impart.HTTPError{Status: http.StatusInternalServerError, Message: "Could not prepare OAuth redirect URL."} | |||||
failOAuthRequest(w, http.StatusInternalServerError, "could not prepare oauth redirect url") | |||||
return | |||||
} | } | ||||
http.Redirect(w, r, location, http.StatusTemporaryRedirect) | http.Redirect(w, r, location, http.StatusTemporaryRedirect) | ||||
return nil | |||||
} | } | ||||
func (h oauthHandler) viewOauthCallback(app OAuthDatastoreProvider, w http.ResponseWriter, r *http.Request) error { | |||||
func (h oauthHandler) viewOauthCallback(w http.ResponseWriter, r *http.Request) { | |||||
ctx := r.Context() | ctx := r.Context() | ||||
code := r.FormValue("code") | code := r.FormValue("code") | ||||
state := r.FormValue("state") | state := r.FormValue("state") | ||||
err := app.DB().ValidateOAuthState(ctx, state) | |||||
err := h.DB.ValidateOAuthState(ctx, state) | |||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | } | ||||
tokenResponse, err := h.exchangeOauthCode(app, ctx, code) | |||||
tokenResponse, err := h.exchangeOauthCode(ctx, code) | |||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | } | ||||
// Now that we have the access token, let's use it real quick to make sur | // Now that we have the access token, let's use it real quick to make sur | ||||
// it really really works. | // it really really works. | ||||
tokenInfo, err := h.inspectOauthAccessToken(app, ctx, tokenResponse.AccessToken) | |||||
tokenInfo, err := h.inspectOauthAccessToken(ctx, tokenResponse.AccessToken) | |||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | } | ||||
localUserID, err := app.DB().GetIDForRemoteUser(ctx, tokenInfo.UserID) | |||||
localUserID, err := h.DB.GetIDForRemoteUser(ctx, tokenInfo.UserID) | |||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | } | ||||
fmt.Println("local user id", localUserID) | |||||
if localUserID == -1 { | if localUserID == -1 { | ||||
// We don't have, nor do we want, the password from the origin, so we | // We don't have, nor do we want, the password from the origin, so we | ||||
//create a random string. If the user needs to set a password, they | //create a random string. If the user needs to set a password, they | ||||
@@ -136,12 +145,14 @@ func (h oauthHandler) viewOauthCallback(app OAuthDatastoreProvider, w http.Respo | |||||
//flow. | //flow. | ||||
randPass, err := randString(14) | randPass, err := randString(14) | ||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | } | ||||
hashedPass, err := auth.HashPass([]byte(randPass)) | hashedPass, err := auth.HashPass([]byte(randPass)) | ||||
if err != nil { | if err != nil { | ||||
log.ErrorLog.Println(err) | log.ErrorLog.Println(err) | ||||
return impart.HTTPError{http.StatusInternalServerError, "Could not create password hash."} | |||||
failOAuthRequest(w, http.StatusInternalServerError, "unable to create password hash") | |||||
return | |||||
} | } | ||||
newUser := &User{ | newUser := &User{ | ||||
Username: tokenInfo.Username, | Username: tokenInfo.Username, | ||||
@@ -151,32 +162,40 @@ func (h oauthHandler) viewOauthCallback(app OAuthDatastoreProvider, w http.Respo | |||||
Created: time.Now().Truncate(time.Second).UTC(), | Created: time.Now().Truncate(time.Second).UTC(), | ||||
} | } | ||||
err = app.DB().CreateUser(app.Config(), newUser, newUser.Username) | |||||
err = h.DB.CreateUser(h.Config, newUser, newUser.Username) | |||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | } | ||||
err = app.DB().RecordRemoteUserID(ctx, newUser.ID, tokenInfo.UserID) | |||||
err = h.DB.RecordRemoteUserID(ctx, newUser.ID, tokenInfo.UserID) | |||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | } | ||||
return loginOrFail(app, w, r, newUser) | |||||
if err := loginOrFail(h.Store, w, r, newUser); err != nil { | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
} | |||||
return | |||||
} | } | ||||
user, err := app.DB().GetUserForAuthByID(localUserID) | |||||
user, err := h.DB.GetUserForAuthByID(localUserID) | |||||
if err != nil { | if err != nil { | ||||
return err | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
return | |||||
} | |||||
if err = loginOrFail(h.Store, w, r, user); err != nil { | |||||
failOAuthRequest(w, http.StatusInternalServerError, err.Error()) | |||||
} | } | ||||
return loginOrFail(app, w, r, user) | |||||
} | } | ||||
func (h oauthHandler) exchangeOauthCode(app OAuthDatastoreProvider, ctx context.Context, code string) (*TokenResponse, error) { | |||||
func (h oauthHandler) exchangeOauthCode(ctx context.Context, code string) (*TokenResponse, error) { | |||||
form := url.Values{} | form := url.Values{} | ||||
form.Add("grant_type", "authorization_code") | form.Add("grant_type", "authorization_code") | ||||
form.Add("redirect_uri", app.Config().App.OAuthClientCallbackLocation) | |||||
form.Add("redirect_uri", h.Config.App.OAuthClientCallbackLocation) | |||||
form.Add("code", code) | form.Add("code", code) | ||||
req, err := http.NewRequest("POST", app.Config().App.OAuthProviderTokenLocation, strings.NewReader(form.Encode())) | |||||
req, err := http.NewRequest("POST", h.Config.App.OAuthProviderTokenLocation, strings.NewReader(form.Encode())) | |||||
if err != nil { | if err != nil { | ||||
return nil, err | return nil, err | ||||
} | } | ||||
@@ -184,7 +203,7 @@ func (h oauthHandler) exchangeOauthCode(app OAuthDatastoreProvider, ctx context. | |||||
req.Header.Set("User-Agent", "writefreely") | req.Header.Set("User-Agent", "writefreely") | ||||
req.Header.Set("Accept", "application/json") | req.Header.Set("Accept", "application/json") | ||||
req.Header.Set("Content-Type", "application/x-www-form-urlencoded") | req.Header.Set("Content-Type", "application/x-www-form-urlencoded") | ||||
req.SetBasicAuth(app.Config().App.OAuthClientID, app.Config().App.OAuthClientSecret) | |||||
req.SetBasicAuth(h.Config.App.OAuthClientID, h.Config.App.OAuthClientSecret) | |||||
resp, err := h.HttpClient.Do(req) | resp, err := h.HttpClient.Do(req) | ||||
if err != nil { | if err != nil { | ||||
@@ -207,8 +226,8 @@ func (h oauthHandler) exchangeOauthCode(app OAuthDatastoreProvider, ctx context. | |||||
return &tokenResponse, nil | return &tokenResponse, nil | ||||
} | } | ||||
func (h oauthHandler) inspectOauthAccessToken(app OAuthDatastoreProvider, ctx context.Context, accessToken string) (*InspectResponse, error) { | |||||
req, err := http.NewRequest("GET", app.Config().App.OAuthProviderInspectLocation, nil) | |||||
func (h oauthHandler) inspectOauthAccessToken(ctx context.Context, accessToken string) (*InspectResponse, error) { | |||||
req, err := http.NewRequest("GET", h.Config.App.OAuthProviderInspectLocation, nil) | |||||
if err != nil { | if err != nil { | ||||
return nil, err | return nil, err | ||||
} | } | ||||
@@ -238,15 +257,27 @@ func (h oauthHandler) inspectOauthAccessToken(app OAuthDatastoreProvider, ctx co | |||||
return &inspectResponse, nil | return &inspectResponse, nil | ||||
} | } | ||||
func loginOrFail(app OAuthDatastoreProvider, w http.ResponseWriter, r *http.Request, user *User) error { | |||||
session, err := app.SessionStore().Get(r, cookieName) | |||||
if err != nil { | |||||
return err | |||||
} | |||||
func loginOrFail(store sessions.Store, w http.ResponseWriter, r *http.Request, user *User) error { | |||||
// An error may be returned, but a valid session should always be returned. | |||||
session, _ := store.Get(r, cookieName) | |||||
session.Values[cookieUserVal] = user.Cookie() | session.Values[cookieUserVal] = user.Cookie() | ||||
if err = session.Save(r, w); err != nil { | |||||
if err := session.Save(r, w); err != nil { | |||||
fmt.Println("error saving session", err) | |||||
return err | return err | ||||
} | } | ||||
http.Redirect(w, r, "/", http.StatusTemporaryRedirect) | http.Redirect(w, r, "/", http.StatusTemporaryRedirect) | ||||
return nil | return nil | ||||
} | } | ||||
// failOAuthRequest is an HTTP handler helper that formats returned error | |||||
// messages. | |||||
func failOAuthRequest(w http.ResponseWriter, statusCode int, message string) { | |||||
w.Header().Set("Content-Type", "application/json") | |||||
w.WriteHeader(statusCode) | |||||
err := json.NewEncoder(w).Encode(map[string]interface{}{ | |||||
"error": message, | |||||
}) | |||||
if err != nil { | |||||
panic(err) | |||||
} | |||||
} |
@@ -5,7 +5,6 @@ import ( | |||||
"fmt" | "fmt" | ||||
"github.com/gorilla/sessions" | "github.com/gorilla/sessions" | ||||
"github.com/stretchr/testify/assert" | "github.com/stretchr/testify/assert" | ||||
"github.com/writeas/impart" | |||||
"github.com/writeas/writefreely/config" | "github.com/writeas/writefreely/config" | ||||
"net/http" | "net/http" | ||||
"net/http/httptest" | "net/http/httptest" | ||||
@@ -125,14 +124,18 @@ func (m *MockOAuthDatastore) GenerateOAuthState(ctx context.Context) (string, er | |||||
} | } | ||||
func TestViewOauthInit(t *testing.T) { | func TestViewOauthInit(t *testing.T) { | ||||
h := oauthHandler{} | |||||
t.Run("success", func(t *testing.T) { | t.Run("success", func(t *testing.T) { | ||||
app := &MockOAuthDatastoreProvider{} | app := &MockOAuthDatastoreProvider{} | ||||
h := oauthHandler{ | |||||
Config: app.Config(), | |||||
DB: app.DB(), | |||||
Store: app.SessionStore(), | |||||
} | |||||
req, err := http.NewRequest("GET", "/oauth/client", nil) | req, err := http.NewRequest("GET", "/oauth/client", nil) | ||||
assert.NoError(t, err) | assert.NoError(t, err) | ||||
rr := httptest.NewRecorder() | rr := httptest.NewRecorder() | ||||
err = h.viewOauthInit(app, rr, req) | |||||
assert.NoError(t, err) | |||||
h.viewOauthInit(rr, req) | |||||
assert.Equal(t, http.StatusTemporaryRedirect, rr.Code) | assert.Equal(t, http.StatusTemporaryRedirect, rr.Code) | ||||
locURI, err := url.Parse(rr.Header().Get("Location")) | locURI, err := url.Parse(rr.Header().Get("Location")) | ||||
assert.NoError(t, err) | assert.NoError(t, err) | ||||
@@ -153,12 +156,18 @@ func TestViewOauthInit(t *testing.T) { | |||||
} | } | ||||
}, | }, | ||||
} | } | ||||
h := oauthHandler{ | |||||
Config: app.Config(), | |||||
DB: app.DB(), | |||||
Store: app.SessionStore(), | |||||
} | |||||
req, err := http.NewRequest("GET", "/oauth/client", nil) | req, err := http.NewRequest("GET", "/oauth/client", nil) | ||||
assert.NoError(t, err) | assert.NoError(t, err) | ||||
rr := httptest.NewRecorder() | rr := httptest.NewRecorder() | ||||
err = h.viewOauthInit(app, rr, req) | |||||
assert.Error(t, err) | |||||
assert.Equal(t, impart.HTTPError{Status: http.StatusInternalServerError, Message: "Could not prepare OAuth redirect URL."}, err) | |||||
h.viewOauthInit(rr, req) | |||||
assert.Equal(t, http.StatusInternalServerError, rr.Code) | |||||
expected := `{"error":"could not prepare oauth redirect url"}` + "\n" | |||||
assert.Equal(t, expected, rr.Body.String()) | |||||
}) | }) | ||||
} | } | ||||
@@ -166,6 +175,9 @@ func TestViewOauthCallback(t *testing.T) { | |||||
t.Run("success", func(t *testing.T) { | t.Run("success", func(t *testing.T) { | ||||
app := &MockOAuthDatastoreProvider{} | app := &MockOAuthDatastoreProvider{} | ||||
h := oauthHandler{ | h := oauthHandler{ | ||||
Config: app.Config(), | |||||
DB: app.DB(), | |||||
Store: app.SessionStore(), | |||||
HttpClient: &MockHTTPClient{ | HttpClient: &MockHTTPClient{ | ||||
DoDo: func(req *http.Request) (*http.Response, error) { | DoDo: func(req *http.Request) (*http.Response, error) { | ||||
switch req.URL.String() { | switch req.URL.String() { | ||||
@@ -190,7 +202,7 @@ func TestViewOauthCallback(t *testing.T) { | |||||
req, err := http.NewRequest("GET", "/oauth/callback", nil) | req, err := http.NewRequest("GET", "/oauth/callback", nil) | ||||
assert.NoError(t, err) | assert.NoError(t, err) | ||||
rr := httptest.NewRecorder() | rr := httptest.NewRecorder() | ||||
err = h.viewOauthCallback(app, rr, req) | |||||
h.viewOauthCallback(rr, req) | |||||
assert.NoError(t, err) | assert.NoError(t, err) | ||||
assert.Equal(t, http.StatusTemporaryRedirect, rr.Code) | assert.Equal(t, http.StatusTemporaryRedirect, rr.Code) | ||||
@@ -80,6 +80,16 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router { | |||||
auth.HandleFunc("/read", handler.WebErrors(handleWebCollectionUnlock, UserLevelNone)).Methods("POST") | auth.HandleFunc("/read", handler.WebErrors(handleWebCollectionUnlock, UserLevelNone)).Methods("POST") | ||||
auth.HandleFunc("/me", handler.All(handleAPILogout)).Methods("DELETE") | auth.HandleFunc("/me", handler.All(handleAPILogout)).Methods("DELETE") | ||||
oauthHandler := oauthHandler{ | |||||
HttpClient: &http.Client{}, | |||||
Config: apper.App().Config(), | |||||
DB: apper.App().DB(), | |||||
Store: apper.App().SessionStore(), | |||||
} | |||||
write.HandleFunc("/oauth/write.as", oauthHandler.viewOauthInit).Methods("GET") | |||||
write.HandleFunc("/oauth/callback", oauthHandler.viewOauthCallback).Methods("GET") | |||||
// Handle logged in user sections | // Handle logged in user sections | ||||
me := write.PathPrefix("/me").Subrouter() | me := write.PathPrefix("/me").Subrouter() | ||||
me.HandleFunc("/", handler.Redirect("/me", UserLevelUser)) | me.HandleFunc("/", handler.Redirect("/me", UserLevelUser)) | ||||