Support personal access tokens

Support personal access tokens

fakecas.go

@@ -12,11 +12,12 @@ import (
 )
 
 var (
-	Host            = flag.String("host", "localhost:8080", "The host to bind to")
-	DatabaseName    = flag.String("dbname", "osf20130903", "The name of your OSF database")
-	DatabaseAddress = flag.String("dbaddress", "localhost:27017", "The address of your mongodb. ie: localhost:27017")
-	DatabaseSession mgo.Session
-	UserCollection  *mgo.Collection
+	Host                  = flag.String("host", "localhost:8080", "The host to bind to")
+	DatabaseName          = flag.String("dbname", "osf20130903", "The name of your OSF database")
+	DatabaseAddress       = flag.String("dbaddress", "localhost:27017", "The address of your mongodb. ie: localhost:27017")
+	DatabaseSession       mgo.Session
+	UserCollection        *mgo.Collection
+	AccessTokenCollection *mgo.Collection
 )
 
 func main() {
@@ -51,6 +52,7 @@ func main() {
 	defer DatabaseSession.Close()
 
 	UserCollection = DatabaseSession.DB(*DatabaseName).C("user")
+	AccessTokenCollection = DatabaseSession.DB(*DatabaseName).C("apioauth2personaltoken")
 
 	fmt.Println("Listening on", *Host)
 	e.Run(standard.New(*Host))

types.go

@@ -10,6 +10,7 @@ type OAuthAttributes struct {
 type OAuthResponse struct {
 	Id         string          `json:"id"`
 	Attributes OAuthAttributes `json:"attributes"`
+	Scope      []string        `json:"scope"`
 }
 
 type User struct {
@@ -23,14 +24,22 @@ type User struct {
 }
 
 type ServiceResponse struct {
-	Xmlns        string   `xml:"xmlns:cas,attr"`
-	XMLName      xml.Name `xml:"cas:serviceResponse"`
-	User         string   `xml:"cas:authenticationSuccess>cas:user"`
-	NewLogin     bool     `xml:"cas:authenticationSuccess>cas:attributes>cas:isFromNewLogin"`
-	Date         string   `xml:"cas:authenticationSuccess>cas:attributes>cas:authenticationDate"`
-	GivenName    string   `xml:"cas:authenticationSuccess>cas:attributes>cas:givenName"`
-	FamilyName   string   `xml:"cas:authenticationSuccess>cas:attributes>cas:familyName"`
-	LongTermAuth bool     `xml:"cas:authenticationSuccess>cas:attributes>cas:longTermAuthenticationRequestTokenUsed"`
-	AccessToken  string   `xml:"cas:authenticationSuccess>cas:attributes>accessToken"`
-	UserName     string   `xml:"cas:authenticationSuccess>cas:attributes>username"`
+	Xmlns            string   `xml:"xmlns:cas,attr"`
+	XMLName          xml.Name `xml:"cas:serviceResponse"`
+	User             string   `xml:"cas:authenticationSuccess>cas:user"`
+	NewLogin         bool     `xml:"cas:authenticationSuccess>cas:attributes>cas:isFromNewLogin"`
+	Date             string   `xml:"cas:authenticationSuccess>cas:attributes>cas:authenticationDate"`
+	GivenName        string   `xml:"cas:authenticationSuccess>cas:attributes>cas:givenName"`
+	FamilyName       string   `xml:"cas:authenticationSuccess>cas:attributes>cas:familyName"`
+	LongTermAuth     bool     `xml:"cas:authenticationSuccess>cas:attributes>cas:longTermAuthenticationRequestTokenUsed"`
+	AccessToken      string   `xml:"cas:authenticationSuccess>cas:attributes>accessToken"`
+	AccessTokenScope string   `xml:"cas:authenticationSuccess>cas:attributes>accessTokenScope"`
+	UserName         string   `xml:"cas:authenticationSuccess>cas:attributes>username"`
+}
+
+type AccessToken struct {
+	Id      string `bson:"_id"`
+	Owner   string `bson:"owner"`
+	TokenId string `bson:"token_id"`
+	Scopes  string `bson:"scopes"`
 }

views.go

@@ -64,12 +64,30 @@ func ServiceValidate(c echo.Context) error {
 }
 
 func OAuth(c echo.Context) error {
+
+	token := AccessToken{}
+	tokenId := strings.Replace(c.Request().Header().Get("Authorization"), "Bearer ", "", 1)
+	err := AccessTokenCollection.Find(bson.M{
+		"token_id": tokenId,
+	}).One(&token)
+
+	userId := ""
+
+	if err == nil {
+		userId = token.Owner
+	}
+	if err != nil {
+		fmt.Println("Access token", tokenId, "not found")
+		userId = strings.Replace(c.Request().Header().Get("Authorization"), "Bearer ", "", 1)
+	}
+
 	result := User{}
-	err := UserCollection.Find(bson.M{
-		"_id": strings.Replace(c.Request().Header().Get("Authorization"), "Bearer ", "", 1),
+	err = UserCollection.Find(bson.M{
+		"_id": userId,
 	}).One(&result)
 
 	if err != nil {
+		fmt.Println("User", userId, "not found")
 		return c.NoContent(http.StatusNotFound)
 	}
 
@@ -79,5 +97,6 @@ func OAuth(c echo.Context) error {
 			LastName:  result.FamilyName,
 			FirstName: result.GivenName,
 		},
+		Scope: strings.Split(token.Scopes, " "),
 	})
 }