Updated auth

Author: djthorpe

pkg/handler/auth/endpoints.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"net/http"
 	"regexp"
+	"strings"
 	"time"
 
 	// Packages
@@ -75,8 +76,8 @@ func (service *auth) ListTokens(w http.ResponseWriter, r *http.Request) {
 // Get a token
 func (service *auth) GetToken(w http.ResponseWriter, r *http.Request) {
 	urlParameters := router.Params(r.Context())
-	token := service.jar.Get(urlParameters[0])
-	if !token.IsValid() {
+	token := service.jar.GetWithValue(strings.ToLower(urlParameters[0]))
+	if token.IsZero() {
 		httpresponse.Error(w, http.StatusNotFound)
 		return
 	}
@@ -92,17 +93,22 @@ func (service *auth) GetToken(w http.ResponseWriter, r *http.Request) {
 func (service *auth) CreateToken(w http.ResponseWriter, r *http.Request) {
 	var req TokenCreate
 
-	// TODO: Parse Duration
-	// TODO: Require unique name
-
 	// Get the request
 	if err := httprequest.Read(r, &req); err != nil {
 		httpresponse.Error(w, http.StatusBadRequest, err.Error())
 		return
 	}
 
+	// Check for a valid name
+	req.Name = strings.TrimSpace(req.Name)
+	if req.Name == "" {
+		httpresponse.Error(w, http.StatusBadRequest, "missing 'name'")
+	} else if token := service.jar.GetWithName(req.Name); token.IsValid() {
+		httpresponse.Error(w, http.StatusConflict, "duplicate 'name'")
+	}
+
 	// Create the token
-	token := NewToken(req.Name, service.tokenBytes, req.Duration, req.Scope...)
+	token := NewToken(req.Name, service.tokenBytes, req.Duration.Duration, req.Scope...)
 	if !token.IsValid() {
 		httpresponse.Error(w, http.StatusInternalServerError)
 		return
@@ -125,8 +131,8 @@ func (service *auth) CreateToken(w http.ResponseWriter, r *http.Request) {
 // Update an existing token
 func (service *auth) UpdateToken(w http.ResponseWriter, r *http.Request) {
 	urlParameters := router.Params(r.Context())
-	token := service.jar.Get(urlParameters[0])
-	if !token.IsValid() {
+	token := service.jar.GetWithValue(strings.ToLower(urlParameters[0]))
+	if token.IsZero() {
 		httpresponse.Error(w, http.StatusNotFound)
 		return
 	}
@@ -138,6 +144,8 @@ func (service *auth) UpdateToken(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	default:
+		// TODO: PATCH
+		// Patch can be with name, expire_time, scopes
 		httpresponse.Error(w, http.StatusMethodNotAllowed)
 		return
 	}

pkg/handler/auth/interface.go

@@ -11,9 +11,15 @@ type TokenJar interface {
 	// Return all tokens
 	Tokens() []Token
 
-	// Return a token from the jar, or nil if the token is not found.
-	// The method should update the access time of the token.
-	Get(string) Token
+	// Return a token from the jar by value, or an invalid token
+	// if the token is not found. The method should update the access
+	// time of the token.
+	GetWithValue(string) Token
+
+	// Return a token from the jar by name, or nil if the token
+	// is not found. The method should not update the access time
+	// of the token.
+	GetWithName(string) Token
 
 	// Put a token into the jar, assuming it does not yet exist.
 	Create(Token) error

pkg/handler/auth/token.go

@@ -5,6 +5,7 @@ import (
 	"crypto/rand"
 	"encoding/hex"
 	"encoding/json"
+	"fmt"
 	"slices"
 	"strconv"
 	"time"
@@ -22,9 +23,13 @@ type Token struct {
 }
 
 type TokenCreate struct {
-	Name     string        `json:"name,omitempty"`     // Name of the token
-	Duration time.Duration `json:"duration,omitempty"` // Duration of the token, or zero for no expiration
-	Scope    []string      `json:"scopes,omitempty"`   // Authentication scopes
+	Name     string   `json:"name,omitempty"`     // Name of the token
+	Duration duration `json:"duration,omitempty"` // Duration of the token, or zero for no expiration
+	Scope    []string `json:"scopes,omitempty"`   // Authentication scopes
+}
+
+type duration struct {
+	time.Duration
 }
 
 /////////////////////////////////////////////////////////////////////
@@ -83,6 +88,14 @@ func (t Token) IsValid() bool {
 	return false
 }
 
+// Return true if the token is a zero token
+func (t Token) IsZero() bool {
+	if t.Name == "" && t.Value == "" && t.Expire.IsZero() && t.Time.IsZero() && len(t.Scope) == 0 {
+		return true
+	}
+	return false
+}
+
 // Return true if the token has the specified scope, and is valid
 func (t Token) IsScope(scopes ...string) bool {
 	if !t.IsValid() {
@@ -144,6 +157,31 @@ func (t Token) MarshalJSON() ([]byte, error) {
 	return buf.Bytes(), nil
 }
 
+func (d duration) MarshalJSON() ([]byte, error) {
+	return json.Marshal(d.String())
+}
+
+func (d *duration) UnmarshalJSON(b []byte) error {
+	var v any
+	if err := json.Unmarshal(b, &v); err != nil {
+		return err
+	}
+	switch value := v.(type) {
+	case float64:
+		d.Duration = time.Duration(value) * time.Second
+		return nil
+	case string:
+		var err error
+		d.Duration, err = time.ParseDuration(value)
+		if err != nil {
+			return err
+		}
+		return nil
+	default:
+		return fmt.Errorf("invalid duration of type %T", v)
+	}
+}
+
 /////////////////////////////////////////////////////////////////////
 // PRIVATE METHODS
 

pkg/handler/tokenjar/tokenjar.go

@@ -135,9 +135,10 @@ func (jar *tokenjar) Tokens() []auth.Token {
 	return result
 }
 
-// Return a token from the jar, or nil if the token is not found.
+// Return a token from the jar.
 // The method should update the access time of the token.
-func (jar *tokenjar) Get(key string) auth.Token {
+// If token is not found, return an empty token.
+func (jar *tokenjar) GetWithValue(key string) auth.Token {
 	jar.Lock()
 	defer jar.Unlock()
 
@@ -153,6 +154,22 @@ func (jar *tokenjar) Get(key string) auth.Token {
 	}
 }
 
+// Return a token from the jar by name.
+// The method does not update the access time of the token.
+// If token is not found, return an empty token.
+func (jar *tokenjar) GetWithName(name string) auth.Token {
+	jar.RLock()
+	defer jar.RUnlock()
+
+	for _, token := range jar.jar {
+		if token.Name == name {
+			return *token
+		}
+	}
+
+	return auth.Token{}
+}
+
 // Put a token into the jar, assuming it does not yet exist.
 func (jar *tokenjar) Create(token auth.Token) error {
 	jar.Lock()

pkg/handler/tokenjar/tokenjar_test.go

@@ -50,18 +50,20 @@ func Test_tokenjar_002(t *testing.T) {
 	// Add a token
 	token := auth.NewToken("test", 100, 0)
 	assert.NoError(tokens.Create(token))
-	t.Log(token)
 
-	// Get a token
-	token2 := tokens.Get(token.Value)
-	assert.NotNil(token2)
+	// Get a token by value
+	token2 := tokens.GetWithValue(token.Value)
 	assert.True(token.Equals(token2))
 
+	// Get a token by name
+	token9 := tokens.GetWithName(token.Name)
+	assert.True(token.Equals(token9))
+
 	// Update a token
 	token2.Scope = []string{ScopeRead}
 	assert.NoError(tokens.Update(token2))
 
-	token3 := tokens.Get(token.Value)
+	token3 := tokens.GetWithValue(token.Value)
 	assert.NotNil(token3)
 	assert.True(token3.Equals(token2))