init

core/component/authentication.go

@@ -8,6 +8,7 @@ import (
 	"encoding/base64"
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/spacewalkio/helmet/core/model"
 	"github.com/spacewalkio/helmet/core/module"
@@ -93,6 +94,37 @@ func (b *BasicAuthMethod) Authenticate(endpoint model.Endpoint, authKey string)
 }
 
 // Authenticate validates auth headers
-func (o *OAuthAuthMethod) Authenticate(endpoint model.Endpoint, accessToken string) error {
-	return nil
+func (o *OAuthAuthMethod) Authenticate(endpoint model.Endpoint, accessToken string) (model.OAuthAccessData, error) {
+	var data model.OAuthAccessData
+
+	if accessToken == "" {
+		return data, fmt.Errorf("Access token is missing")
+	}
+
+	accessToken = strings.Replace(accessToken, "Bearer ", "", -1)
+
+	data = o.Database.GetOAuthAccessDataByKey(accessToken)
+
+	if data.ID < 1 {
+		return data, fmt.Errorf("Access token is invalid")
+	}
+
+	// Validate if access token is expired
+	if time.Now().Unix() >= (data.ExpireAt.UnixNano() / int64(time.Millisecond)) {
+		return data, fmt.Errorf("Access token is expired")
+	}
+
+	oauthData := o.Database.GetOAuthDataByID(data.OAuthDataID)
+
+	if oauthData.ID < 1 {
+		return data, fmt.Errorf("Access token credentials are missing")
+	}
+
+	authMethod := o.Database.GetAuthMethodByID(oauthData.AuthMethodID)
+
+	if authMethod.Endpoints == "" || !util.InArray(endpoint.Name, strings.Split(authMethod.Endpoints, ";")) {
+		return data, fmt.Errorf("Access token is invalid")
+	}
+
+	return data, nil
 }

core/module/oauth_access_data.go

@@ -33,7 +33,7 @@ func (db *Database) GetOAuthAccessDataByID(id int) model.OAuthAccessData {
 }
 
 // GetOAuthAccessDataByKeys gets an entity by keys
-func (db *Database) GetOAuthAccessDataByKeys(accessToken string) model.OAuthAccessData {
+func (db *Database) GetOAuthAccessDataByKey(accessToken string) model.OAuthAccessData {
 	oauthAccessData := model.OAuthAccessData{}
 
 	db.Connection.Where(