This repository has been archived by the owner on Feb 1, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 262
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* add separate auth0 file for beckend * revert commit * configured auth0 on GUI * added interceptor * added support for accepting GUI config file through CLI on server command * fixed not rendering component on async token call * finalize Auth0 Implementation * removed unused code * fixing xdg-open not found bug on some linux-machine * trying to fix continuous reloading issue when deploying on k8s * auth0-implemention * auth0-implemention * updated readme.md * auth0-integration * Delete auth0-config.json * Auth0 Implementation * Auth0 integration V2 * Updated interceptor.js updated interceptor to create a new header for a request which doesn't have one. * Update serverMetadata.js reverted back the changes to this file. * Update version.js reverted this file back to its original state Co-authored-by: sanj singh <[email protected]> Co-authored-by: Sanj <[email protected]> Co-authored-by: OrunPay B.V <[email protected]>
- Loading branch information
1 parent
4db12f8
commit 6b30fa2
Showing
20 changed files
with
386 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
# Sample UI config file for the kelp bot | ||
|
||
# uncomment the AUTH0 section below to enable | ||
# [AUTH0] | ||
# AUTH0_ENABLED=false | ||
# #auth0 domain | ||
# DOMAIN= #"domain_goes_here" #example "dev-*******.eu.auth0.com" | ||
# #auth0 clientID | ||
# CLIENT_ID= #"Client_id_goes_here" #examples "7I47ob2************XKF29hY5" | ||
# #auth0 audience | ||
# AUDIENCE= #"Audience/Identifier goes_here" |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
package backend | ||
|
||
import ( | ||
"encoding/json" | ||
"errors" | ||
"net/http" | ||
"fmt" | ||
|
||
jwtmiddleware "github.com/auth0/go-jwt-middleware" | ||
"github.com/form3tech-oss/jwt-go" | ||
"github.com/stellar/kelp/support/guiconfig" | ||
) | ||
|
||
type Response struct { | ||
Message string `json:"message"` | ||
} | ||
|
||
type Jwks struct { | ||
Keys []JSONWebKeys `json:"keys"` | ||
} | ||
|
||
type JSONWebKeys struct { | ||
Kty string `json:"kty"` | ||
Kid string `json:"kid"` | ||
Use string `json:"use"` | ||
N string `json:"n"` | ||
E string `json:"e"` | ||
X5c []string `json:"x5c"` | ||
} | ||
|
||
var Auth0ConfigVarJWT guiconfig.GUIConfig | ||
|
||
var JWTMiddlewareVar = jwtmiddleware.New(jwtmiddleware.Options{ | ||
ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) { | ||
// Verify 'iss' claim | ||
iss := "https://" + Auth0ConfigVarJWT.Auth0Config.Domain + "/" | ||
checkIss := token.Claims.(jwt.MapClaims).VerifyIssuer(iss, false) | ||
if !checkIss { | ||
return token, errors.New("Invalid issuer.") | ||
} | ||
|
||
// Verify 'aud' claim | ||
aud := Auth0ConfigVarJWT.Auth0Config.Audience | ||
checkAud := token.Claims.(jwt.MapClaims).VerifyAudience(aud, false) | ||
if !checkAud { | ||
return token, errors.New("Invalid audience.") | ||
} | ||
|
||
cert, err := getPemCert(token) | ||
if err != nil { | ||
return nil, fmt.Errorf("error when getting PEM certificate: %s", err) | ||
} | ||
|
||
result, _ := jwt.ParseRSAPublicKeyFromPEM([]byte(cert)) | ||
return result, nil | ||
}, | ||
SigningMethod: jwt.SigningMethodRS256, | ||
}) | ||
|
||
func getPemCert(token *jwt.Token) (string, error) { | ||
cert := "" | ||
resp, err := http.Get("https://" + Auth0ConfigVarJWT.Auth0Config.Domain + "/.well-known/jwks.json") | ||
|
||
if err != nil { | ||
return cert, err | ||
} | ||
defer resp.Body.Close() | ||
|
||
var jwks = Jwks{} | ||
err = json.NewDecoder(resp.Body).Decode(&jwks) | ||
|
||
if err != nil { | ||
return cert, err | ||
} | ||
|
||
for k, _ := range jwks.Keys { | ||
if token.Header["kid"] == jwks.Keys[k].Kid { | ||
cert = "-----BEGIN CERTIFICATE-----\n" + jwks.Keys[k].X5c[0] + "\n-----END CERTIFICATE-----" | ||
} | ||
} | ||
|
||
if cert == "" { | ||
err := errors.New("Unable to find appropriate key.") | ||
return cert, err | ||
} | ||
|
||
return cert, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.