From 4100097801550fe86399453b7922875015f34ff9 Mon Sep 17 00:00:00 2001 From: Emile Date: Sat, 22 Feb 2025 22:44:31 +0100 Subject: goapp frontend now works on corrino added an overlay (which took quite some time, as I forgot to include the self parameter in the argument list...) that allows using the goapp on corrino. So now you can... ... use the template ... see the package status after it has been built using hydra ... build the package from the packages exposed by the flake ... use the package on machines including it using an overlay I'm actually quite satisfied with this and hope people find this helpful --- nix/templates/goapp/frontend/default.nix | 15 +++++++++++---- nix/templates/goapp/frontend/go.mod | 8 ++++---- nix/templates/goapp/frontend/go.sum | 7 +++++++ nix/templates/goapp/frontend/run.sh | 3 ++- nix/templates/goapp/frontend/server.log | 2 ++ nix/templates/goapp/frontend/src/handlers.go | 1 - nix/templates/goapp/frontend/src/init.go | 18 +++++++++++++++--- nix/templates/goapp/frontend/src/main.go | 9 ++++++--- nix/templates/goapp/frontend/src/types.go | 27 +++++++++++++++------------ 9 files changed, 62 insertions(+), 28 deletions(-) (limited to 'nix/templates/goapp/frontend') diff --git a/nix/templates/goapp/frontend/default.nix b/nix/templates/goapp/frontend/default.nix index 42ccb79..7b5caa8 100644 --- a/nix/templates/goapp/frontend/default.nix +++ b/nix/templates/goapp/frontend/default.nix @@ -4,13 +4,20 @@ let version = "0.0.1"; in pkgs.buildGoModule { - name = "${name}-${version}"; pname = "${name}"; version = "${version}"; src = ./.; - subPackages = [ "src" ]; - vendorHash = "sha256-VXuhsXejduIcthawj4qu7hruBEDegj27YY0ym5srMQY="; - doCheck = true; + # use the dependencies directly from the vendor/ folder + # vendorHash = null; + + vendorHash = "sha256-dXWwAP0XM24cAcDV87XHQX9dLg6TDQ7ZVfEFgW/Q+J4="; + + doCheck = false; + + postInstall = '' + cp -r templates $out + mv $out/bin/{src,${name}} + ''; } diff --git a/nix/templates/goapp/frontend/go.mod b/nix/templates/goapp/frontend/go.mod index fecf4ac..a71f5a0 100644 --- a/nix/templates/goapp/frontend/go.mod +++ b/nix/templates/goapp/frontend/go.mod @@ -1,20 +1,20 @@ -module github.com/hanemile/goapp/backend +module github.com/hanemile/goapp/frontend go 1.23.5 require ( + github.com/coreos/go-oidc/v3 v3.12.0 github.com/gorilla/handlers v1.5.2 github.com/gorilla/mux v1.8.1 github.com/gorilla/securecookie v1.1.2 github.com/gorilla/sessions v1.4.0 github.com/mattn/go-sqlite3 v1.14.24 - golang.org/x/crypto v0.33.0 + github.com/spf13/cobra v1.9.1 golang.org/x/oauth2 v0.21.0 modernc.org/sqlite v1.34.5 ) require ( - github.com/coreos/go-oidc/v3 v3.12.0 // indirect github.com/dustin/go-humanize v1.0.1 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/go-jose/go-jose/v4 v4.0.2 // indirect @@ -23,8 +23,8 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/ncruces/go-strftime v0.1.9 // indirect github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect - github.com/spf13/cobra v1.9.1 // indirect github.com/spf13/pflag v1.0.6 // indirect + golang.org/x/crypto v0.33.0 // indirect golang.org/x/sys v0.30.0 // indirect modernc.org/libc v1.55.3 // indirect modernc.org/mathutil v1.6.0 // indirect diff --git a/nix/templates/goapp/frontend/go.sum b/nix/templates/goapp/frontend/go.sum index 365e2c5..15bbb6f 100644 --- a/nix/templates/goapp/frontend/go.sum +++ b/nix/templates/goapp/frontend/go.sum @@ -1,6 +1,8 @@ github.com/coreos/go-oidc/v3 v3.12.0 h1:sJk+8G2qq94rDI6ehZ71Bol3oUHy63qNYmkiSjrc/Jo= github.com/coreos/go-oidc/v3 v3.12.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= @@ -31,6 +33,8 @@ github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBW github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4= github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -38,6 +42,8 @@ github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus= golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M= golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic= @@ -50,6 +56,7 @@ golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw= golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= modernc.org/cc/v4 v4.21.4 h1:3Be/Rdo1fpr8GrQ7IVw9OHtplU4gWbb+wNgeoBMmGLQ= modernc.org/cc/v4 v4.21.4/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ= diff --git a/nix/templates/goapp/frontend/run.sh b/nix/templates/goapp/frontend/run.sh index d68b840..b2624f3 100755 --- a/nix/templates/goapp/frontend/run.sh +++ b/nix/templates/goapp/frontend/run.sh @@ -7,4 +7,5 @@ export SESSION_KEY=aes1Itheich4aeQu9Ouz7ahcaiVoogh9 go run ./... \ --id goapp \ --issuer "https://sso.emile.space" \ - --secret "KGFO5LQnUxu1Zs.35gOem3MaG8odthg1U0v0.kScVPS6TPTWVRnAdT_nj4PYYSfuU6jdzTM6" + --secret "KGFO5LQnUxu1Zs.35gOem3MaG8odthg1U0v0.kScVPS6TPTWVRnAdT_nj4PYYSfuU6jdzTM6" \ + $@ diff --git a/nix/templates/goapp/frontend/server.log b/nix/templates/goapp/frontend/server.log index 4b6cff5..6c4d6dc 100644 --- a/nix/templates/goapp/frontend/server.log +++ b/nix/templates/goapp/frontend/server.log @@ -177,3 +177,5 @@ ::1 - - [19/Feb/2025:19:43:29 +0100] "GET /oauth2/callback?code=authelia_ac_8UdV__GJCN9gxJrYa629TC3FToyDDhsbacPbJzhvcJ4.uPw2-_N4jQr7xf7JNZ_IZBNHEq-eeOFoZup7Vwjx1Y0&iss=https%3A%2F%2Fsso.emile.space&scope=openid+profile+email+groups&state=random-string-here HTTP/1.1" 500 142 ::1 - - [19/Feb/2025:19:49:22 +0100] "GET / HTTP/1.1" 200 6587 ::1 - - [19/Feb/2025:19:49:23 +0100] "GET /login HTTP/1.1" 302 242 +::1 - - [19/Feb/2025:19:56:09 +0100] "GET / HTTP/1.1" 200 6587 +::1 - - [19/Feb/2025:19:56:12 +0100] "GET /login HTTP/1.1" 302 242 diff --git a/nix/templates/goapp/frontend/src/handlers.go b/nix/templates/goapp/frontend/src/handlers.go index 8fdd325..b0bbf91 100644 --- a/nix/templates/goapp/frontend/src/handlers.go +++ b/nix/templates/goapp/frontend/src/handlers.go @@ -134,7 +134,6 @@ func oauthCallbackHandler(res http.ResponseWriter, req *http.Request) { if req.FormValue("error") != "" { log.Printf("got an error from the idp: %s", req.FormValue("error")) http.Redirect(res, req, fmt.Sprintf("/error?%s", req.Form.Encode()), http.StatusFound) - return } diff --git a/nix/templates/goapp/frontend/src/init.go b/nix/templates/goapp/frontend/src/init.go index 97e58f0..dc0e252 100644 --- a/nix/templates/goapp/frontend/src/init.go +++ b/nix/templates/goapp/frontend/src/init.go @@ -32,12 +32,17 @@ func dbInit() { func sessionInit() { log.Println("[i] Setting up Session Storage...") + session_key, err := os.ReadFile(options.SessionKeyPath) + if err != nil { + log.Println("Could not read Session key") + panic(err) + } store, err := NewSqliteStore( sessiondbPath, "sessions", "/", 3600, - []byte(os.Getenv("SESSION_KEY"))) + session_key) if err != nil { panic(err) } @@ -60,14 +65,21 @@ func oauth2Init() (err error) { } verifier = provider.Verifier(&oidc.Config{ClientID: options.ClientID}) + + clientSecretBytes, err := os.ReadFile(options.ClientSecretPath) + if err != nil { + panic(err) + } + clientSecret := string(clientSecretBytes) + log.Printf("[ ] ClientID: %s", options.ClientID) - log.Printf("[ ] ClientSecret: %s", options.ClientSecret) + log.Printf("[ ] ClientSecret: %s", clientSecret) log.Printf("[ ] redirectURL: %s", redirectURL.String()) log.Printf("[ ] providerEndpoint: %+v", provider.Endpoint()) log.Printf("[ ] Scopes: %s", options.Scopes) oauth2Config = oauth2.Config{ ClientID: options.ClientID, - ClientSecret: options.ClientSecret, + ClientSecret: clientSecret, RedirectURL: redirectURL.String(), Endpoint: provider.Endpoint(), Scopes: strings.Split(options.Scopes, ","), diff --git a/nix/templates/goapp/frontend/src/main.go b/nix/templates/goapp/frontend/src/main.go index fcf4224..72ec7ee 100644 --- a/nix/templates/goapp/frontend/src/main.go +++ b/nix/templates/goapp/frontend/src/main.go @@ -38,18 +38,21 @@ func main() { rootCmd := &cobra.Command{Use: "goapp", RunE: root} - rootCmd.Flags().StringVar(&options.Host, "host", "0.0.0.0", "Specifies the tcp host to listen on") + rootCmd.Flags().StringVar(&options.Host, "host", "127.0.0.1", "Specifies the tcp host to listen on") rootCmd.Flags().IntVar(&options.Port, "port", 8080, "Specifies the port to listen on") rootCmd.Flags().StringVar(&options.PublicURL, "public-url", "http://localhost:8080/", "Specifies the root URL to generate the redirect URI") rootCmd.Flags().StringVar(&options.ClientID, "id", "", "Specifies the OpenID Connect Client ID") - rootCmd.Flags().StringVarP(&options.ClientSecret, "secret", "s", "", "Specifies the OpenID Connect Client Secret") + rootCmd.Flags().StringVarP(&options.ClientSecretPath, "oidc-secret-path", "s", "", "Specifies the OpenID Connect Client Secret path") rootCmd.Flags().StringVarP(&options.Issuer, "issuer", "i", "", "Specifies the URL for the OpenID Connect OP") rootCmd.Flags().StringVar(&options.Scopes, "scopes", "openid,profile,email,groups", "Specifies the OpenID Connect scopes to request") rootCmd.Flags().StringVar(&options.CookieName, "cookie-name", "oidc-client", "Specifies the storage cookie name to use") rootCmd.Flags().StringSliceVar(&options.Filters, "filters", []string{}, "If specified filters the specified text from html output (not json) out of the email addresses, display names, audience, etc") rootCmd.Flags().StringSliceVar(&options.GroupsFilter, "groups-filter", []string{}, "If specified only shows the groups in this list") - rootCmd.Flags().StringVar(&options.LogFilePath, "logpath", "./server.log", "Specifies the path to store the server logs at") + rootCmd.Flags().StringVar(&options.LogFilePath, "logfilepath", "./server.log", "Specifies the path to store the server logs at") rootCmd.Flags().StringVar(&options.TemplatesPath, "templatespath", "./templates", "Specifies the path to where the templates are stored") + rootCmd.Flags().StringVar(&options.DatabasePath, "databasepath", "./main.db", "Specifies the path to where the database is stored") + rootCmd.Flags().StringVar(&options.SessionDBPath, "sessiondbpath", "./sessions.db", "Specifies the path to where the session database is stored") + rootCmd.Flags().StringVar(&options.SessionKeyPath, "sessionkeypath", "", "Specifies the path to where the session key is stored") _ = rootCmd.MarkFlagRequired("id") _ = rootCmd.MarkFlagRequired("secret") diff --git a/nix/templates/goapp/frontend/src/types.go b/nix/templates/goapp/frontend/src/types.go index 7efcc70..97e0db5 100644 --- a/nix/templates/goapp/frontend/src/types.go +++ b/nix/templates/goapp/frontend/src/types.go @@ -50,16 +50,19 @@ type ClamsAddress struct { } type Options struct { - Host string - Port int - LogFilePath string - TemplatesPath string - ClientID string - ClientSecret string - Issuer string - PublicURL string - Scopes string - CookieName string - Filters []string - GroupsFilter []string + ClientID string + ClientSecretPath string + CookieName string + DatabasePath string + Filters []string + GroupsFilter []string + Host string + Issuer string + LogFilePath string + Port int + PublicURL string + Scopes string + SessionDBPath string + SessionKeyPath string + TemplatesPath string } -- cgit 1.4.1