-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathsecurity.v
More file actions
171 lines (155 loc) · 4.39 KB
/
security.v
File metadata and controls
171 lines (155 loc) · 4.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
module openapi
import x.json2 { Any }
import json
pub type SecurityRequirement = map[string][]string
pub fn (mut requirement SecurityRequirement) from_json(json Any) ? {
mut tmp := map[string][]string{}
for key, value in json.as_map() {
tmp[key] = decode_array_string(value.json_str())?
}
requirement = tmp
// Todo: Check that key match the '{name}' type
}
// ---------------------------------------- //
pub struct SecurityScheme {
pub mut:
security_type string
location string
open_id_connect_url string
name string
scheme string
flows OAuthFlows
bearer_format string
description string
}
pub fn (mut security_scheme SecurityScheme) from_json(json Any) ? {
object := json.as_map()
for key, value in json.as_map() {
match key {
'type' {
security_scheme.security_type = value.str()
}
'in' {
security_scheme.location = value.str()
}
'openIdConnectUrl' {
security_scheme.open_id_connect_url = value.str()
}
'name' {
security_scheme.name = value.str()
}
'scheme' {
security_scheme.scheme = value.str()
}
'flows' {
security_scheme.flows = decode<OAuthFlows>(value.json_str())?
}
'bearerFormat' {
security_scheme.bearer_format = value.str()
}
'description' {
security_scheme.description = value.str()
}
else {}
}
}
security_scheme.validate(object)?
}
fn (mut security_scheme SecurityScheme) validate(object map[string]Any) ? {
check_required<SecurityScheme>(object, 'type')?
match security_scheme.security_type {
'apiKey' {
check_required<SecurityScheme>(object, 'name', 'in')?
if security_scheme.location !in ['query', 'header', 'cookie'] {
return error('Failed SecurityScheme decoding: "in" is not valid $security_scheme.location')
}
}
'http' {
check_required<SecurityScheme>(object, 'scheme')?
}
'oauth2' {
check_required<SecurityScheme>(object, 'flows')?
}
'openIdConnect' {
check_required<SecurityScheme>(object, 'openIdConnectUrl')?
if !check_url_regex(security_scheme.open_id_connect_url) {
return error('Failed SecurityScheme decoding: "OpenIdConnectUrl" do not match url regex expression')
}
}
else {
return error('Failed SecurityScheme decoding: "type" is not valid $security_scheme.security_type')
}
}
}
// ---------------------------------------- //
pub struct OAuthFlows {
pub mut:
client_credentials OAuthFlow
authorization_code OAuthFlow
implicit OAuthFlow
password OAuthFlow
}
pub fn (mut flows OAuthFlows) from_json(json Any) ? {
for key, value in json.as_map() {
match key {
'clientCredentials' {
flows.client_credentials = decode<OAuthFlow>(value.json_str())?
check_required<OAuthFlow>(value.as_map(), 'tokenUrl')?
}
'authorizationCode' {
flows.authorization_code = decode<OAuthFlow>(value.json_str())?
check_required<OAuthFlow>(value.as_map(), 'authorizationUrl', 'tokenUrl')?
}
'implicit' {
flows.implicit = decode<OAuthFlow>(value.json_str())?
check_required<OAuthFlow>(value.as_map(), 'authorizationUrl')?
}
'password' {
flows.password = decode<OAuthFlow>(value.json_str())?
check_required<OAuthFlow>(value.as_map(), 'tokenUrl')?
}
else {}
}
}
}
// ---------------------------------------- //
pub struct OAuthFlow {
pub mut:
authorization_url string
token_url string
scopes map[string]string
refresh_url string
}
pub fn (mut flow OAuthFlow) from_json(json Any) ? {
object := json.as_map()
check_required<OAuthFlow>(object, 'scopes')?
for key, value in object {
match key {
'authorizationUrl' {
flow.authorization_url = value.str()
}
'tokenUrl' {
flow.token_url = value.str()
}
'scopes' {
flow.scopes = decode_map_string(value.json_str())?
}
'refreshUrl' {
flow.refresh_url = value.str()
}
else {}
}
}
flow.validate()?
}
fn (mut flow OAuthFlow) validate() ? {
if flow.authorization_url != '' && !check_url_regex(flow.authorization_url) {
return error('Failed OAuthFlow decoding: "AuthorizationUrl" do not match url regex expression')
}
if flow.token_url != '' && !check_url_regex(flow.token_url) {
return error('Failed OAuthFlow decoding: "tokenUrl" do not match url regex expression')
}
if flow.refresh_url != '' && !check_url_regex(flow.refresh_url) {
return error('Failed OAuthFlow decoding: "refreshUrl" do not match url regex expression')
}
}