...

Source file src/edge-infra.dev/pkg/edge/iam/device/selfservice.go

Documentation: edge-infra.dev/pkg/edge/iam/device 

     1  package device
     2  
     3  import (
     4  	"errors"
     5  	"fmt"
     6  	"net/http"
     7  
     8  	"github.com/gin-gonic/gin"
     9  
    10  	"edge-infra.dev/pkg/edge/iam/apperror"
    11  	"edge-infra.dev/pkg/edge/iam/log"
    12  	"edge-infra.dev/pkg/edge/iam/util"
    13  )
    14  
    15  // todo: bring back length bindings
    16  // todo: why json not form data
    17  type selfServiceForm struct {
    18  	OldPassword string `json:"old_password" binding:"required"`
    19  	NewPassword string `json:"new_password" binding:"required"`
    20  	Action      string `json:"action"`
    21  }
    22  
    23  func (dm *AuthMethod) selfService(c *gin.Context) error {
    24  	logger := log.Get(c.Request.Context()).WithName("device-selfservice")
    25  	// grab the form
    26  	var form selfServiceForm
    27  	if err := c.BindJSON(&form); err != nil {
    28  		dm.metrics.IncSignUpRequestsTotal(signUpPin, util.Failed)
    29  		return apperror.NewAbortError(
    30  			fmt.Errorf("failed to self service on bad request: %w", err),
    31  			http.StatusBadRequest)
    32  	}
    33  	session, _ := dm.sessionStore.Get(c.Request, "oauth2")
    34  	token, ok := session.Values["device_token"]
    35  	if !ok {
    36  		err := errors.New("no token_set found in session. need one to self serve")
    37  		return apperror.NewAbortError(err, http.StatusForbidden)
    38  	}
    39  	if form.Action == "cancel" {
    40  		delete(session.Values, "device_token")
    41  		if err := session.Save(c.Request, c.Writer); err != nil {
    42  			return apperror.NewAbortError(
    43  				fmt.Errorf("failed to save cookie session: %w", err),
    44  				http.StatusInternalServerError)
    45  		}
    46  		// c.Redirect(http.StatusTemporaryRedirect, "/idp/entry/device")
    47  		return nil
    48  	}
    49  	// try and update the password
    50  	validationResult, err := dm.service.SelfService(token.(string), form.OldPassword, form.NewPassword)
    51  	if err != nil {
    52  		// todo: handle invalid user entry differnet from other reasons
    53  		if err == ErrSelfServiceDenied {
    54  			return apperror.NewStatusError(err, http.StatusUnprocessableEntity)
    55  		}
    56  		if err == ErrSelfServiceBadRequest {
    57  			// todo: pass along the validation errors?
    58  			logger.Info("self service failed", "bad request", validationResult)
    59  			// apperror.NewJSONError(err, http.StatusUnprocessableEntity, "bad request", validationResult)
    60  			c.JSON(http.StatusUnprocessableEntity, validationResult)
    61  			return nil
    62  		}
    63  		return apperror.NewAbortError(
    64  			fmt.Errorf("failed to self service device password: %w", err),
    65  			http.StatusInternalServerError)
    66  	}
    67  	// yeah, we did it - back to start
    68  	delete(session.Values, "device_token")
    69  	if err := session.Save(c.Request, c.Writer); err != nil {
    70  		return apperror.NewAbortError(
    71  			fmt.Errorf("failed to save cookie session: %w", err),
    72  			http.StatusInternalServerError)
    73  	}
    74  	dm.metrics.IncSignUpRequestsTotal(signUpPin, util.Succeeded)
    75  	return nil
    76  }
    77  

View as plain text