add: 提交

features/security/account.go

@@ -0,0 +1,175 @@
+package security
+
+import (
+	"encoding/json"
+	"io"
+	"net/http"
+
+	"ems.agt/lib/dborm"
+	"ems.agt/lib/global"
+	"ems.agt/lib/log"
+	"ems.agt/lib/oauth"
+	"ems.agt/lib/services"
+	"ems.agt/restagent/config"
+)
+
+var (
+	UriOauthToken     = config.UriPrefix + "/securityManagement/{apiVersion}/oauth/token"
+	UriOauthHandshake = config.UriPrefix + "/securityManagement/{apiVersion}/oauth/handshake"
+)
+
+func LoginFromOMC(w http.ResponseWriter, r *http.Request) {
+	log.Info("LoginFromOMC processing... ")
+
+	body, err := io.ReadAll(io.LimitReader(r.Body, global.RequestBodyMaxLen)) //io.LimitReader限制大小
+	if err != nil {
+		log.Error("Failed to ReadAll:", err)
+		services.ResponseNotFound404UriNotExist(w, r)
+		return
+	}
+
+	// check media type(content type) only support "application/json"
+	if !services.IsVallidContentType(r, config.GetYamlConfig().OMC.CheckContentType) {
+		log.Debug("Invalid Content-Type")
+		services.ResponseUnsupportedMediaType415(w)
+		return
+	}
+
+	// // check extend uri, response 404
+	// if !IsValidOAuthUri(r) {
+	// 	log.Debug("Uri is invalid")
+	// 	services.ResponseNotFound404UriNotExist(w, r)
+	// 	return
+	// }
+
+	// Error process ....
+	// response 400-7
+	if !json.Valid([]byte(body)) {
+		log.Error("Invalid Json Format")
+		services.ResponseBadRequest400InvalidJson(w)
+		return
+	}
+
+	var oAuthBody oauth.OAuthBody
+	_ = json.Unmarshal(body, &oAuthBody) //转为json
+	//log.Debug("body:", string(body), "oAuthBody:", oAuthBody)
+
+	defer r.Body.Close()
+	// response 400-5
+	if oauth.IsWrongOAuthInfo(oAuthBody) {
+		log.Error("Wrong parameter value")
+		services.ResponseBadRequest400WrongParamValue(w)
+		return
+	}
+	/*
+		if oauth.IsValidOAuthInfo(oAuthBody) {
+			plist := config.GetPermissionFromConfig(oAuthBody.UserName, oAuthBody.GrantType)
+			log.Debug("Permission list:", plist)
+
+			token := globalSession.NewSession(w, r, plist)
+			services.ResponseStatusOK200Login(w, token)
+		} else {
+			// response 400-4
+			log.Debug("Authentication failed, mismatch user or password")
+
+			services.ResponseBadRequest400IncorrectLogin(w)
+		}
+	*/
+	validUser, user, _ := dborm.XormCheckLoginUser(oAuthBody.UserName,
+		oAuthBody.Value, config.GetYamlConfig().Auth.Crypt)
+	if !validUser {
+		// response 400-4
+		log.Error("Authentication failed, mismatch user or password")
+		services.ResponseBadRequest400IncorrectLogin(w)
+		return
+	}
+
+	token := oauth.GenRandToken() // Generate new token to session ID
+	sourceAddr := r.RemoteAddr
+	affected, err := dborm.XormInsertSession(oAuthBody.UserName, sourceAddr, token,
+		config.GetExpiresFromConfig(), config.GetYamlConfig().Auth.Session)
+	if err != nil {
+		log.Error("Failed to XormInsertSession:", err)
+		if affected == -1 {
+			services.ResponseForbidden403MultiLoginNotAllowed(w)
+		} else {
+			services.ResponseBadRequest400IncorrectLogin(w)
+		}
+
+		return
+	}
+	services.ResponseStatusOK200Login(w, token, user)
+	return
+}
+
+func LogoutFromOMC(w http.ResponseWriter, r *http.Request) {
+	log.Info("LogoutFromOMC processing... ")
+
+	// check media type(content type) only support "application/json"
+	if services.IsVallidContentType(r, config.GetYamlConfig().OMC.CheckContentType) == false {
+		log.Error("Invalid Content-Type")
+		services.ResponseUnsupportedMediaType415(w)
+		return
+	}
+
+	// check extend uri, response 404
+	if !services.IsValidOAuthUri(r) {
+		log.Error("Uri is invalid")
+		services.ResponseNotFound404UriNotExist(w, r)
+		return
+	}
+
+	// error processing ...
+	// 401-1 response
+	token, ret := oauth.IsCarriedToken(r)
+	if ret == false {
+		log.Error("AccessToken is not carried")
+		services.ResponseUnauthorized401AccessTokenNotCarried(w)
+		return
+	}
+
+	_, err := dborm.XormLogoutUpdateSession(token)
+	if err != nil {
+		log.Error("Uri is invalid")
+		services.ResponseNotFound404UriNotExist(w, r)
+		return
+	}
+	services.ResponseStatusOK200Null(w)
+	return
+}
+
+func HandshakeFromOMC(w http.ResponseWriter, r *http.Request) {
+	log.Info("HandshakeFromOMC processing... ")
+
+	// check media type(content type) only support "application/json"
+	if !services.IsVallidContentType(r, config.GetYamlConfig().OMC.CheckContentType) {
+		log.Debug("Invalid Content-Type")
+		services.ResponseUnsupportedMediaType415(w)
+		return
+	}
+
+	// check extend uri, response 404
+	if !services.IsValidOAuthUri(r) {
+		log.Error("Uri is invalid")
+		services.ResponseNotFound404UriNotExist(w, r)
+		return
+	}
+
+	// error processing ...
+	// 401-1 response
+	token, ret := oauth.IsCarriedToken(r)
+	if ret == false {
+		log.Error("AccessToken is not carried")
+		services.ResponseUnauthorized401AccessTokenNotCarried(w)
+		return
+	}
+
+	_, err := dborm.XormUpdateSessionShakeTime(token)
+	if err != nil {
+		log.Error("Uri is invalid")
+		services.ResponseNotFound404UriNotExist(w, r)
+		return
+	}
+	services.ResponseStatusOK200Null(w)
+	return
+}