diff --git a/auth/auth.go b/auth/auth.go index 55793fd..22a0559 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -17,12 +17,12 @@ type Authenticator struct { verifierProvider *oidc.Provider } -func SetupAuthHandler() *Authenticator { +func SetupOIDCAuthHandler() *Authenticator { providerLink := utils.GetEnv("OIDC_PROVIDER", "") clientID := utils.GetEnv("OIDC_CLIENT_ID", "") clientSecret := utils.GetEnv("OIDC_CLIENT_SECRET", "") redirectURL := utils.GetEnv("OIDC_REDIRECT_URL", "") - cookieJarSecret := utils.GetEnv("COOKIE_SECRET", "") + cookieJarSecret := utils.GetEnv("COOKIE_SECRET_KEY", "") if providerLink == "" { log.Fatal("invalid provider link for the env: OIDC_PROVIDER") } @@ -36,7 +36,7 @@ func SetupAuthHandler() *Authenticator { log.Fatal("invalid redirect URL for the env: OIDC_REDIRECT_URL") } if cookieJarSecret == "" || len(cookieJarSecret) < 32 { - log.Fatal("invalid cookie secret key for the env: COOKIE_SECRET_KEY. Note: should be at leat 32 characters") + log.Fatal("invalid cookie secret key for the env: COOKIE_SECRET_KEY. Note: should be at least 32 characters") } ctx := context.Background() diff --git a/auth/cookies/cookie.go b/auth/cookies/cookie.go index be4ca2e..60ad5d7 100644 --- a/auth/cookies/cookie.go +++ b/auth/cookies/cookie.go @@ -10,7 +10,6 @@ import ( type ICookieJar interface { SetCallBackCookie(*gin.Context, string, string) } - type CookieJar struct { store sessions.Store } diff --git a/handlers/auth.go b/handlers/auth.go index 9f51418..9210058 100644 --- a/handlers/auth.go +++ b/handlers/auth.go @@ -3,9 +3,9 @@ package handlers import ( "errors" "net/http" + "soarca-gui/utils" "strings" - "soarca-gui/utils" authviews "soarca-gui/views/auth" "github.com/gin-gonic/gin" diff --git a/handlers/oidc_handler.go b/handlers/oidc_handler.go new file mode 100644 index 0000000..d76179e --- /dev/null +++ b/handlers/oidc_handler.go @@ -0,0 +1,27 @@ +package handlers + +import ( + "net/http" + "soarca-gui/auth" + "soarca-gui/utils" + + authviews "soarca-gui/views/auth" + + "github.com/gin-gonic/gin" +) + +type OIDCAuthHandler struct { + authenticator *auth.Authenticator +} + +func NewOIDCAuthHanlder(authenticator *auth.Authenticator) *OIDCAuthHandler { + return &OIDCAuthHandler{authenticator: authenticator} +} + +func (a *OIDCAuthHandler) OIDCAuthPageHandler(context *gin.Context) { + render := utils.NewTempl(context, http.StatusOK, authviews.OIDCLoginIndex()) + context.Render(http.StatusOK, render) +} + +func (a *OIDCAuthHandler) OIDCLoginHandler(context *gin.Context) { +} diff --git a/routes/routes.go b/routes/routes.go index 953caa2..7b6158e 100644 --- a/routes/routes.go +++ b/routes/routes.go @@ -1,13 +1,16 @@ package routes import ( + "fmt" + "log" "net/http" - + "soarca-gui/auth" "soarca-gui/backend" "soarca-gui/backend/soarca" "soarca-gui/handlers" "soarca-gui/public" "soarca-gui/utils" + "strconv" "github.com/gin-gonic/gin" ) @@ -19,20 +22,40 @@ func Setup(app *gin.Engine) { }) reporter := soarca.NewReport(utils.GetEnv("SOARCA_URI", "http://localhost:8080"), &http.Client{}) - status := soarca.NewStatus(utils.GetEnv("SOARCA_URI", "http://localhost:8080"), &http.Client{}) - + authEnabledStr := utils.GetEnv("AUTH_ENABLED", "false") + authEnabled, err := strconv.ParseBool(authEnabledStr) publicRoutes := app.Group("/") - - PublicRoutes(publicRoutes) + fmt.Println(authEnabled) + if err != nil { + log.Fatal("AUTH_ENABLED flag could not be parsed properly should be 'true' | 'false'") + } + if authEnabled { + PublicOIDCRoutes(publicRoutes) + } else { + PublicRoutes(publicRoutes) + } ReportingRoutes(reporter, publicRoutes) + // PublicRoutes(publicRoutes) StatusRoutes(status, publicRoutes) SettingsRoutes(publicRoutes) } +func PublicOIDCRoutes(app *gin.RouterGroup) { + auth := auth.SetupOIDCAuthHandler() + authHandler := handlers.NewOIDCAuthHanlder(auth) + publicRoute := app.Group("/") + { + publicRoute.GET("/", authHandler.OIDCAuthPageHandler) + publicRoute.POST("/login-redirect", authHandler.OIDCLoginHandler) + publicRoute.GET("/dashboard", handlers.HomeDashboard) + + } + publicRoute.StaticFS("/public", public.GetPublicAssetsFileSystem()) +} + func PublicRoutes(app *gin.RouterGroup) { authHandler := handlers.AuthHandler{} - publicRoute := app.Group("/") { publicRoute.GET("/", authHandler.AuthPage) @@ -40,7 +63,6 @@ func PublicRoutes(app *gin.RouterGroup) { publicRoute.GET("/dashboard", handlers.HomeDashboard) } - publicRoute.StaticFS("/public", public.GetPublicAssetsFileSystem()) } diff --git a/server/main.go b/server/main.go index 3a7d142..5a1c715 100644 --- a/server/main.go +++ b/server/main.go @@ -2,7 +2,6 @@ package main import ( "fmt" - "soarca-gui/internal/status" "soarca-gui/routes" "soarca-gui/utils" @@ -21,8 +20,9 @@ var ( func main() { fmt.Println("Version: ", Version) fmt.Println("Buildtime ", Buildtime) - errenv := godotenv.Load(".env") + // errenv := godotenv.Load(".env") + errenv := godotenv.Load(".env.example") if errenv != nil { fmt.Println("Failed to read env variable, but will continue") } diff --git a/views/auth/oidc_login.templ b/views/auth/oidc_login.templ new file mode 100644 index 0000000..a1252aa --- /dev/null +++ b/views/auth/oidc_login.templ @@ -0,0 +1,68 @@ +package authviews + +import ( + "soarca-gui/views/layouts" +) + + +templ OIDCLoginIndex() { + @OIDCLoginBaseLayout() { + @OIDCLoginForm() + } +} + +templ OIDCLoginBaseLayout() { + @layouts.BaseLayout() { + +
+ + + +
+
+ // will be filled when error message +
+
+ { children... } +
+
+
+
+ +
+
+ +
+
+
+
+
+ + } +} + + +templ OIDCLoginForm() { +
+ +
+} +