Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-05-24 02:02:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add examples for jwt routes of keibi

Browse Source
This commit is contained in:
Zoe Roux 2025-03-29 00:37:02 +01:00
parent 65a7f62fd1
commit 8fe50ad00b
No known key found for this signature in database
7 changed files with 69 additions and 1295 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
auth/Dockerfile
View File

@ -12,7 +12,7 @@ COPY sql ./sql
RUN sqlc generate RUN sqlc generate
COPY . . COPY . .
RUN swag init --parseDependency RUN swag init --parseDependency --outputTypes yaml
RUN CGO_ENABLED=0 GOOS=linux go build -o /keibi RUN CGO_ENABLED=0 GOOS=linux go build -o /keibi
FROM gcr.io/distroless/base-debian11 FROM gcr.io/distroless/base-debian11

650
auth/docs/docs.go
View File

@ -1,650 +0,0 @@
// Package docs Code generated by swaggo/swag. DO NOT EDIT
package docs
import "github.com/swaggo/swag"
const docTemplate = `{
"schemes": {{ marshal .Schemes }},
"swagger": "2.0",
"info": {
"description": "{{escape .Description}}",
"title": "{{.Title}}",
"contact": {
"name": "Repository",
"url": "https://github.com/zoriya/kyoo"
},
"license": {
"name": "GPL-3.0",
"url": "https://www.gnu.org/licenses/gpl-3.0.en.html"
},
"version": "{{.Version}}"
},
"host": "{{.Host}}",
"basePath": "{{.BasePath}}",
"paths": {
"/info": {
"get": {
"description": "Get info like the public key used to sign the jwts.",
"produces": [
"application/json"
],
"tags": [
"jwt"
],
"summary": "Info",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Info"
}
}
}
}
},
"/jwt": {
"get": {
"security": [
{
"Token": []
}
],
"description": "Convert a session token to a short lived JWT.",
"produces": [
"application/json"
],
"tags": [
"jwt"
],
"summary": "Get JWT",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Jwt"
}
},
"401": {
"description": "Missing session token",
"schema": {}
},
"403": {
"description": "Invalid session token (or expired)",
"schema": {}
}
}
}
},
"/sessions": {
"post": {
"description": "Login to your account and open a session",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"sessions"
],
"summary": "Login",
"parameters": [
{
"type": "string",
"description": "The device the created session will be used on",
"name": "device",
"in": "query"
},
{
"description": "Account informations",
"name": "login",
"in": "body",
"schema": {
"$ref": "#/definitions/main.LoginDto"
}
}
],
"responses": {
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/dbc.Session"
}
},
"400": {
"description": "Invalid login body",
"schema": {}
},
"403": {
"description": "Invalid password",
"schema": {}
},
"404": {
"description": "Account does not exists",
"schema": {}
},
"422": {
"description": "User does not have a password (registered via oidc, please login via oidc)",
"schema": {}
}
}
}
},
"/sessions/current": {
"delete": {
"security": [
{
"Jwt": []
}
],
"description": "Delete a session and logout",
"produces": [
"application/json"
],
"tags": [
"sessions"
],
"summary": "Logout",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Session"
}
},
"400": {
"description": "Invalid session id",
"schema": {}
},
"401": {
"description": "Missing jwt token",
"schema": {}
},
"403": {
"description": "Invalid jwt token (or expired)",
"schema": {}
},
"404": {
"description": "Session not found with specified id (if not using the /current route)",
"schema": {}
}
}
}
},
"/sessions/{id}": {
"delete": {
"security": [
{
"Jwt": []
}
],
"description": "Delete a session and logout",
"produces": [
"application/json"
],
"tags": [
"sessions"
],
"summary": "Logout",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "The id of the session to delete",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Session"
}
},
"400": {
"description": "Invalid session id",
"schema": {}
},
"401": {
"description": "Missing jwt token",
"schema": {}
},
"403": {
"description": "Invalid jwt token (or expired)",
"schema": {}
},
"404": {
"description": "Session not found with specified id (if not using the /current route)",
"schema": {}
}
}
}
},
"/users": {
"get": {
"security": [
{
"Jwt": [
"users.read"
]
}
],
"description": "List all users existing in this instance.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "List all users",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "used for pagination.",
"name": "afterId",
"in": "query"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"400": {
"description": "Invalid after id",
"schema": {}
}
}
},
"post": {
"description": "Register as a new user and open a session for it",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Register",
"parameters": [
{
"type": "string",
"description": "The device the created session will be used on",
"name": "device",
"in": "query"
},
{
"description": "Registration informations",
"name": "user",
"in": "body",
"schema": {
"$ref": "#/definitions/main.RegisterDto"
}
}
],
"responses": {
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/dbc.Session"
}
},
"400": {
"description": "Invalid register body",
"schema": {}
},
"409": {
"description": "Duplicated email or username",
"schema": {}
}
}
}
},
"/users/me": {
"get": {
"security": [
{
"Jwt": []
}
],
"description": "Get informations about the currently connected user",
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Get me",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"401": {
"description": "Missing jwt token",
"schema": {}
},
"403": {
"description": "Invalid jwt token (or expired)",
"schema": {}
}
}
},
"delete": {
"security": [
{
"Jwt": []
}
],
"description": "Delete your account and all your sessions",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Delete self",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
}
}
}
},
"/users/{id}": {
"get": {
"security": [
{
"Jwt": [
"users.read"
]
}
],
"description": "Get informations about a user from it's id",
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Get user",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "The id of the user",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"404": {
"description": "No user with the given id found",
"schema": {}
}
}
},
"delete": {
"security": [
{
"Jwt": [
"users.delete"
]
}
],
"description": "Delete an account and all it's sessions.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Delete user",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "User id of the user to delete",
"name": "id",
"in": "path"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"404": {
"description": "Invalid user id",
"schema": {}
}
}
}
}
},
"definitions": {
"dbc.Session": {
"type": "object",
"properties": {
"createdDate": {
"type": "string"
},
"device": {
"type": "string"
},
"id": {
"type": "string"
},
"lastUsed": {
"type": "string"
},
"pk": {
"type": "integer"
},
"token": {
"type": "string"
},
"userPk": {
"type": "integer"
}
}
},
"main.Info": {
"type": "object",
"properties": {
"publicKey": {
"description": "The public key used to sign jwt tokens. It can be used by your services to check if the jwt is valid.",
"type": "string"
}
}
},
"main.Jwt": {
"type": "object",
"properties": {
"token": {
"description": "The jwt token you can use for all authorized call to either keibi or other services.",
"type": "string"
}
}
},
"main.LoginDto": {
"type": "object",
"required": [
"login",
"password"
],
"properties": {
"login": {
"description": "Either the email or the username.",
"type": "string"
},
"password": {
"description": "Password of the account.",
"type": "string"
}
}
},
"main.OidcHandle": {
"type": "object",
"properties": {
"id": {
"description": "Id of this oidc handle.",
"type": "string"
},
"profileUrl": {
"description": "Link to the profile of the user on the external service. Null if unknown or irrelevant.",
"type": "string",
"format": "url"
},
"username": {
"description": "Username of the user on the external service.",
"type": "string"
}
}
},
"main.RegisterDto": {
"type": "object",
"required": [
"email",
"password",
"username"
],
"properties": {
"email": {
"description": "Valid email that could be used for forgotten password requests. Can be used for login.",
"type": "string",
"format": "email"
},
"password": {
"description": "Password to use.",
"type": "string"
},
"username": {
"description": "Username of the new account, can't contain @ signs. Can be used for login.",
"type": "string"
}
}
},
"main.Session": {
"type": "object",
"properties": {
"createdDate": {
"description": "When was the session first opened",
"type": "string"
},
"device": {
"description": "Device that created the session.",
"type": "string"
},
"id": {
"description": "Unique id of this session. Can be used for calls to DELETE",
"type": "string"
},
"lastUsed": {
"description": "Last date this session was used to access a service.",
"type": "string"
}
}
},
"main.User": {
"type": "object",
"properties": {
"claims": {
"description": "List of custom claims JWT created via get /jwt will have",
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"createdDate": {
"description": "When was this account created?",
"type": "string"
},
"email": {
"description": "Email of the user. Can be used as a login.",
"type": "string",
"format": "email"
},
"id": {
"description": "Id of the user.",
"type": "string"
},
"lastSeen": {
"description": "When was the last time this account made any authorized request?",
"type": "string"
},
"oidc": {
"description": "List of other login method available for this user. Access tokens wont be returned here.",
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/main.OidcHandle"
}
},
"username": {
"description": "Username of the user. Can be used as a login.",
"type": "string"
}
}
}
},
"securityDefinitions": {
"Jwt": {
"type": "apiKey",
"name": "Authorization",
"in": "header"
},
"Token": {
"type": "apiKey",
"name": "Authorization",
"in": "header"
}
}
}`
// SwaggerInfo holds exported Swagger Info so clients can modify it
var SwaggerInfo = &swag.Spec{
Version: "1.0",
Host: "kyoo.zoriya.dev",
BasePath: "/auth",
Schemes: []string{},
Title: "Keibi - Kyoo's auth",
Description: "Auth system made for kyoo.",
InfoInstanceName: "swagger",
SwaggerTemplate: docTemplate,
LeftDelim: "{{",
RightDelim: "}}",
}
func init() {
swag.Register(SwaggerInfo.InstanceName(), SwaggerInfo)
}

626
auth/docs/swagger.json
View File

@ -1,626 +0,0 @@
{
"swagger": "2.0",
"info": {
"description": "Auth system made for kyoo.",
"title": "Keibi - Kyoo's auth",
"contact": {
"name": "Repository",
"url": "https://github.com/zoriya/kyoo"
},
"license": {
"name": "GPL-3.0",
"url": "https://www.gnu.org/licenses/gpl-3.0.en.html"
},
"version": "1.0"
},
"host": "kyoo.zoriya.dev",
"basePath": "/auth",
"paths": {
"/info": {
"get": {
"description": "Get info like the public key used to sign the jwts.",
"produces": [
"application/json"
],
"tags": [
"jwt"
],
"summary": "Info",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Info"
}
}
}
}
},
"/jwt": {
"get": {
"security": [
{
"Token": []
}
],
"description": "Convert a session token to a short lived JWT.",
"produces": [
"application/json"
],
"tags": [
"jwt"
],
"summary": "Get JWT",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Jwt"
}
},
"401": {
"description": "Missing session token",
"schema": {}
},
"403": {
"description": "Invalid session token (or expired)",
"schema": {}
}
}
}
},
"/sessions": {
"post": {
"description": "Login to your account and open a session",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"sessions"
],
"summary": "Login",
"parameters": [
{
"type": "string",
"description": "The device the created session will be used on",
"name": "device",
"in": "query"
},
{
"description": "Account informations",
"name": "login",
"in": "body",
"schema": {
"$ref": "#/definitions/main.LoginDto"
}
}
],
"responses": {
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/dbc.Session"
}
},
"400": {
"description": "Invalid login body",
"schema": {}
},
"403": {
"description": "Invalid password",
"schema": {}
},
"404": {
"description": "Account does not exists",
"schema": {}
},
"422": {
"description": "User does not have a password (registered via oidc, please login via oidc)",
"schema": {}
}
}
}
},
"/sessions/current": {
"delete": {
"security": [
{
"Jwt": []
}
],
"description": "Delete a session and logout",
"produces": [
"application/json"
],
"tags": [
"sessions"
],
"summary": "Logout",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Session"
}
},
"400": {
"description": "Invalid session id",
"schema": {}
},
"401": {
"description": "Missing jwt token",
"schema": {}
},
"403": {
"description": "Invalid jwt token (or expired)",
"schema": {}
},
"404": {
"description": "Session not found with specified id (if not using the /current route)",
"schema": {}
}
}
}
},
"/sessions/{id}": {
"delete": {
"security": [
{
"Jwt": []
}
],
"description": "Delete a session and logout",
"produces": [
"application/json"
],
"tags": [
"sessions"
],
"summary": "Logout",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "The id of the session to delete",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.Session"
}
},
"400": {
"description": "Invalid session id",
"schema": {}
},
"401": {
"description": "Missing jwt token",
"schema": {}
},
"403": {
"description": "Invalid jwt token (or expired)",
"schema": {}
},
"404": {
"description": "Session not found with specified id (if not using the /current route)",
"schema": {}
}
}
}
},
"/users": {
"get": {
"security": [
{
"Jwt": [
"users.read"
]
}
],
"description": "List all users existing in this instance.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "List all users",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "used for pagination.",
"name": "afterId",
"in": "query"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"400": {
"description": "Invalid after id",
"schema": {}
}
}
},
"post": {
"description": "Register as a new user and open a session for it",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Register",
"parameters": [
{
"type": "string",
"description": "The device the created session will be used on",
"name": "device",
"in": "query"
},
{
"description": "Registration informations",
"name": "user",
"in": "body",
"schema": {
"$ref": "#/definitions/main.RegisterDto"
}
}
],
"responses": {
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/dbc.Session"
}
},
"400": {
"description": "Invalid register body",
"schema": {}
},
"409": {
"description": "Duplicated email or username",
"schema": {}
}
}
}
},
"/users/me": {
"get": {
"security": [
{
"Jwt": []
}
],
"description": "Get informations about the currently connected user",
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Get me",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"401": {
"description": "Missing jwt token",
"schema": {}
},
"403": {
"description": "Invalid jwt token (or expired)",
"schema": {}
}
}
},
"delete": {
"security": [
{
"Jwt": []
}
],
"description": "Delete your account and all your sessions",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Delete self",
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
}
}
}
},
"/users/{id}": {
"get": {
"security": [
{
"Jwt": [
"users.read"
]
}
],
"description": "Get informations about a user from it's id",
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Get user",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "The id of the user",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"404": {
"description": "No user with the given id found",
"schema": {}
}
}
},
"delete": {
"security": [
{
"Jwt": [
"users.delete"
]
}
],
"description": "Delete an account and all it's sessions.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"users"
],
"summary": "Delete user",
"parameters": [
{
"type": "string",
"format": "uuid",
"description": "User id of the user to delete",
"name": "id",
"in": "path"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/main.User"
}
},
"404": {
"description": "Invalid user id",
"schema": {}
}
}
}
}
},
"definitions": {
"dbc.Session": {
"type": "object",
"properties": {
"createdDate": {
"type": "string"
},
"device": {
"type": "string"
},
"id": {
"type": "string"
},
"lastUsed": {
"type": "string"
},
"pk": {
"type": "integer"
},
"token": {
"type": "string"
},
"userPk": {
"type": "integer"
}
}
},
"main.Info": {
"type": "object",
"properties": {
"publicKey": {
"description": "The public key used to sign jwt tokens. It can be used by your services to check if the jwt is valid.",
"type": "string"
}
}
},
"main.Jwt": {
"type": "object",
"properties": {
"token": {
"description": "The jwt token you can use for all authorized call to either keibi or other services.",
"type": "string"
}
}
},
"main.LoginDto": {
"type": "object",
"required": [
"login",
"password"
],
"properties": {
"login": {
"description": "Either the email or the username.",
"type": "string"
},
"password": {
"description": "Password of the account.",
"type": "string"
}
}
},
"main.OidcHandle": {
"type": "object",
"properties": {
"id": {
"description": "Id of this oidc handle.",
"type": "string"
},
"profileUrl": {
"description": "Link to the profile of the user on the external service. Null if unknown or irrelevant.",
"type": "string",
"format": "url"
},
"username": {
"description": "Username of the user on the external service.",
"type": "string"
}
}
},
"main.RegisterDto": {
"type": "object",
"required": [
"email",
"password",
"username"
],
"properties": {
"email": {
"description": "Valid email that could be used for forgotten password requests. Can be used for login.",
"type": "string",
"format": "email"
},
"password": {
"description": "Password to use.",
"type": "string"
},
"username": {
"description": "Username of the new account, can't contain @ signs. Can be used for login.",
"type": "string"
}
}
},
"main.Session": {
"type": "object",
"properties": {
"createdDate": {
"description": "When was the session first opened",
"type": "string"
},
"device": {
"description": "Device that created the session.",
"type": "string"
},
"id": {
"description": "Unique id of this session. Can be used for calls to DELETE",
"type": "string"
},
"lastUsed": {
"description": "Last date this session was used to access a service.",
"type": "string"
}
}
},
"main.User": {
"type": "object",
"properties": {
"claims": {
"description": "List of custom claims JWT created via get /jwt will have",
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"createdDate": {
"description": "When was this account created?",
"type": "string"
},
"email": {
"description": "Email of the user. Can be used as a login.",
"type": "string",
"format": "email"
},
"id": {
"description": "Id of the user.",
"type": "string"
},
"lastSeen": {
"description": "When was the last time this account made any authorized request?",
"type": "string"
},
"oidc": {
"description": "List of other login method available for this user. Access tokens wont be returned here.",
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/main.OidcHandle"
}
},
"username": {
"description": "Username of the user. Can be used as a login.",
"type": "string"
}
}
}
},
"securityDefinitions": {
"Jwt": {
"type": "apiKey",
"name": "Authorization",
"in": "header"
},
"Token": {
"type": "apiKey",
"name": "Authorization",
"in": "header"
}
}
}

56
auth/docs/swagger.yaml
View File

@ -17,20 +17,50 @@ definitions:
userPk: userPk:
type: integer type: integer
type: object type: object
main.Info: main.JwkSet:
properties: properties:
publicKey: keys:
description: The public key used to sign jwt tokens. It can be used by your items:
services to check if the jwt is valid. properties:
e:
example: AQAB
type: string type: string
key_ops:
example:
- '[verify]'
items:
type: string
type: array
kty:
example: RSA
type: string
"n":
example: oBcXcJUR-Sb8_b4qIj28LRAPxdF_6odRr52K5-ymiEkR2DOlEuXBtM-biWxPESW-U-zhfHzdVLf6ioy5xL0bJTh8BMIorkrDliN3vb81jCvyOMgZ7ATMJpMAQMmSDN7sL3U45r22FaoQufCJMQHmUsZPecdQSgj2aFBiRXxsLleYlSezdBVT_gKH-coqeYXSC_hk-ezSq4aDZ10BlDnZ-FA7-ES3T7nBmJEAU7KDAGeSvbYAfYimOW0r-Vc0xQNuwGCfzZtSexKXDbYbNwOVo3SjfCabq-gMfap_owcHbKicGBZu1LDlh7CpkmLQf_kv6GihM2LWFFh6Vwg2cltiwF22EIPlUDtYTkUR0qRkdNJaNkwV5Vv_6r3pzSmu5ovRriKtlrvJMjlTnLb4_ltsge3fw5Z34cJrsp094FbUc2O6Or4FGEXUldieJCnVRhs2_h6SDcmeMXs1zfvE5GlDnq8tZV6WMJ5Sb4jNO7rs_hTkr23_E6mVg-DdtozGfqzRzhIjPym6D_jVfR6dZv5W0sKwOHRmT7nYq-C7b2sAwmNNII296M4Rq-jn0b5pgSeMDYbIpbIA4thU8LYU0lBZp_ZVwWKG1RFZDxz3k9O5UVth2kTpTWlwn0hB1aAvgXHo6in1CScITGA72p73RbDieNnLFaCK4xUVstkWAKLqPxs
type: string
use:
example: sig
type: string
type: object
type: array
type: object type: object
main.Jwt: main.Jwt:
properties: properties:
token: token:
description: The jwt token you can use for all authorized call to either keibi description: The jwt token you can use for all authorized call to either keibi
or other services. or other services.
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30
type: string type: string
type: object type: object
main.KError:
properties:
details: {}
message:
example: No user found with this id
type: string
status:
example: 404
type: integer
type: object
main.LoginDto: main.LoginDto:
properties: properties:
login: login:
@ -133,17 +163,17 @@ info:
title: Keibi - Kyoo's auth title: Keibi - Kyoo's auth
version: "1.0" version: "1.0"
paths: paths:
/info: /.well-known/jwks.json:
get: get:
description: Get info like the public key used to sign the jwts. description: Get the jwks info, used to validate jwts.
produces: produces:
- application/json - application/json
responses: responses:
"200": "200":
description: OK description: OK
schema: schema:
$ref: '#/definitions/main.Info' $ref: '#/definitions/main.JwkSet'
summary: Info summary: Jwks
tags: tags:
- jwt - jwt
/jwt: /jwt:
@ -154,14 +184,16 @@ paths:
responses: responses:
"200": "200":
description: OK description: OK
headers:
Authorization:
description: Jwt (same value as the returned token)
type: string
schema: schema:
$ref: '#/definitions/main.Jwt' $ref: '#/definitions/main.Jwt'
"401":
description: Missing session token
schema: {}
"403": "403":
description: Invalid session token (or expired) description: Invalid session token (or expired)
schema: {} schema:
$ref: '#/definitions/main.KError'
security: security:
- Token: [] - Token: []
summary: Get JWT summary: Get JWT

19
auth/jwt.go
View File

@ -15,7 +15,7 @@ import (
type Jwt struct { type Jwt struct {
// The jwt token you can use for all authorized call to either keibi or other services. // The jwt token you can use for all authorized call to either keibi or other services.
Token *string `json:"token"` Token *string `json:"token" example:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.KMUFsIDTnFmyG3nMiGM6H9FNFUROf3wh7SmqJp-QV30"`
} }
// @Summary Get JWT // @Summary Get JWT
@ -24,8 +24,8 @@ type Jwt struct {
// @Produce json // @Produce json
// @Security Token // @Security Token
// @Success 200 {object} Jwt // @Success 200 {object} Jwt
// @Failure 401 {object} problem.Problem "Missing session token" // @Failure 403 {object} KError "Invalid session token (or expired)"
// @Failure 403 {object} problem.Problem "Invalid session token (or expired)" // @Header 200 {string} Authorization "Jwt (same value as the returned token)"
// @Router /jwt [get] // @Router /jwt [get]
func (h *Handler) CreateJwt(c echo.Context) error { func (h *Handler) CreateJwt(c echo.Context) error {
auth := c.Request().Header.Get("Authorization") auth := c.Request().Header.Get("Authorization")
@ -69,11 +69,22 @@ func (h *Handler) CreateJwt(c echo.Context) error {
}) })
} }
// only used for the swagger doc
type JwkSet struct {
Keys []struct {
E string `json:"e" example:"AQAB"`
KeyOps []string `json:"key_ops" example:"[verify]"`
Kty string `json:"kty" example:"RSA"`
N string `json:"n" example:"oBcXcJUR-Sb8_b4qIj28LRAPxdF_6odRr52K5-ymiEkR2DOlEuXBtM-biWxPESW-U-zhfHzdVLf6ioy5xL0bJTh8BMIorkrDliN3vb81jCvyOMgZ7ATMJpMAQMmSDN7sL3U45r22FaoQufCJMQHmUsZPecdQSgj2aFBiRXxsLleYlSezdBVT_gKH-coqeYXSC_hk-ezSq4aDZ10BlDnZ-FA7-ES3T7nBmJEAU7KDAGeSvbYAfYimOW0r-Vc0xQNuwGCfzZtSexKXDbYbNwOVo3SjfCabq-gMfap_owcHbKicGBZu1LDlh7CpkmLQf_kv6GihM2LWFFh6Vwg2cltiwF22EIPlUDtYTkUR0qRkdNJaNkwV5Vv_6r3pzSmu5ovRriKtlrvJMjlTnLb4_ltsge3fw5Z34cJrsp094FbUc2O6Or4FGEXUldieJCnVRhs2_h6SDcmeMXs1zfvE5GlDnq8tZV6WMJ5Sb4jNO7rs_hTkr23_E6mVg-DdtozGfqzRzhIjPym6D_jVfR6dZv5W0sKwOHRmT7nYq-C7b2sAwmNNII296M4Rq-jn0b5pgSeMDYbIpbIA4thU8LYU0lBZp_ZVwWKG1RFZDxz3k9O5UVth2kTpTWlwn0hB1aAvgXHo6in1CScITGA72p73RbDieNnLFaCK4xUVstkWAKLqPxs"`
Use string `json:"use" example:"sig"`
}
}
// @Summary Jwks // @Summary Jwks
// @Description Get the jwks info, used to validate jwts. // @Description Get the jwks info, used to validate jwts.
// @Tags jwt // @Tags jwt
// @Produce json // @Produce json
// @Success 200 {object} jwk.Key // @Success 200 {object} JwkSet "OK"
// @Router /.well-known/jwks.json [get] // @Router /.well-known/jwks.json [get]
func (h *Handler) GetJwks(c echo.Context) error { func (h *Handler) GetJwks(c echo.Context) error {
key, err := jwk.New(h.config.JwtPublicKey) key, err := jwk.New(h.config.JwtPublicKey)

7
auth/kerror.go Normal file
View File

@ -0,0 +1,7 @@
package main
type KError struct {
Status int `json:"status" example:"404"`
Message string `json:"message" example:"No user found with this id"`
Details any `json:"details"`
}

2
auth/utils.go
View File

@ -19,7 +19,7 @@ func GetCurrentUserId(c echo.Context) (uuid.UUID, error) {
} }
sub, err := user.Claims.GetSubject() sub, err := user.Claims.GetSubject()
if err != nil { if err != nil {
return uuid.UUID{}, echo.NewHTTPError(403, "Could not retrive subject") return uuid.UUID{}, echo.NewHTTPError(403, "Could not retrieve subject")
} }
ret, err := uuid.Parse(sub) ret, err := uuid.Parse(sub)
if err != nil { if err != nil {