TC
/
Zoraxy
zrcadlo https://git.hkwtc.org/TC/ReverseProxy


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132
							package sso

import (
	"context"
	"net/http"
	"strconv"
	"time"

	"github.com/go-oauth2/oauth2/v4/errors"
	"imuslab.com/zoraxy/mod/utils"
)

/*

	server.go


	This is the web server for the SSO portal. It contains the

	HTTP server and the handlers for the SSO portal.


	If you are looking for handlers that changes the settings

	of the SSO portale or user management, please refer to

	handlers.go.


*/

func (h *SSOHandler) InitSSOPortal(portalServerPort int) {
	//Create a new web server for the SSO portal
	pmux := http.NewServeMux()
	fs := http.FileServer(http.FS(staticFiles))
	pmux.Handle("/", fs)

	//Register API endpoint for the SSO portal
	pmux.HandleFunc("/sso/login", h.HandleLogin)

	//Register API endpoint for autodiscovery
	pmux.HandleFunc("/.well-known/openid-configuration", h.HandleDiscoveryRequest)

	//Register OAuth2 endpoints
	h.Oauth2Server.RegisterOauthEndpoints(pmux)
	h.ssoPortalMux = pmux
}

// StartSSOPortal start the SSO portal server
// This function will block the main thread, call it in a goroutine
func (h *SSOHandler) StartSSOPortal() error {
	if h.ssoPortalServer != nil {
		return errors.New("SSO portal server already running")
	}
	h.ssoPortalServer = &http.Server{
		Addr:    ":" + strconv.Itoa(h.Config.PortalServerPort),
		Handler: h.ssoPortalMux,
	}
	err := h.ssoPortalServer.ListenAndServe()
	if err != nil && err != http.ErrServerClosed {
		h.Log("Failed to start SSO portal server", err)
	}
	return err
}

// StopSSOPortal stop the SSO portal server
func (h *SSOHandler) StopSSOPortal() error {
	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
	defer cancel()
	err := h.ssoPortalServer.Shutdown(ctx)
	if err != nil {
		h.Log("Failed to stop SSO portal server", err)
		return err
	}
	h.ssoPortalServer = nil
	return nil
}

// StartSSOPortal start the SSO portal server
func (h *SSOHandler) RestartSSOServer() error {
	if h.ssoPortalServer != nil {
		err := h.StopSSOPortal()
		if err != nil {
			return err
		}
	}
	go h.StartSSOPortal()
	return nil
}

func (h *SSOHandler) IsRunning() bool {
	return h.ssoPortalServer != nil
}

// HandleLogin handle the login request
func (h *SSOHandler) HandleLogin(w http.ResponseWriter, r *http.Request) {
	//Handle the login request
	username, err := utils.PostPara(r, "username")
	if err != nil {
		utils.SendErrorResponse(w, "invalid username or password")
		return
	}

	password, err := utils.PostPara(r, "password")
	if err != nil {
		utils.SendErrorResponse(w, "invalid username or password")
		return
	}

	rememberMe, err := utils.PostBool(r, "remember_me")
	if err != nil {
		rememberMe = false
	}

	//Check if the user exists
	userEntry, err := h.GetSSOUser(username)
	if err != nil {
		utils.SendErrorResponse(w, "user not found")
		return
	}

	//Check if the password is correct
	if !userEntry.VerifyPassword(password) {
		utils.SendErrorResponse(w, "incorrect password")
		return
	}

	//Create a new session for the user
	session, _ := h.cookieStore.Get(r, "Zoraxy-SSO")
	session.Values["username"] = username
	if rememberMe {
		session.Options.MaxAge = 86400 * 15 //15 days
	} else {
		session.Options.MaxAge = 3600 //1 hour
	}
	session.Save(r, w) //Save the session

	utils.SendOK(w)
}