Add wider oauth/user perm boxes and allow wildcard oauth perms

This commit is contained in:
Melon 2024-02-14 21:04:52 +00:00
parent 0f37976d35
commit ba72697f1a
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
6 changed files with 11 additions and 12 deletions

2
go.mod
View File

@ -4,7 +4,7 @@ go 1.22
require (
github.com/1f349/cache v0.0.2
github.com/1f349/mjwt v0.2.1
github.com/1f349/mjwt v0.2.4
github.com/1f349/overlapfs v0.0.1
github.com/1f349/violet v0.0.13
github.com/MrMelon54/exit-reload v0.0.1

4
go.sum
View File

@ -1,8 +1,8 @@
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
github.com/1f349/cache v0.0.2 h1:27QD6zPd9xYyvh9V1qqWq+EAt5+N+qvyGWKfnjMrhP8=
github.com/1f349/cache v0.0.2/go.mod h1:LibAMy13dF0KO1fQA9aEjZPBCB6Y4b5kKYEQJUqc2rQ=
github.com/1f349/mjwt v0.2.1 h1:REdiM/MaNjYQwHvI39LaMPhlvMg4Vy9SgomWMsKTNz8=
github.com/1f349/mjwt v0.2.1/go.mod h1:KEs6jd9JjWrQW+8feP2pGAU7pdA3aYTqjkT/YQr73PU=
github.com/1f349/mjwt v0.2.4 h1:FDVl2v50N1BdPjd79srRzIstZsQ/KLWWidsmJ6arPfI=
github.com/1f349/mjwt v0.2.4/go.mod h1:KEs6jd9JjWrQW+8feP2pGAU7pdA3aYTqjkT/YQr73PU=
github.com/1f349/overlapfs v0.0.1 h1:LAxBolrXFAgU0yqZtXg/C/aaPq3eoQSPpBc49BHuTp0=
github.com/1f349/overlapfs v0.0.1/go.mod h1:I6aItQycr7nrzplmfNXp/QF9tTmKRSgY3fXmu/7Ky2o=
github.com/1f349/violet v0.0.13 h1:lJpTz15Ea83Uc1VAISXTjtKuzr8Pe8NM4cMGp3Aiyhk=

View File

@ -61,7 +61,7 @@
{{if .IsAdmin}}
<div>
<label for="field_perms">Perms:</label>
<input type="text" name="perms" id="field_perms" value="{{.Edit.Perms}}" required/>
<input type="text" name="perms" id="field_perms" value="{{.Edit.Perms}}" size="100"/>
</div>
{{end}}
<div>
@ -143,7 +143,7 @@
{{if .IsAdmin}}
<div>
<label for="field_perms">Perms:</label>
<input type="text" name="perms" id="field_perms" required/>
<input type="text" name="perms" id="field_perms"/>
</div>
{{end}}
<div>

View File

@ -24,7 +24,7 @@
</div>
<div>
<label for="field_roles">Roles:</label>
<input type="text" name="roles" id="field_roles" value="{{.Edit.Roles}}"/>
<input type="text" name="roles" id="field_roles" value="{{.Edit.Roles}}" size="100"/>
</div>
<div>
<label for="field_active">Active: <input type="checkbox" name="active" id="field_active" checked/></label>

View File

@ -36,15 +36,14 @@ func (j *JWTAccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasi
}
beginCtx.Rollback()
ps := claims.NewPermStorage()
ps := claims.ParsePermStorage(roles)
var out *claims.PermStorage
ForEachRole(data.Client.(interface{ UsePerms() string }).UsePerms(), func(role string) {
if HasRole(roles, role) {
ps.Set(role)
}
out = ps.Filter(strings.Split(role, " "))
})
access, err = j.signer.GenerateJwt(data.UserID, "", jwt.ClaimStrings{data.TokenInfo.GetClientID()}, data.TokenInfo.GetAccessExpiresIn(), auth.AccessTokenClaims{
Perms: ps,
Perms: out,
})
if isGenRefresh {

View File

@ -6,7 +6,7 @@
<script>
const ssoService = "http://localhost:9090";
POP2.init(ssoService + "/authorize", "f4cdb93d-fe28-427b-b037-f03f44c86a16", "openid profile age", 500, 600);
POP2.init(ssoService + "/authorize", "f4cdb93d-fe28-427b-b037-f03f44c86a16", "openid profile age email", 500, 600);
window.addEventListener("load", function () {
doThisThing(false);