From 28b574c8275fbe585d51b8e0319840e6b07108a3 Mon Sep 17 00:00:00 2001 From: Lakhan Samani Date: Tue, 2 Apr 2024 15:25:11 +0530 Subject: [PATCH] Update tests --- app/package-lock.json | 16 ++--- app/package.json | 2 +- app/src/App.tsx | 1 - app/yarn.lock | 18 ++--- .../src/components/EnvComponents/Features.tsx | 15 +++- dashboard/src/constants.ts | 2 + dashboard/src/graphql/queries/index.ts | 1 + dashboard/src/pages/Environment.tsx | 1 + server/db/providers/arangodb/authenticator.go | 8 +-- server/db/providers/arangodb/env.go | 8 +-- server/db/providers/arangodb/user.go | 18 ++--- .../arangodb/verification_requests.go | 10 +-- .../db/providers/cassandradb/authenticator.go | 12 ++-- server/db/providers/cassandradb/env.go | 4 +- server/db/providers/cassandradb/user.go | 14 ++-- .../cassandradb/verification_requests.go | 2 +- .../db/providers/couchbase/authenticator.go | 6 +- server/db/providers/couchbase/env.go | 8 +-- server/db/providers/couchbase/otp.go | 4 +- server/db/providers/couchbase/provider.go | 2 +- server/db/providers/couchbase/shared.go | 2 +- server/db/providers/couchbase/user.go | 18 ++--- .../couchbase/verification_requests.go | 8 +-- server/db/providers/couchbase/webhook.go | 2 +- server/db/providers/couchbase/webhook_log.go | 2 +- server/db/providers/dynamodb/authenticator.go | 6 +- server/db/providers/dynamodb/env.go | 6 +- server/db/providers/dynamodb/user.go | 10 +-- .../dynamodb/verification_requests.go | 6 +- server/db/providers/dynamodb/webhook.go | 2 +- server/db/providers/mongodb/authenticator.go | 6 +- server/db/providers/mongodb/env.go | 8 +-- server/db/providers/mongodb/user.go | 10 +-- .../mongodb/verification_requests.go | 6 +- server/db/providers/provider_template/user.go | 2 +- server/db/providers/sql/user.go | 6 +- server/email/email_verification.go | 4 +- server/graph/generated/generated.go | 72 ++++++++++++++++++- server/graph/model/models_gen.go | 2 + server/graph/schema.graphqls | 2 + server/handlers/oauth_callback.go | 2 +- server/handlers/revoke_refresh_token.go | 6 +- server/middlewares/client_check.go | 29 ++++++++ server/middlewares/cors.go | 2 +- server/resolvers/env.go | 1 + server/routes/routes.go | 1 + server/test/login_test.go | 8 ++- server/test/mobile_login_test.go | 8 ++- server/test/resend_otp_test.go | 16 ++--- server/test/totp_login_test.go | 7 +- server/test/verify_otp_test.go | 6 +- 51 files changed, 275 insertions(+), 143 deletions(-) create mode 100644 server/middlewares/client_check.go diff --git a/app/package-lock.json b/app/package-lock.json index 310520e73..2afc0db51 100644 --- a/app/package-lock.json +++ b/app/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "ISC", "dependencies": { - "@authorizerdev/authorizer-react": "^1.2.0", + "@authorizerdev/authorizer-react": "^1.3.1", "@types/react": "^17.0.15", "@types/react-dom": "^17.0.9", "esbuild": "^0.12.17", @@ -27,9 +27,9 @@ } }, "node_modules/@authorizerdev/authorizer-js": { - "version": "2.0.0-beta.3", - "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-2.0.0-beta.3.tgz", - "integrity": "sha512-cEzEVe7AewvOwOwoettiKRCq1e5Y33k9g8fJjqAoe3B/36iNN8wnZ5qgsPPZkqhv+Cvn6huj+YWtRimfVJ6d0w==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-2.0.2.tgz", + "integrity": "sha512-YgCtpaBDGYGMUlINFsvGNJnBtbnFG2wo66xX2i6auop52oVmKimvLpzOx8306/YddCxWhg9FljyVMp88Mbnxyw==", "dependencies": { "cross-fetch": "^3.1.5" }, @@ -41,11 +41,11 @@ } }, "node_modules/@authorizerdev/authorizer-react": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.2.0.tgz", - "integrity": "sha512-MtunZgh30rzY9jSADVP1DRC4sOBC82zx/yhK8O/1ufOAi7vTDZwPjDHIMrG/xWPNUYTCeFPEKpZlKyB+TH/M1w==", + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-1.3.1.tgz", + "integrity": "sha512-X7vQMr5jtZ28z+YZOt5ISB3lOYXNszpLpWw4S6VNs7TLAd5/ZP2kPaSdDbUgIvQFyYy51DHQeGygOu3G1n0Mdw==", "dependencies": { - "@authorizerdev/authorizer-js": "^2.0.0-beta.3", + "@authorizerdev/authorizer-js": "^2.0.2", "validator": "^13.11.0" }, "engines": { diff --git a/app/package.json b/app/package.json index 413e6c221..26a765c32 100644 --- a/app/package.json +++ b/app/package.json @@ -12,7 +12,7 @@ "author": "Lakhan Samani", "license": "ISC", "dependencies": { - "@authorizerdev/authorizer-react": "^1.2.0", + "@authorizerdev/authorizer-react": "^1.3.1", "@types/react": "^17.0.15", "@types/react-dom": "^17.0.9", "esbuild": "^0.12.17", diff --git a/app/src/App.tsx b/app/src/App.tsx index aa8df400b..9b4f8b547 100644 --- a/app/src/App.tsx +++ b/app/src/App.tsx @@ -33,7 +33,6 @@ export default function App() { ...window['__authorizer__'], ...urlProps, }; - console.log({ globalState }); return (
{ - Basic Authentication: + Email Basic Authentication: { /> + + + Mobile Basic Authentication: + + + + + Sign Up: diff --git a/dashboard/src/constants.ts b/dashboard/src/constants.ts index d32e26b07..a9ca609d2 100644 --- a/dashboard/src/constants.ts +++ b/dashboard/src/constants.ts @@ -83,6 +83,7 @@ export const SwitchInputType = { DISABLE_MAGIC_LINK_LOGIN: 'DISABLE_MAGIC_LINK_LOGIN', DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION', DISABLE_BASIC_AUTHENTICATION: 'DISABLE_BASIC_AUTHENTICATION', + DISABLE_MOBILE_BASIC_AUTHENTICATION: 'DISABLE_MOBILE_BASIC_AUTHENTICATION', DISABLE_SIGN_UP: 'DISABLE_SIGN_UP', DISABLE_REDIS_FOR_ENV: 'DISABLE_REDIS_FOR_ENV', DISABLE_STRONG_PASSWORD: 'DISABLE_STRONG_PASSWORD', @@ -167,6 +168,7 @@ export interface envVarTypes { DISABLE_MAGIC_LINK_LOGIN: boolean; DISABLE_EMAIL_VERIFICATION: boolean; DISABLE_BASIC_AUTHENTICATION: boolean; + DISABLE_MOBILE_BASIC_AUTHENTICATION: boolean; DISABLE_SIGN_UP: boolean; DISABLE_STRONG_PASSWORD: boolean; OLD_ADMIN_SECRET: string; diff --git a/dashboard/src/graphql/queries/index.ts b/dashboard/src/graphql/queries/index.ts index 713ee1b94..c21552487 100644 --- a/dashboard/src/graphql/queries/index.ts +++ b/dashboard/src/graphql/queries/index.ts @@ -65,6 +65,7 @@ export const EnvVariablesQuery = ` DISABLE_MAGIC_LINK_LOGIN DISABLE_EMAIL_VERIFICATION DISABLE_BASIC_AUTHENTICATION + DISABLE_MOBILE_BASIC_AUTHENTICATION DISABLE_SIGN_UP DISABLE_STRONG_PASSWORD DISABLE_REDIS_FOR_ENV diff --git a/dashboard/src/pages/Environment.tsx b/dashboard/src/pages/Environment.tsx index a026b7b9f..cc60337c6 100644 --- a/dashboard/src/pages/Environment.tsx +++ b/dashboard/src/pages/Environment.tsx @@ -86,6 +86,7 @@ const Environment = () => { DISABLE_MAGIC_LINK_LOGIN: false, DISABLE_EMAIL_VERIFICATION: false, DISABLE_BASIC_AUTHENTICATION: false, + DISABLE_MOBILE_BASIC_AUTHENTICATION: false, DISABLE_SIGN_UP: false, DISABLE_STRONG_PASSWORD: false, OLD_ADMIN_SECRET: '', diff --git a/server/db/providers/arangodb/authenticator.go b/server/db/providers/arangodb/authenticator.go index 205ba675c..c701ebc73 100644 --- a/server/db/providers/arangodb/authenticator.go +++ b/server/db/providers/arangodb/authenticator.go @@ -28,7 +28,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models. authenticatorsCollection, _ := p.db.Collection(ctx, models.Collections.Authenticators) meta, err := authenticatorsCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), authenticators) if err != nil { - return authenticators, err + return nil, err } authenticators.Key = meta.Key authenticators.ID = meta.ID.String() @@ -42,7 +42,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode collection, _ := p.db.Collection(ctx, models.Collections.Authenticators) meta, err := collection.UpdateDocument(ctx, authenticators.Key, authenticators) if err != nil { - return authenticators, err + return nil, err } authenticators.Key = meta.Key @@ -59,7 +59,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s } cursor, err := p.db.Query(ctx, query, bindVars) if err != nil { - return authenticators, err + return nil, err } defer cursor.Close() for { @@ -71,7 +71,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s } _, err := cursor.ReadDocument(ctx, &authenticators) if err != nil { - return authenticators, err + return nil, err } } return authenticators, nil diff --git a/server/db/providers/arangodb/env.go b/server/db/providers/arangodb/env.go index bb4610a00..27f7c25f5 100644 --- a/server/db/providers/arangodb/env.go +++ b/server/db/providers/arangodb/env.go @@ -23,7 +23,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er configCollection, _ := p.db.Collection(ctx, models.Collections.Env) meta, err := configCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), env) if err != nil { - return env, err + return nil, err } env.Key = meta.Key env.ID = meta.ID.String() @@ -36,7 +36,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, collection, _ := p.db.Collection(ctx, models.Collections.Env) meta, err := collection.UpdateDocument(ctx, env.Key, env) if err != nil { - return env, err + return nil, err } env.Key = meta.Key @@ -50,7 +50,7 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) { query := fmt.Sprintf("FOR d in %s RETURN d", models.Collections.Env) cursor, err := p.db.Query(ctx, query, nil) if err != nil { - return env, err + return nil, err } defer cursor.Close() for { @@ -62,7 +62,7 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) { } _, err := cursor.ReadDocument(ctx, &env) if err != nil { - return env, err + return nil, err } } diff --git a/server/db/providers/arangodb/user.go b/server/db/providers/arangodb/user.go index e1e793179..5caca74a2 100644 --- a/server/db/providers/arangodb/user.go +++ b/server/db/providers/arangodb/user.go @@ -27,7 +27,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User if user.Roles == "" { defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) if err != nil { - return user, err + return nil, err } user.Roles = defaultRoles } @@ -47,7 +47,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User userCollection, _ := p.db.Collection(ctx, models.Collections.User) meta, err := userCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), user) if err != nil { - return user, err + return nil, err } user.Key = meta.Key user.ID = meta.ID.String() @@ -62,7 +62,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U collection, _ := p.db.Collection(ctx, models.Collections.User) meta, err := collection.UpdateDocument(ctx, user.Key, user) if err != nil { - return user, err + return nil, err } user.Key = meta.Key @@ -129,19 +129,19 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us } cursor, err := p.db.Query(ctx, query, bindVars) if err != nil { - return user, err + return nil, err } defer cursor.Close() for { if !cursor.HasMore() { if user == nil { - return user, fmt.Errorf("user not found") + return nil, fmt.Errorf("user not found") } break } _, err := cursor.ReadDocument(ctx, &user) if err != nil { - return user, err + return nil, err } } return user, nil @@ -156,19 +156,19 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er } cursor, err := p.db.Query(ctx, query, bindVars) if err != nil { - return user, err + return nil, err } defer cursor.Close() for { if !cursor.HasMore() { if user == nil { - return user, fmt.Errorf("user not found") + return nil, fmt.Errorf("user not found") } break } _, err := cursor.ReadDocument(ctx, &user) if err != nil { - return user, err + return nil, err } } return user, nil diff --git a/server/db/providers/arangodb/verification_requests.go b/server/db/providers/arangodb/verification_requests.go index 05a8186b0..2b12a994d 100644 --- a/server/db/providers/arangodb/verification_requests.go +++ b/server/db/providers/arangodb/verification_requests.go @@ -22,7 +22,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque verificationRequestRequestCollection, _ := p.db.Collection(ctx, models.Collections.VerificationRequest) meta, err := verificationRequestRequestCollection.CreateDocument(ctx, verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } verificationRequest.Key = meta.Key verificationRequest.ID = meta.ID.String() @@ -38,7 +38,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri } cursor, err := p.db.Query(ctx, query, bindVars) if err != nil { - return verificationRequest, err + return nil, err } defer cursor.Close() for { @@ -50,7 +50,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri } _, err := cursor.ReadDocument(ctx, &verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } } return verificationRequest, nil @@ -66,7 +66,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri } cursor, err := p.db.Query(ctx, query, bindVars) if err != nil { - return verificationRequest, err + return nil, err } defer cursor.Close() for { @@ -78,7 +78,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri } _, err := cursor.ReadDocument(ctx, &verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } } return verificationRequest, nil diff --git a/server/db/providers/cassandradb/authenticator.go b/server/db/providers/cassandradb/authenticator.go index e012ba30a..369a75aa6 100644 --- a/server/db/providers/cassandradb/authenticator.go +++ b/server/db/providers/cassandradb/authenticator.go @@ -29,7 +29,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models. bytes, err := json.Marshal(authenticators) if err != nil { - return authenticators, err + return nil, err } // use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling @@ -38,7 +38,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models. authenticatorsMap := map[string]interface{}{} err = decoder.Decode(&authenticatorsMap) if err != nil { - return authenticators, err + return nil, err } fields := "(" @@ -66,7 +66,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models. query := fmt.Sprintf("INSERT INTO %s %s VALUES %s IF NOT EXISTS", KeySpace+"."+models.Collections.Authenticators, fields, values) err = p.db.Query(query).Exec() if err != nil { - return authenticators, err + return nil, err } return authenticators, nil @@ -77,7 +77,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode bytes, err := json.Marshal(authenticators) if err != nil { - return authenticators, err + return nil, err } // use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling decoder := json.NewDecoder(strings.NewReader(string(bytes))) @@ -85,7 +85,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode authenticatorsMap := map[string]interface{}{} err = decoder.Decode(&authenticatorsMap) if err != nil { - return authenticators, err + return nil, err } updateFields := "" @@ -116,7 +116,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.Authenticators, updateFields, authenticators.ID) err = p.db.Query(query).Exec() if err != nil { - return authenticators, err + return nil, err } return authenticators, nil diff --git a/server/db/providers/cassandradb/env.go b/server/db/providers/cassandradb/env.go index 636f9f4ef..627403dcc 100644 --- a/server/db/providers/cassandradb/env.go +++ b/server/db/providers/cassandradb/env.go @@ -20,7 +20,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er insertEnvQuery := fmt.Sprintf("INSERT INTO %s (id, env, hash, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.Env, env.ID, env.EnvData, env.Hash, env.CreatedAt, env.UpdatedAt) err := p.db.Query(insertEnvQuery).Exec() if err != nil { - return env, err + return nil, err } return env, nil @@ -32,7 +32,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, updateEnvQuery := fmt.Sprintf("UPDATE %s SET env = '%s', updated_at = %d WHERE id = '%s'", KeySpace+"."+models.Collections.Env, env.EnvData, env.UpdatedAt, env.ID) err := p.db.Query(updateEnvQuery).Exec() if err != nil { - return env, err + return nil, err } return env, nil } diff --git a/server/db/providers/cassandradb/user.go b/server/db/providers/cassandradb/user.go index dc5d6dedf..7fb252981 100644 --- a/server/db/providers/cassandradb/user.go +++ b/server/db/providers/cassandradb/user.go @@ -26,7 +26,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User if user.Roles == "" { defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) if err != nil { - return user, err + return nil, err } user.Roles = defaultRoles } @@ -46,7 +46,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User bytes, err := json.Marshal(user) if err != nil { - return user, err + return nil, err } // use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling @@ -55,7 +55,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User userMap := map[string]interface{}{} err = decoder.Decode(&userMap) if err != nil { - return user, err + return nil, err } fields := "(" @@ -84,7 +84,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User err = p.db.Query(query).Exec() if err != nil { - return user, err + return nil, err } return user, nil @@ -96,7 +96,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U bytes, err := json.Marshal(user) if err != nil { - return user, err + return nil, err } // use decoder instead of json.Unmarshall, because it converts int64 -> float64 after unmarshalling decoder := json.NewDecoder(strings.NewReader(string(bytes))) @@ -104,7 +104,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U userMap := map[string]interface{}{} err = decoder.Decode(&userMap) if err != nil { - return user, err + return nil, err } updateFields := "" @@ -135,7 +135,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.User, updateFields, user.ID) err = p.db.Query(query).Exec() if err != nil { - return user, err + return nil, err } return user, nil diff --git a/server/db/providers/cassandradb/verification_requests.go b/server/db/providers/cassandradb/verification_requests.go index aa8e66d80..e741c5dd8 100644 --- a/server/db/providers/cassandradb/verification_requests.go +++ b/server/db/providers/cassandradb/verification_requests.go @@ -23,7 +23,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque query := fmt.Sprintf("INSERT INTO %s (id, jwt_token, identifier, expires_at, email, nonce, redirect_uri, created_at, updated_at) VALUES ('%s', '%s', '%s', %d, '%s', '%s', '%s', %d, %d)", KeySpace+"."+models.Collections.VerificationRequest, verificationRequest.ID, verificationRequest.Token, verificationRequest.Identifier, verificationRequest.ExpiresAt, verificationRequest.Email, verificationRequest.Nonce, verificationRequest.RedirectURI, verificationRequest.CreatedAt, verificationRequest.UpdatedAt) err := p.db.Query(query).Exec() if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil } diff --git a/server/db/providers/couchbase/authenticator.go b/server/db/providers/couchbase/authenticator.go index e98126458..dc81cb9da 100644 --- a/server/db/providers/couchbase/authenticator.go +++ b/server/db/providers/couchbase/authenticator.go @@ -30,7 +30,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models. } _, err := p.db.Collection(models.Collections.Authenticators).Insert(authenticators.ID, authenticators, &insertOpt) if err != nil { - return authenticators, err + return nil, err } return authenticators, nil } @@ -71,11 +71,11 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s PositionalParameters: []interface{}{userId, authenticatorType}, }) if err != nil { - return authenticators, err + return nil, err } err = q.One(&authenticators) if err != nil { - return authenticators, err + return nil, err } return authenticators, nil } diff --git a/server/db/providers/couchbase/env.go b/server/db/providers/couchbase/env.go index 3f2493714..7c08e7f4f 100644 --- a/server/db/providers/couchbase/env.go +++ b/server/db/providers/couchbase/env.go @@ -24,7 +24,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er } _, err := p.db.Collection(models.Collections.Env).Insert(env.ID, env, &insertOpt) if err != nil { - return env, err + return nil, err } return env, nil } @@ -40,7 +40,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, PositionalParameters: []interface{}{env.EnvData, env.UpdatedAt, env.UpdatedAt, env.ID}, }) if err != nil { - return env, err + return nil, err } return env, nil } @@ -55,11 +55,11 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) { ScanConsistency: gocb.QueryScanConsistencyRequestPlus, }) if err != nil { - return env, err + return nil, err } err = q.One(&env) if err != nil { - return env, err + return nil, err } env.Hash = env.EncryptionKey return env, nil diff --git a/server/db/providers/couchbase/otp.go b/server/db/providers/couchbase/otp.go index 1fe653242..2980b94e0 100644 --- a/server/db/providers/couchbase/otp.go +++ b/server/db/providers/couchbase/otp.go @@ -50,7 +50,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models } _, err := p.db.Collection(models.Collections.OTP).Insert(otp.ID, otp, &insertOpt) if err != nil { - return otp, err + return nil, err } } else { query := fmt.Sprintf(`UPDATE %s.%s SET otp=$1, expires_at=$2, updated_at=$3 WHERE _id=$4`, p.scopeName, models.Collections.OTP) @@ -58,7 +58,7 @@ func (p *provider) UpsertOTP(ctx context.Context, otpParam *models.OTP) (*models PositionalParameters: []interface{}{otp.Otp, otp.ExpiresAt, otp.UpdatedAt, otp.ID}, }) if err != nil { - return otp, err + return nil, err } } return otp, nil diff --git a/server/db/providers/couchbase/provider.go b/server/db/providers/couchbase/provider.go index 723e47ab8..7eef85da0 100644 --- a/server/db/providers/couchbase/provider.go +++ b/server/db/providers/couchbase/provider.go @@ -127,7 +127,7 @@ func CreateBucketAndScope(cluster *gocb.Cluster, bucketName string, scopeName st if scopeName != defaultScope { err = bucket.Collections().CreateScope(scopeName, nil) if err != nil && !errors.Is(err, gocb.ErrScopeExists) { - return bucket, err + return nil, err } } return bucket, nil diff --git a/server/db/providers/couchbase/shared.go b/server/db/providers/couchbase/shared.go index 00a8cfa6a..a97ac6d97 100644 --- a/server/db/providers/couchbase/shared.go +++ b/server/db/providers/couchbase/shared.go @@ -47,7 +47,7 @@ func (p *provider) GetTotalDocs(ctx context.Context, collection string) (int64, }) queryRes.One(&totalDocs) if err != nil { - return totalDocs.Total, err + return 0, err } return totalDocs.Total, nil } diff --git a/server/db/providers/couchbase/user.go b/server/db/providers/couchbase/user.go index b8a66de01..ec80b7d66 100644 --- a/server/db/providers/couchbase/user.go +++ b/server/db/providers/couchbase/user.go @@ -25,7 +25,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User if user.Roles == "" { defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) if err != nil { - return user, err + return nil, err } user.Roles = defaultRoles } @@ -47,7 +47,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User } _, err := p.db.Collection(models.Collections.User).Insert(user.ID, user, &insertOpt) if err != nil { - return user, err + return nil, err } return user, nil } @@ -60,7 +60,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U } _, err := p.db.Collection(models.Collections.User).Upsert(user.ID, user, &upsertOpt) if err != nil { - return user, err + return nil, err } return user, nil } @@ -122,11 +122,11 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us PositionalParameters: []interface{}{email}, }) if err != nil { - return user, err + return nil, err } err = q.One(&user) if err != nil { - return user, err + return nil, err } return user, nil } @@ -141,11 +141,11 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er PositionalParameters: []interface{}{id}, }) if err != nil { - return user, err + return nil, err } err = q.One(&user) if err != nil { - return user, err + return nil, err } return user, nil } @@ -194,11 +194,11 @@ func (p *provider) GetUserByPhoneNumber(ctx context.Context, phoneNumber string) PositionalParameters: []interface{}{phoneNumber}, }) if err != nil { - return user, err + return nil, err } err = q.One(&user) if err != nil { - return user, err + return nil, err } return user, nil } diff --git a/server/db/providers/couchbase/verification_requests.go b/server/db/providers/couchbase/verification_requests.go index 314f69a6a..4448eab74 100644 --- a/server/db/providers/couchbase/verification_requests.go +++ b/server/db/providers/couchbase/verification_requests.go @@ -25,7 +25,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque } _, err := p.db.Collection(models.Collections.VerificationRequest).Insert(verificationRequest.ID, verificationRequest, &insertOpt) if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil } @@ -44,12 +44,12 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri }) if err != nil { - return verificationRequest, err + return nil, err } err = queryResult.One(&verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil } @@ -69,7 +69,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri var verificationRequest *models.VerificationRequest err = queryResult.One(&verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil } diff --git a/server/db/providers/couchbase/webhook.go b/server/db/providers/couchbase/webhook.go index 92b011192..23dea5e9e 100644 --- a/server/db/providers/couchbase/webhook.go +++ b/server/db/providers/couchbase/webhook.go @@ -29,7 +29,7 @@ func (p *provider) AddWebhook(ctx context.Context, webhook *models.Webhook) (*mo } _, err := p.db.Collection(models.Collections.Webhook).Insert(webhook.ID, webhook, &insertOpt) if err != nil { - return webhook.AsAPIWebhook(), err + return nil, err } return webhook.AsAPIWebhook(), nil } diff --git a/server/db/providers/couchbase/webhook_log.go b/server/db/providers/couchbase/webhook_log.go index 0482394c8..fb1d08a92 100644 --- a/server/db/providers/couchbase/webhook_log.go +++ b/server/db/providers/couchbase/webhook_log.go @@ -25,7 +25,7 @@ func (p *provider) AddWebhookLog(ctx context.Context, webhookLog *models.Webhook } _, err := p.db.Collection(models.Collections.WebhookLog).Insert(webhookLog.ID, webhookLog, &insertOpt) if err != nil { - return webhookLog.AsAPIWebhookLog(), err + return nil, err } return webhookLog.AsAPIWebhookLog(), nil } diff --git a/server/db/providers/dynamodb/authenticator.go b/server/db/providers/dynamodb/authenticator.go index 9fd5b5e7f..56ffea156 100644 --- a/server/db/providers/dynamodb/authenticator.go +++ b/server/db/providers/dynamodb/authenticator.go @@ -24,7 +24,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models. authenticators.UpdatedAt = time.Now().Unix() err := collection.Put(authenticators).RunWithContext(ctx) if err != nil { - return authenticators, err + return nil, err } return authenticators, nil } @@ -35,7 +35,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode authenticators.UpdatedAt = time.Now().Unix() err := UpdateByHashKey(collection, "id", authenticators.ID, authenticators) if err != nil { - return authenticators, err + return nil, err } } return authenticators, nil @@ -51,7 +51,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s } err := iter.Err() if err != nil { - return authenticators, err + return nil, err } return authenticators, nil } diff --git a/server/db/providers/dynamodb/env.go b/server/db/providers/dynamodb/env.go index 0b356f782..2c788a799 100644 --- a/server/db/providers/dynamodb/env.go +++ b/server/db/providers/dynamodb/env.go @@ -21,7 +21,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er env.UpdatedAt = time.Now().Unix() err := collection.Put(env).RunWithContext(ctx) if err != nil { - return env, err + return nil, err } return env, nil } @@ -32,7 +32,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, env.UpdatedAt = time.Now().Unix() err := UpdateByHashKey(collection, "id", env.ID, env) if err != nil { - return env, err + return nil, err } return env, nil } @@ -45,7 +45,7 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) { iter := collection.Scan().Limit(1).Iter() for iter.NextWithContext(ctx, &env) { if env == nil { - return env, errors.New("no documets found") + return nil, errors.New("no documets found") } else { return env, nil } diff --git a/server/db/providers/dynamodb/user.go b/server/db/providers/dynamodb/user.go index a3713b650..faa5badb4 100644 --- a/server/db/providers/dynamodb/user.go +++ b/server/db/providers/dynamodb/user.go @@ -26,7 +26,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User if user.Roles == "" { defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) if err != nil { - return user, err + return nil, err } user.Roles = defaultRoles } @@ -43,7 +43,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User user.UpdatedAt = time.Now().Unix() err := collection.Put(user).RunWithContext(ctx) if err != nil { - return user, err + return nil, err } return user, nil } @@ -55,7 +55,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U user.UpdatedAt = time.Now().Unix() err := UpdateByHashKey(collection, "id", user.ID, user) if err != nil { - return user, err + return nil, err } } return user, nil @@ -126,7 +126,7 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us user = users[0] return user, nil } else { - return user, errors.New("no record found") + return nil, errors.New("no record found") } } @@ -137,7 +137,7 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er err := collection.Get("id", id).OneWithContext(ctx, &user) if err != nil { if refs.StringValue(user.Email) == "" { - return user, errors.New("no documets found") + return nil, errors.New("no documets found") } else { return user, nil } diff --git a/server/db/providers/dynamodb/verification_requests.go b/server/db/providers/dynamodb/verification_requests.go index 5fdf07897..32bceb28d 100644 --- a/server/db/providers/dynamodb/verification_requests.go +++ b/server/db/providers/dynamodb/verification_requests.go @@ -19,7 +19,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque verificationRequest.UpdatedAt = time.Now().Unix() err := collection.Put(verificationRequest).RunWithContext(ctx) if err != nil { - return verificationRequest, err + return nil, err } } return verificationRequest, nil @@ -35,7 +35,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri } err := iter.Err() if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil } @@ -50,7 +50,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri } err := iter.Err() if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil } diff --git a/server/db/providers/dynamodb/webhook.go b/server/db/providers/dynamodb/webhook.go index c50e1fb2d..ca47b71d3 100644 --- a/server/db/providers/dynamodb/webhook.go +++ b/server/db/providers/dynamodb/webhook.go @@ -91,7 +91,7 @@ func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model return nil, err } if webhook.ID == "" { - return webhook.AsAPIWebhook(), errors.New("no documets found") + return nil, errors.New("no documets found") } return webhook.AsAPIWebhook(), nil } diff --git a/server/db/providers/mongodb/authenticator.go b/server/db/providers/mongodb/authenticator.go index f2d401f57..7dae455b0 100644 --- a/server/db/providers/mongodb/authenticator.go +++ b/server/db/providers/mongodb/authenticator.go @@ -26,7 +26,7 @@ func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models. authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection()) _, err := authenticatorsCollection.InsertOne(ctx, authenticators) if err != nil { - return authenticators, err + return nil, err } return authenticators, nil } @@ -36,7 +36,7 @@ func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *mode authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection()) _, err := authenticatorsCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": authenticators.ID}}, bson.M{"$set": authenticators}) if err != nil { - return authenticators, err + return nil, err } return authenticators, nil } @@ -46,7 +46,7 @@ func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId s authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection()) err := authenticatorsCollection.FindOne(ctx, bson.M{"user_id": userId, "method": authenticatorType}).Decode(&authenticators) if err != nil { - return authenticators, err + return nil, err } return authenticators, nil } diff --git a/server/db/providers/mongodb/env.go b/server/db/providers/mongodb/env.go index b7256126f..f88163a5e 100644 --- a/server/db/providers/mongodb/env.go +++ b/server/db/providers/mongodb/env.go @@ -22,7 +22,7 @@ func (p *provider) AddEnv(ctx context.Context, env *models.Env) (*models.Env, er configCollection := p.db.Collection(models.Collections.Env, options.Collection()) _, err := configCollection.InsertOne(ctx, env) if err != nil { - return env, err + return nil, err } return env, nil } @@ -33,7 +33,7 @@ func (p *provider) UpdateEnv(ctx context.Context, env *models.Env) (*models.Env, configCollection := p.db.Collection(models.Collections.Env, options.Collection()) _, err := configCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": env.ID}}, bson.M{"$set": env}, options.MergeUpdateOptions()) if err != nil { - return env, err + return nil, err } return env, nil } @@ -44,13 +44,13 @@ func (p *provider) GetEnv(ctx context.Context) (*models.Env, error) { configCollection := p.db.Collection(models.Collections.Env, options.Collection()) cursor, err := configCollection.Find(ctx, bson.M{}, options.Find()) if err != nil { - return env, err + return nil, err } defer cursor.Close(ctx) for cursor.Next(nil) { err := cursor.Decode(&env) if err != nil { - return env, err + return nil, err } } if env == nil { diff --git a/server/db/providers/mongodb/user.go b/server/db/providers/mongodb/user.go index 9c5fbdab0..776c4fc97 100644 --- a/server/db/providers/mongodb/user.go +++ b/server/db/providers/mongodb/user.go @@ -26,7 +26,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User if user.Roles == "" { defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) if err != nil { - return user, err + return nil, err } user.Roles = defaultRoles } @@ -45,7 +45,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User userCollection := p.db.Collection(models.Collections.User, options.Collection()) _, err := userCollection.InsertOne(ctx, user) if err != nil { - return user, err + return nil, err } return user, nil } @@ -56,7 +56,7 @@ func (p *provider) UpdateUser(ctx context.Context, user *models.User) (*models.U userCollection := p.db.Collection(models.Collections.User, options.Collection()) _, err := userCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": user.ID}}, bson.M{"$set": user}, options.MergeUpdateOptions()) if err != nil { - return user, err + return nil, err } return user, nil } @@ -115,7 +115,7 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us userCollection := p.db.Collection(models.Collections.User, options.Collection()) err := userCollection.FindOne(ctx, bson.M{"email": email}).Decode(&user) if err != nil { - return user, err + return nil, err } return user, nil } @@ -126,7 +126,7 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er userCollection := p.db.Collection(models.Collections.User, options.Collection()) err := userCollection.FindOne(ctx, bson.M{"_id": id}).Decode(&user) if err != nil { - return user, err + return nil, err } return user, nil } diff --git a/server/db/providers/mongodb/verification_requests.go b/server/db/providers/mongodb/verification_requests.go index 532d8c8a8..a4088f1eb 100644 --- a/server/db/providers/mongodb/verification_requests.go +++ b/server/db/providers/mongodb/verification_requests.go @@ -22,7 +22,7 @@ func (p *provider) AddVerificationRequest(ctx context.Context, verificationReque verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection()) _, err := verificationRequestCollection.InsertOne(ctx, verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } } @@ -36,7 +36,7 @@ func (p *provider) GetVerificationRequestByToken(ctx context.Context, token stri verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection()) err := verificationRequestCollection.FindOne(ctx, bson.M{"token": token}).Decode(&verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil @@ -49,7 +49,7 @@ func (p *provider) GetVerificationRequestByEmail(ctx context.Context, email stri verificationRequestCollection := p.db.Collection(models.Collections.VerificationRequest, options.Collection()) err := verificationRequestCollection.FindOne(ctx, bson.M{"email": email, "identifier": identifier}).Decode(&verificationRequest) if err != nil { - return verificationRequest, err + return nil, err } return verificationRequest, nil diff --git a/server/db/providers/provider_template/user.go b/server/db/providers/provider_template/user.go index dc201434d..b84aa6316 100644 --- a/server/db/providers/provider_template/user.go +++ b/server/db/providers/provider_template/user.go @@ -22,7 +22,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User if user.Roles == "" { defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) if err != nil { - return user, err + return nil, err } user.Roles = defaultRoles } diff --git a/server/db/providers/sql/user.go b/server/db/providers/sql/user.go index 3fec79b9c..e0b61fe3d 100644 --- a/server/db/providers/sql/user.go +++ b/server/db/providers/sql/user.go @@ -24,7 +24,7 @@ func (p *provider) AddUser(ctx context.Context, user *models.User) (*models.User if user.Roles == "" { defaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles) if err != nil { - return user, err + return nil, err } user.Roles = defaultRoles } @@ -112,7 +112,7 @@ func (p *provider) GetUserByEmail(ctx context.Context, email string) (*models.Us var user *models.User result := p.db.Where("email = ?", email).First(&user) if result.Error != nil { - return user, result.Error + return nil, result.Error } return user, nil } @@ -122,7 +122,7 @@ func (p *provider) GetUserByID(ctx context.Context, id string) (*models.User, er var user *models.User result := p.db.Where("id = ?", id).First(&user) if result.Error != nil { - return user, result.Error + return nil, result.Error } return user, nil } diff --git a/server/email/email_verification.go b/server/email/email_verification.go index 51a99bcf3..7a3de2557 100644 --- a/server/email/email_verification.go +++ b/server/email/email_verification.go @@ -53,13 +53,13 @@ const ( - + diff --git a/server/graph/generated/generated.go b/server/graph/generated/generated.go index b10dd49c6..c0fb1bd4d 100644 --- a/server/graph/generated/generated.go +++ b/server/graph/generated/generated.go @@ -103,6 +103,7 @@ type ComplexityRoot struct { DisableLoginPage func(childComplexity int) int DisableMagicLinkLogin func(childComplexity int) int DisableMailOtpLogin func(childComplexity int) int + DisableMobileBasicAuthentication func(childComplexity int) int DisableMultiFactorAuthentication func(childComplexity int) int DisablePlayground func(childComplexity int) int DisableRedisForEnv func(childComplexity int) int @@ -753,6 +754,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in return e.complexity.Env.DisableMailOtpLogin(childComplexity), true + case "Env.DISABLE_MOBILE_BASIC_AUTHENTICATION": + if e.complexity.Env.DisableMobileBasicAuthentication == nil { + break + } + + return e.complexity.Env.DisableMobileBasicAuthentication(childComplexity), true + case "Env.DISABLE_MULTI_FACTOR_AUTHENTICATION": if e.complexity.Env.DisableMultiFactorAuthentication == nil { break @@ -2543,6 +2551,7 @@ type Env { RESET_PASSWORD_URL: String DISABLE_EMAIL_VERIFICATION: Boolean! DISABLE_BASIC_AUTHENTICATION: Boolean! + DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean! DISABLE_MAGIC_LINK_LOGIN: Boolean! DISABLE_LOGIN_PAGE: Boolean! DISABLE_SIGN_UP: Boolean! @@ -2674,6 +2683,7 @@ input UpdateEnvInput { ADMIN_COOKIE_SECURE: Boolean DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean + DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean DISABLE_LOGIN_PAGE: Boolean DISABLE_SIGN_UP: Boolean @@ -5850,6 +5860,50 @@ func (ec *executionContext) fieldContext_Env_DISABLE_BASIC_AUTHENTICATION(ctx co return fc, nil } +func (ec *executionContext) _Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx, field) + if err != nil { + return graphql.Null + } + ctx = graphql.WithFieldContext(ctx, fc) + defer func() { + if r := recover(); r != nil { + ec.Error(ctx, ec.Recover(ctx, r)) + ret = graphql.Null + } + }() + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + ctx = rctx // use context from middleware stack in children + return obj.DisableMobileBasicAuthentication, nil + }) + if err != nil { + ec.Error(ctx, err) + return graphql.Null + } + if resTmp == nil { + if !graphql.HasFieldError(ctx, fc) { + ec.Errorf(ctx, "must not be null") + } + return graphql.Null + } + res := resTmp.(bool) + fc.Result = res + return ec.marshalNBoolean2bool(ctx, field.Selections, res) +} + +func (ec *executionContext) fieldContext_Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { + fc = &graphql.FieldContext{ + Object: "Env", + Field: field, + IsMethod: false, + IsResolver: false, + Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { + return nil, errors.New("field of type Boolean does not have child fields") + }, + } + return fc, nil +} + func (ec *executionContext) _Env_DISABLE_MAGIC_LINK_LOGIN(ctx context.Context, field graphql.CollectedField, obj *model.Env) (ret graphql.Marshaler) { fc, err := ec.fieldContext_Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field) if err != nil { @@ -11695,6 +11749,8 @@ func (ec *executionContext) fieldContext_Query__env(ctx context.Context, field g return ec.fieldContext_Env_DISABLE_EMAIL_VERIFICATION(ctx, field) case "DISABLE_BASIC_AUTHENTICATION": return ec.fieldContext_Env_DISABLE_BASIC_AUTHENTICATION(ctx, field) + case "DISABLE_MOBILE_BASIC_AUTHENTICATION": + return ec.fieldContext_Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx, field) case "DISABLE_MAGIC_LINK_LOGIN": return ec.fieldContext_Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field) case "DISABLE_LOGIN_PAGE": @@ -18289,7 +18345,7 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob asMap[k] = v } - fieldsInOrder := [...]string{"ACCESS_TOKEN_EXPIRY_TIME", "ADMIN_SECRET", "CUSTOM_ACCESS_TOKEN_SCRIPT", "OLD_ADMIN_SECRET", "SMTP_HOST", "SMTP_PORT", "SMTP_USERNAME", "SMTP_PASSWORD", "SMTP_LOCAL_NAME", "SENDER_EMAIL", "SENDER_NAME", "JWT_TYPE", "JWT_SECRET", "JWT_PRIVATE_KEY", "JWT_PUBLIC_KEY", "ALLOWED_ORIGINS", "APP_URL", "RESET_PASSWORD_URL", "APP_COOKIE_SECURE", "ADMIN_COOKIE_SECURE", "DISABLE_EMAIL_VERIFICATION", "DISABLE_BASIC_AUTHENTICATION", "DISABLE_MAGIC_LINK_LOGIN", "DISABLE_LOGIN_PAGE", "DISABLE_SIGN_UP", "DISABLE_REDIS_FOR_ENV", "DISABLE_STRONG_PASSWORD", "DISABLE_MULTI_FACTOR_AUTHENTICATION", "ENFORCE_MULTI_FACTOR_AUTHENTICATION", "ROLES", "PROTECTED_ROLES", "DEFAULT_ROLES", "JWT_ROLE_CLAIM", "GOOGLE_CLIENT_ID", "GOOGLE_CLIENT_SECRET", "GITHUB_CLIENT_ID", "GITHUB_CLIENT_SECRET", "FACEBOOK_CLIENT_ID", "FACEBOOK_CLIENT_SECRET", "LINKEDIN_CLIENT_ID", "LINKEDIN_CLIENT_SECRET", "APPLE_CLIENT_ID", "APPLE_CLIENT_SECRET", "DISCORD_CLIENT_ID", "DISCORD_CLIENT_SECRET", "TWITTER_CLIENT_ID", "TWITTER_CLIENT_SECRET", "MICROSOFT_CLIENT_ID", "MICROSOFT_CLIENT_SECRET", "MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID", "TWITCH_CLIENT_ID", "TWITCH_CLIENT_SECRET", "ORGANIZATION_NAME", "ORGANIZATION_LOGO", "DEFAULT_AUTHORIZE_RESPONSE_TYPE", "DEFAULT_AUTHORIZE_RESPONSE_MODE", "DISABLE_PLAYGROUND", "DISABLE_MAIL_OTP_LOGIN", "DISABLE_TOTP_LOGIN"} + fieldsInOrder := [...]string{"ACCESS_TOKEN_EXPIRY_TIME", "ADMIN_SECRET", "CUSTOM_ACCESS_TOKEN_SCRIPT", "OLD_ADMIN_SECRET", "SMTP_HOST", "SMTP_PORT", "SMTP_USERNAME", "SMTP_PASSWORD", "SMTP_LOCAL_NAME", "SENDER_EMAIL", "SENDER_NAME", "JWT_TYPE", "JWT_SECRET", "JWT_PRIVATE_KEY", "JWT_PUBLIC_KEY", "ALLOWED_ORIGINS", "APP_URL", "RESET_PASSWORD_URL", "APP_COOKIE_SECURE", "ADMIN_COOKIE_SECURE", "DISABLE_EMAIL_VERIFICATION", "DISABLE_BASIC_AUTHENTICATION", "DISABLE_MOBILE_BASIC_AUTHENTICATION", "DISABLE_MAGIC_LINK_LOGIN", "DISABLE_LOGIN_PAGE", "DISABLE_SIGN_UP", "DISABLE_REDIS_FOR_ENV", "DISABLE_STRONG_PASSWORD", "DISABLE_MULTI_FACTOR_AUTHENTICATION", "ENFORCE_MULTI_FACTOR_AUTHENTICATION", "ROLES", "PROTECTED_ROLES", "DEFAULT_ROLES", "JWT_ROLE_CLAIM", "GOOGLE_CLIENT_ID", "GOOGLE_CLIENT_SECRET", "GITHUB_CLIENT_ID", "GITHUB_CLIENT_SECRET", "FACEBOOK_CLIENT_ID", "FACEBOOK_CLIENT_SECRET", "LINKEDIN_CLIENT_ID", "LINKEDIN_CLIENT_SECRET", "APPLE_CLIENT_ID", "APPLE_CLIENT_SECRET", "DISCORD_CLIENT_ID", "DISCORD_CLIENT_SECRET", "TWITTER_CLIENT_ID", "TWITTER_CLIENT_SECRET", "MICROSOFT_CLIENT_ID", "MICROSOFT_CLIENT_SECRET", "MICROSOFT_ACTIVE_DIRECTORY_TENANT_ID", "TWITCH_CLIENT_ID", "TWITCH_CLIENT_SECRET", "ORGANIZATION_NAME", "ORGANIZATION_LOGO", "DEFAULT_AUTHORIZE_RESPONSE_TYPE", "DEFAULT_AUTHORIZE_RESPONSE_MODE", "DISABLE_PLAYGROUND", "DISABLE_MAIL_OTP_LOGIN", "DISABLE_TOTP_LOGIN"} for _, k := range fieldsInOrder { v, ok := asMap[k] if !ok { @@ -18494,6 +18550,15 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob return it, err } it.DisableBasicAuthentication = data + case "DISABLE_MOBILE_BASIC_AUTHENTICATION": + var err error + + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("DISABLE_MOBILE_BASIC_AUTHENTICATION")) + data, err := ec.unmarshalOBoolean2áš–bool(ctx, v) + if err != nil { + return it, err + } + it.DisableMobileBasicAuthentication = data case "DISABLE_MAGIC_LINK_LOGIN": var err error @@ -19682,6 +19747,11 @@ func (ec *executionContext) _Env(ctx context.Context, sel ast.SelectionSet, obj if out.Values[i] == graphql.Null { out.Invalids++ } + case "DISABLE_MOBILE_BASIC_AUTHENTICATION": + out.Values[i] = ec._Env_DISABLE_MOBILE_BASIC_AUTHENTICATION(ctx, field, obj) + if out.Values[i] == graphql.Null { + out.Invalids++ + } case "DISABLE_MAGIC_LINK_LOGIN": out.Values[i] = ec._Env_DISABLE_MAGIC_LINK_LOGIN(ctx, field, obj) if out.Values[i] == graphql.Null { diff --git a/server/graph/model/models_gen.go b/server/graph/model/models_gen.go index d81d84c2c..4f23faff3 100644 --- a/server/graph/model/models_gen.go +++ b/server/graph/model/models_gen.go @@ -93,6 +93,7 @@ type Env struct { ResetPasswordURL *string `json:"RESET_PASSWORD_URL,omitempty"` DisableEmailVerification bool `json:"DISABLE_EMAIL_VERIFICATION"` DisableBasicAuthentication bool `json:"DISABLE_BASIC_AUTHENTICATION"` + DisableMobileBasicAuthentication bool `json:"DISABLE_MOBILE_BASIC_AUTHENTICATION"` DisableMagicLinkLogin bool `json:"DISABLE_MAGIC_LINK_LOGIN"` DisableLoginPage bool `json:"DISABLE_LOGIN_PAGE"` DisableSignUp bool `json:"DISABLE_SIGN_UP"` @@ -373,6 +374,7 @@ type UpdateEnvInput struct { AdminCookieSecure *bool `json:"ADMIN_COOKIE_SECURE,omitempty"` DisableEmailVerification *bool `json:"DISABLE_EMAIL_VERIFICATION,omitempty"` DisableBasicAuthentication *bool `json:"DISABLE_BASIC_AUTHENTICATION,omitempty"` + DisableMobileBasicAuthentication *bool `json:"DISABLE_MOBILE_BASIC_AUTHENTICATION,omitempty"` DisableMagicLinkLogin *bool `json:"DISABLE_MAGIC_LINK_LOGIN,omitempty"` DisableLoginPage *bool `json:"DISABLE_LOGIN_PAGE,omitempty"` DisableSignUp *bool `json:"DISABLE_SIGN_UP,omitempty"` diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls index a4dfea506..10cb56b37 100644 --- a/server/graph/schema.graphqls +++ b/server/graph/schema.graphqls @@ -158,6 +158,7 @@ type Env { RESET_PASSWORD_URL: String DISABLE_EMAIL_VERIFICATION: Boolean! DISABLE_BASIC_AUTHENTICATION: Boolean! + DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean! DISABLE_MAGIC_LINK_LOGIN: Boolean! DISABLE_LOGIN_PAGE: Boolean! DISABLE_SIGN_UP: Boolean! @@ -289,6 +290,7 @@ input UpdateEnvInput { ADMIN_COOKIE_SECURE: Boolean DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean + DISABLE_MOBILE_BASIC_AUTHENTICATION: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean DISABLE_LOGIN_PAGE: Boolean DISABLE_SIGN_UP: Boolean diff --git a/server/handlers/oauth_callback.go b/server/handlers/oauth_callback.go index 280b28d42..2a947d68f 100644 --- a/server/handlers/oauth_callback.go +++ b/server/handlers/oauth_callback.go @@ -617,7 +617,7 @@ func processAppleUserInfo(ctx context.Context, code string) (*models.User, error } } - return user, err + return nil, err } func processDiscordUserInfo(ctx context.Context, code string) (*models.User, error) { diff --git a/server/handlers/revoke_refresh_token.go b/server/handlers/revoke_refresh_token.go index 632df2d0e..366efd72c 100644 --- a/server/handlers/revoke_refresh_token.go +++ b/server/handlers/revoke_refresh_token.go @@ -24,9 +24,13 @@ func RevokeRefreshTokenHandler() gin.HandlerFunc { }) return } + // get client ID + clientID := strings.TrimSpace(reqBody["client_id"]) // kept for backward compatibility // else we expect to be present as header + if clientID == "" { + clientID = gc.Request.Header.Get("x-authorizer-client-id") + } // get fingerprint hash refreshToken := strings.TrimSpace(reqBody["refresh_token"]) - clientID := strings.TrimSpace(reqBody["client_id"]) if clientID == "" { log.Debug("Client ID is empty") diff --git a/server/middlewares/client_check.go b/server/middlewares/client_check.go new file mode 100644 index 000000000..269a07570 --- /dev/null +++ b/server/middlewares/client_check.go @@ -0,0 +1,29 @@ +package middlewares + +import ( + "net/http" + + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + + "github.com/authorizerdev/authorizer/server/constants" + "github.com/authorizerdev/authorizer/server/memorystore" +) + +// ClientCheckMiddleware is a middleware to verify the client ID +// Note: client ID is passed in the header +func ClientCheckMiddleware() gin.HandlerFunc { + return func(c *gin.Context) { + clientID := c.Request.Header.Get("X-Authorizer-Client-ID") + if client, _ := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); clientID != "" && client != "" && client != clientID { + log.Debug("Client ID is invalid: ", clientID) + c.JSON(http.StatusBadRequest, gin.H{ + "error": "invalid_client_id", + "error_description": "The client id is invalid", + }) + return + } + + c.Next() + } +} diff --git a/server/middlewares/cors.go b/server/middlewares/cors.go index 2c9c5d144..514bf2aa5 100644 --- a/server/middlewares/cors.go +++ b/server/middlewares/cors.go @@ -14,7 +14,7 @@ func CORSMiddleware() gin.HandlerFunc { } c.Writer.Header().Set("Access-Control-Allow-Credentials", "true") - c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-authorizer-url") + c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-authorizer-url, X-Forwarded-Proto, X-authorizer-client-id") c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT") if c.Request.Method == "OPTIONS" { diff --git a/server/resolvers/env.go b/server/resolvers/env.go index 198f718ba..541484bf6 100644 --- a/server/resolvers/env.go +++ b/server/resolvers/env.go @@ -205,6 +205,7 @@ func EnvResolver(ctx context.Context) (*model.Env, error) { // bool vars res.DisableEmailVerification = store[constants.EnvKeyDisableEmailVerification].(bool) res.DisableBasicAuthentication = store[constants.EnvKeyDisableBasicAuthentication].(bool) + res.DisableMobileBasicAuthentication = store[constants.EnvKeyDisableMobileBasicAuthentication].(bool) res.DisableMagicLinkLogin = store[constants.EnvKeyDisableMagicLinkLogin].(bool) res.DisableLoginPage = store[constants.EnvKeyDisableLoginPage].(bool) res.DisableSignUp = store[constants.EnvKeyDisableSignUp].(bool) diff --git a/server/routes/routes.go b/server/routes/routes.go index fd8bf23da..0f25a0288 100644 --- a/server/routes/routes.go +++ b/server/routes/routes.go @@ -16,6 +16,7 @@ func InitRouter(log *logrus.Logger) *gin.Engine { router.Use(middlewares.Logger(log), gin.Recovery()) router.Use(middlewares.GinContextToContextMiddleware()) router.Use(middlewares.CORSMiddleware()) + router.Use(middlewares.ClientCheckMiddleware()) router.GET("/", handlers.RootHandler()) router.GET("/health", handlers.HealthHandler()) diff --git a/server/test/login_test.go b/server/test/login_test.go index 6855b9490..83b68b791 100644 --- a/server/test/login_test.go +++ b/server/test/login_test.go @@ -28,9 +28,11 @@ func loginTests(t *testing.T, s TestSetup) { Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) - - assert.NotNil(t, err, "should fail because email is not verified") - assert.Nil(t, res) + // access token should be empty as email is not verified + assert.NoError(t, err) + assert.NotNil(t, res) + assert.Nil(t, res.AccessToken) + assert.NotEmpty(t, res.Message) verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup) assert.NoError(t, err) assert.NotNil(t, verificationRequest) diff --git a/server/test/mobile_login_test.go b/server/test/mobile_login_test.go index d1ca1821b..fa0d5de3b 100644 --- a/server/test/mobile_login_test.go +++ b/server/test/mobile_login_test.go @@ -33,8 +33,12 @@ func mobileLoginTests(t *testing.T, s TestSetup) { PhoneNumber: refs.NewStringRef(phoneNumber), Password: s.TestInfo.Password, }) - assert.NotNil(t, err, "should fail because phone is not verified") - assert.Nil(t, res) + // access token should be empty as email is not verified + assert.NoError(t, err) + assert.NotNil(t, res) + assert.Nil(t, res.AccessToken) + assert.NotEmpty(t, res.Message) + assert.True(t, *res.ShouldShowMobileOtpScreen) smsRequest, err := db.Provider.GetOTPByPhoneNumber(ctx, phoneNumber) assert.NoError(t, err) assert.NotEmpty(t, smsRequest.Otp) diff --git a/server/test/resend_otp_test.go b/server/test/resend_otp_test.go index 353e91622..20b169587 100644 --- a/server/test/resend_otp_test.go +++ b/server/test/resend_otp_test.go @@ -35,8 +35,11 @@ func resendOTPTest(t *testing.T, s TestSetup) { Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) - assert.Error(t, err) - assert.Nil(t, loginRes) + // access token should be empty as email is not verified + assert.NoError(t, err) + assert.NotNil(t, loginRes) + assert.Nil(t, loginRes.AccessToken) + assert.NotEmpty(t, loginRes.Message) verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup) assert.Nil(t, err) assert.Equal(t, email, verificationRequest.Email) @@ -57,13 +60,6 @@ func resendOTPTest(t *testing.T, s TestSetup) { memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableMailOTPLogin, false) memorystore.Provider.UpdateEnvVariable(constants.EnvKeyDisableTOTPLogin, true) - // Resend otp should return error as no initial opt is being sent - resendOtpRes, err := resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{ - Email: refs.NewStringRef(email), - }) - assert.Error(t, err) - assert.Nil(t, resendOtpRes) - // Login should not return error but access token should be empty as otp should have been sent loginRes, err = resolvers.LoginResolver(ctx, model.LoginInput{ Email: refs.NewStringRef(email), @@ -79,7 +75,7 @@ func resendOTPTest(t *testing.T, s TestSetup) { assert.NotEmpty(t, otp.Otp) // resend otp - resendOtpRes, err = resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{ + resendOtpRes, err := resolvers.ResendOTPResolver(ctx, model.ResendOTPRequest{ Email: refs.NewStringRef(email), }) assert.NoError(t, err) diff --git a/server/test/totp_login_test.go b/server/test/totp_login_test.go index 8eef7953c..3b9321ef7 100644 --- a/server/test/totp_login_test.go +++ b/server/test/totp_login_test.go @@ -42,8 +42,11 @@ func totpLoginTest(t *testing.T, s TestSetup) { Email: &email, Password: s.TestInfo.Password, }) - assert.Error(t, err) - assert.Nil(t, loginRes) + // access token should be empty as email is not verified + assert.NoError(t, err) + assert.NotNil(t, loginRes) + assert.Nil(t, loginRes.AccessToken) + assert.NotEmpty(t, loginRes.Message) verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup) assert.Nil(t, err) assert.Equal(t, email, verificationRequest.Email) diff --git a/server/test/verify_otp_test.go b/server/test/verify_otp_test.go index c96593272..917505ef7 100644 --- a/server/test/verify_otp_test.go +++ b/server/test/verify_otp_test.go @@ -47,8 +47,10 @@ func verifyOTPTest(t *testing.T, s TestSetup) { Email: refs.NewStringRef(email), Password: s.TestInfo.Password, }) - assert.NotNil(t, err, "email is not verified") - assert.Nil(t, loginRes) + assert.NoError(t, err) + assert.NotNil(t, loginRes) + assert.Nil(t, loginRes.AccessToken) + assert.NotEmpty(t, loginRes.Message) // Verify the email verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
iconicon

Hey there 👋

-

We have received request to verify email for {{.org_name}}. If this is correct, please confirm your email address by clicking the button below.


+

We have received request to verify email for {{.organization.name}}. If this is correct, please confirm your email address by clicking the button below.


Confirm Email