diff --git a/api/v1/auth/auth.go b/api/v1/auth/auth.go index 9907196..704bc15 100644 --- a/api/v1/auth/auth.go +++ b/api/v1/auth/auth.go @@ -101,7 +101,7 @@ func oauth2URL(c *gin.Context) { Redirect: redirect_uri, } - log.Infof( "model.Auth = %v", data ); + log.Infof("model.Auth = %v", data) c.JSON(http.StatusOK, data) } @@ -317,17 +317,16 @@ func login(c *gin.Context) { if loginVals.Redirect == "com.nettica.agent://callback/agent" { c.Redirect(http.StatusPermanentRedirect, redirect) - return; + return } } // otherwise send a JSON body with the result to the browser. it will do the redirect. - loginVals.Redirect = redirect; + loginVals.Redirect = redirect - c.JSON( http.StatusOK, loginVals ) + c.JSON(http.StatusOK, loginVals) } - func validate(c *gin.Context) { var t model.OAuth2Token if err := c.ShouldBindJSON(&t); err != nil { @@ -453,9 +452,36 @@ func logout(c *gin.Context) { func user(c *gin.Context) { cacheDb := c.MustGet("cache").(*cache.Cache) - oauth2Token, exists := cacheDb.Get(util.GetCleanAuthToken(c)) + token := util.GetCleanAuthToken(c) + oauth2Token, exists := cacheDb.Get(token) + id_token := c.Request.Header.Get("X-OAUTH2-ID-TOKEN") - if exists && oauth2Token.(*oauth2.Token).AccessToken == util.GetCleanAuthToken(c) { + if id_token != "" { + new_token := &oauth2.Token{ + AccessToken: token, + TokenType: "Bearer", + RefreshToken: "", + Expiry: time.Now().Add(time.Hour * 24), + } + m := make(map[string]interface{}) + m["id_token"] = id_token + new_token = new_token.WithExtra(m) + + // check if token is valid + var err error + oauth2Token, err = util.ValidateToken(new_token.AccessToken) + if err != nil { + log.WithFields(log.Fields{ + "err": err, + "token": oauth2Token, + }).Error("failed to get token info") + c.AbortWithStatus(http.StatusUnauthorized) + return + } + oauth2Token = new_token + } + + if id_token != "" || (exists && oauth2Token.(*oauth2.Token).AccessToken == util.GetCleanAuthToken(c)) { oauth2Client := c.MustGet("oauth2Client").(model.Authentication) user, err := oauth2Client.UserInfo(oauth2Token.(*oauth2.Token)) diff --git a/api/v1/vpn/vpn.go b/api/v1/vpn/vpn.go index d0c7a2d..a0c1ee8 100644 --- a/api/v1/vpn/vpn.go +++ b/api/v1/vpn/vpn.go @@ -105,7 +105,7 @@ func createVPN(c *gin.Context) { core.FlushCache(v.DeviceID) // send push notification if appropriate - if push.PushDevices[v.DeviceID] != "" { + if push.PushDevices[v.DeviceID] != "" && v.Enable { err := push.SendPushNotification(push.PushDevices[v.DeviceID], v.NetName+" updated", "The VPN configuration for "+v.NetName+" has been updated") if err != nil { log.WithFields(log.Fields{ @@ -313,7 +313,7 @@ func updateVPN(c *gin.Context) { core.FlushCache(v.DeviceID) // send push notification if appropriate - if push.PushDevices[v.DeviceID] != "" { + if push.PushDevices[v.DeviceID] != "" && v.Enable { err := push.SendPushNotification(push.PushDevices[v.DeviceID], v.NetName+" updated", "The VPN configuration for "+v.NetName+" has been updated") if err != nil { log.WithFields(log.Fields{ @@ -426,7 +426,7 @@ func deleteVPN(c *gin.Context) { core.FlushCache(v.DeviceID) // send push notification if appropriate - if push.PushDevices[v.DeviceID] != "" { + if push.PushDevices[v.DeviceID] != "" && v.Enable { err := push.SendPushNotification(push.PushDevices[v.DeviceID], v.NetName+" updated", "The VPN configuration for "+v.NetName+" has been updated") if err != nil { log.WithFields(log.Fields{ diff --git a/core/device.go b/core/device.go index 7565529..7f7ec39 100644 --- a/core/device.go +++ b/core/device.go @@ -9,6 +9,7 @@ import ( model "github.com/nettica-com/nettica-admin/model" mongo "github.com/nettica-com/nettica-admin/mongo" + "github.com/nettica-com/nettica-admin/push" util "github.com/nettica-com/nettica-admin/util" log "github.com/sirupsen/logrus" ) @@ -160,7 +161,25 @@ func UpdateDevice(Id string, device *model.Device, fUpdated bool) (*model.Device } } - current.Push = device.Push + // current is the old value, device is the new value + if current.Push == "" { + // if the new value is not empty, add it to the push list + if device.Push != "" { + push.PushDevices[device.Id] = device.Push + } + current.Push = device.Push + // here we drop out of the if when both were empty + + } else { + if device.Push != current.Push { + delete(push.PushDevices, current.Id) + if device.Push != "" { + push.PushDevices[device.Id] = device.Push + } + } + current.Push = device.Push + } + current.Enable = device.Enable current.Logging = device.Logging current.Tags = device.Tags