[chore] Move deps to code.superseriousbusiness.org (#4054)

2025-11-02 05:02:24 -06:00 · 2025-04-25 15:15:36 +02:00 · 2025-04-25 15:15:36 +02:00 · ffde1b150f
commit ffde1b150f
parent 68ed7aba25
955 changed files with 1970 additions and 3639 deletions
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/access.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/access.go
@ -0,0 +1,38 @@
+package generates
+
+import (
+	"bytes"
+	"context"
+	"encoding/base64"
+	"strconv"
+	"strings"
+
+	"code.superseriousbusiness.org/oauth2/v4"
+	"github.com/google/uuid"
+)
+
+// NewAccessGenerate create to generate the access token instance
+func NewAccessGenerate() *AccessGenerate {
+	return &AccessGenerate{}
+}
+
+// AccessGenerate generate the access token
+type AccessGenerate struct {
+}
+
+// Token based on the UUID generated token
+func (ag *AccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic, isGenRefresh bool) (string, string, error) {
+	buf := bytes.NewBufferString(data.Client.GetID())
+	buf.WriteString(data.UserID)
+	buf.WriteString(strconv.FormatInt(data.CreateAt.UnixNano(), 10))
+
+	access := base64.URLEncoding.EncodeToString([]byte(uuid.NewMD5(uuid.Must(uuid.NewRandom()), buf.Bytes()).String()))
+	access = strings.ToUpper(strings.TrimRight(access, "="))
+	refresh := ""
+	if isGenRefresh {
+		refresh = base64.URLEncoding.EncodeToString([]byte(uuid.NewSHA1(uuid.Must(uuid.NewRandom()), buf.Bytes()).String()))
+		refresh = strings.ToUpper(strings.TrimRight(refresh, "="))
+	}
+
+	return access, refresh, nil
+}
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/authorize.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/authorize.go
@ -0,0 +1,30 @@
+package generates
+
+import (
+	"bytes"
+	"context"
+	"encoding/base64"
+	"strings"
+
+	"code.superseriousbusiness.org/oauth2/v4"
+	"github.com/google/uuid"
+)
+
+// NewAuthorizeGenerate create to generate the authorize code instance
+func NewAuthorizeGenerate() *AuthorizeGenerate {
+	return &AuthorizeGenerate{}
+}
+
+// AuthorizeGenerate generate the authorize code
+type AuthorizeGenerate struct{}
+
+// Token based on the UUID generated token
+func (ag *AuthorizeGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic) (string, error) {
+	buf := bytes.NewBufferString(data.Client.GetID())
+	buf.WriteString(data.UserID)
+	token := uuid.NewMD5(uuid.Must(uuid.NewRandom()), buf.Bytes())
+	code := base64.URLEncoding.EncodeToString([]byte(token.String()))
+	code = strings.ToUpper(strings.TrimRight(code, "="))
+
+	return code, nil
+}
--- a/vendor/code.superseriousbusiness.org/oauth2/v4/generates/jwt_access.go
+++ b/vendor/code.superseriousbusiness.org/oauth2/v4/generates/jwt_access.go
@ -0,0 +1,104 @@
+package generates
+
+import (
+	"context"
+	"encoding/base64"
+	"strings"
+	"time"
+
+	"code.superseriousbusiness.org/oauth2/v4"
+	"code.superseriousbusiness.org/oauth2/v4/errors"
+	"github.com/golang-jwt/jwt"
+	"github.com/google/uuid"
+)
+
+// JWTAccessClaims jwt claims
+type JWTAccessClaims struct {
+	jwt.StandardClaims
+}
+
+// Valid claims verification
+func (a *JWTAccessClaims) Valid() error {
+	if time.Unix(a.ExpiresAt, 0).Before(time.Now()) {
+		return errors.ErrInvalidAccessToken
+	}
+	return nil
+}
+
+// NewJWTAccessGenerate create to generate the jwt access token instance
+func NewJWTAccessGenerate(kid string, key []byte, method jwt.SigningMethod) *JWTAccessGenerate {
+	return &JWTAccessGenerate{
+		SignedKeyID:  kid,
+		SignedKey:    key,
+		SignedMethod: method,
+	}
+}
+
+// JWTAccessGenerate generate the jwt access token
+type JWTAccessGenerate struct {
+	SignedKeyID  string
+	SignedKey    []byte
+	SignedMethod jwt.SigningMethod
+}
+
+// Token based on the UUID generated token
+func (a *JWTAccessGenerate) Token(ctx context.Context, data *oauth2.GenerateBasic, isGenRefresh bool) (string, string, error) {
+	claims := &JWTAccessClaims{
+		StandardClaims: jwt.StandardClaims{
+			Audience:  data.Client.GetID(),
+			Subject:   data.UserID,
+			ExpiresAt: data.TokenInfo.GetAccessCreateAt().Add(data.TokenInfo.GetAccessExpiresIn()).Unix(),
+		},
+	}
+
+	token := jwt.NewWithClaims(a.SignedMethod, claims)
+	if a.SignedKeyID != "" {
+		token.Header["kid"] = a.SignedKeyID
+	}
+	var key interface{}
+	if a.isEs() {
+		v, err := jwt.ParseECPrivateKeyFromPEM(a.SignedKey)
+		if err != nil {
+			return "", "", err
+		}
+		key = v
+	} else if a.isRsOrPS() {
+		v, err := jwt.ParseRSAPrivateKeyFromPEM(a.SignedKey)
+		if err != nil {
+			return "", "", err
+		}
+		key = v
+	} else if a.isHs() {
+		key = a.SignedKey
+	} else {
+		return "", "", errors.New("unsupported sign method")
+	}
+
+	access, err := token.SignedString(key)
+	if err != nil {
+		return "", "", err
+	}
+	refresh := ""
+
+	if isGenRefresh {
+		t := uuid.NewSHA1(uuid.Must(uuid.NewRandom()), []byte(access)).String()
+		refresh = base64.URLEncoding.EncodeToString([]byte(t))
+		refresh = strings.ToUpper(strings.TrimRight(refresh, "="))
+	}
+
+	return access, refresh, nil
+}
+
+func (a *JWTAccessGenerate) isEs() bool {
+	return strings.HasPrefix(a.SignedMethod.Alg(), "ES")
+}
+
+func (a *JWTAccessGenerate) isRsOrPS() bool {
+	isRs := strings.HasPrefix(a.SignedMethod.Alg(), "RS")
+	isPs := strings.HasPrefix(a.SignedMethod.Alg(), "PS")
+	return isRs || isPs
+}
+
+func (a *JWTAccessGenerate) isHs() bool {
+	return strings.HasPrefix(a.SignedMethod.Alg(), "HS")
+}