Oauth/token (#7)

* add host and protocol options

* some fiddling

* tidying up and comments

* tick off /oauth/token

* tidying a bit

* tidying

* go mod tidy

* allow attaching middleware to server

* add middleware

* more user friendly

* add comments

* comments

* store account + app

* tidying

* lots of restructuring

* lint + tidy

1 files changed, 191 insertions, 0 deletions

diff --git a/internal/module/oauth/oauth_test.go b/internal/module/oauth/oauth_test.go
new file mode 100644
index 000000000..adfb40ac5
--- /dev/null
+++ b/internal/module/oauth/oauth_test.go
@@ -0,0 +1,191 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package oauth
+
+import (
+	"context"
+	"fmt"
+	"testing"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/gotosocial/gotosocial/internal/config"
+	"github.com/gotosocial/gotosocial/internal/db"
+	"github.com/gotosocial/gotosocial/internal/gtsmodel"
+	"github.com/gotosocial/gotosocial/internal/router"
+	"github.com/gotosocial/oauth2/v4"
+	"github.com/sirupsen/logrus"
+	"github.com/stretchr/testify/suite"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type OauthTestSuite struct {
+	suite.Suite
+	tokenStore      oauth2.TokenStore
+	clientStore     oauth2.ClientStore
+	db              db.DB
+	testAccount     *gtsmodel.Account
+	testApplication *gtsmodel.Application
+	testUser        *gtsmodel.User
+	testClient      *oauthClient
+	config          *config.Config
+}
+
+// SetupSuite sets some variables on the suite that we can use as consts (more or less) throughout
+func (suite *OauthTestSuite) SetupSuite() {
+	c := config.Empty()
+	// we're running on localhost without https so set the protocol to http
+	c.Protocol = "http"
+	// just for testing
+	c.Host = "localhost:8080"
+	// because go tests are run within the test package directory, we need to fiddle with the templateconfig
+	// basedir in a way that we wouldn't normally have to do when running the binary, in order to make
+	// the templates actually load
+	c.TemplateConfig.BaseDir = "../../../web/template/"
+	c.DBConfig = &config.DBConfig{
+		Type:            "postgres",
+		Address:         "localhost",
+		Port:            5432,
+		User:            "postgres",
+		Password:        "postgres",
+		Database:        "postgres",
+		ApplicationName: "gotosocial",
+	}
+	suite.config = c
+
+	encryptedPassword, err := bcrypt.GenerateFromPassword([]byte("password"), bcrypt.DefaultCost)
+	if err != nil {
+		logrus.Panicf("error encrypting user pass: %s", err)
+	}
+
+	acctID := uuid.NewString()
+
+	suite.testAccount = &gtsmodel.Account{
+		ID:       acctID,
+		Username: "test_user",
+	}
+	suite.testUser = &gtsmodel.User{
+		EncryptedPassword: string(encryptedPassword),
+		Email:             "user@example.org",
+		AccountID:         acctID,
+	}
+	suite.testClient = &oauthClient{
+		ID:     "a-known-client-id",
+		Secret: "some-secret",
+		Domain: fmt.Sprintf("%s://%s", c.Protocol, c.Host),
+	}
+	suite.testApplication = &gtsmodel.Application{
+		Name:         "a test application",
+		Website:      "https://some-application-website.com",
+		RedirectURI:  "http://localhost:8080",
+		ClientID:     "a-known-client-id",
+		ClientSecret: "some-secret",
+		Scopes:       "read",
+		VapidKey:     uuid.NewString(),
+	}
+}
+
+// SetupTest creates a postgres connection and creates the oauth_clients table before each test
+func (suite *OauthTestSuite) SetupTest() {
+
+	log := logrus.New()
+	log.SetLevel(logrus.TraceLevel)
+	db, err := db.New(context.Background(), suite.config, log)
+	if err != nil {
+		logrus.Panicf("error creating database connection: %s", err)
+	}
+
+	suite.db = db
+
+	models := []interface{}{
+		&oauthClient{},
+		&oauthToken{},
+		&gtsmodel.User{},
+		&gtsmodel.Account{},
+		&gtsmodel.Application{},
+	}
+
+	for _, m := range models {
+		if err := suite.db.CreateTable(m); err != nil {
+			logrus.Panicf("db connection error: %s", err)
+		}
+	}
+
+	suite.tokenStore = newTokenStore(context.Background(), suite.db, logrus.New())
+	suite.clientStore = newClientStore(suite.db)
+
+	if err := suite.db.Put(suite.testAccount); err != nil {
+		logrus.Panicf("could not insert test account into db: %s", err)
+	}
+	if err := suite.db.Put(suite.testUser); err != nil {
+		logrus.Panicf("could not insert test user into db: %s", err)
+	}
+	if err := suite.db.Put(suite.testClient); err != nil {
+		logrus.Panicf("could not insert test client into db: %s", err)
+	}
+	if err := suite.db.Put(suite.testApplication); err != nil {
+		logrus.Panicf("could not insert test application into db: %s", err)
+	}
+
+}
+
+// TearDownTest drops the oauth_clients table and closes the pg connection after each test
+func (suite *OauthTestSuite) TearDownTest() {
+	models := []interface{}{
+		&oauthClient{},
+		&oauthToken{},
+		&gtsmodel.User{},
+		&gtsmodel.Account{},
+		&gtsmodel.Application{},
+	}
+	for _, m := range models {
+		if err := suite.db.DropTable(m); err != nil {
+			logrus.Panicf("error dropping table: %s", err)
+		}
+	}
+	if err := suite.db.Stop(context.Background()); err != nil {
+		logrus.Panicf("error closing db connection: %s", err)
+	}
+	suite.db = nil
+}
+
+func (suite *OauthTestSuite) TestAPIInitialize() {
+	log := logrus.New()
+	log.SetLevel(logrus.TraceLevel)
+
+	r, err := router.New(suite.config, log)
+	if err != nil {
+		suite.FailNow(fmt.Sprintf("error mapping routes onto router: %s", err))
+	}
+
+	api := New(suite.tokenStore, suite.clientStore, suite.db, log)
+	if err := api.Route(r); err != nil {
+		suite.FailNow(fmt.Sprintf("error mapping routes onto router: %s", err))
+	}
+
+	go r.Start()
+	time.Sleep(60 * time.Second)
+	// http://localhost:8080/oauth/authorize?client_id=a-known-client-id&response_type=code&redirect_uri=http://localhost:8080&scope=read
+	// curl -v -F client_id=a-known-client-id -F client_secret=some-secret -F redirect_uri=http://localhost:8080 -F code=[ INSERT CODE HERE ] -F grant_type=authorization_code localhost:8080/oauth/token
+	// curl -v -H "Authorization: Bearer [INSERT TOKEN HERE]" http://localhost:8080
+}
+
+func TestOauthTestSuite(t *testing.T) {
+	suite.Run(t, new(OauthTestSuite))
+}