From 6d0e12252261db9308510816f1e473c0cfecf0db Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Tue, 21 May 2024 18:30:03 +0200 Subject: add hard-coded oidc webfinger support --- config.toml | 2 ++ go.mod | 10 +++++++++- go.sum | 19 ++++++++++++++++++- internal/config/config.go | 1 + internal/server/server.go | 30 +++++++++++++++++++++++++++++- nix/gomod2nix.toml | 30 +++++++++++++++++++++++++++--- 6 files changed, 86 insertions(+), 6 deletions(-) diff --git a/config.toml b/config.toml index e996899..d6279e2 100644 --- a/config.toml +++ b/config.toml @@ -8,6 +8,8 @@ description = "Developer, Emacs User" domain_start_date = "2014-06-07" original_domain = "alanpearce.eu" +oidc_host = "https://id.alanpearce.eu" + [[taxonomies]] name = "tags" feed = true diff --git a/go.mod b/go.mod index 7f32932..eb2611c 100644 --- a/go.mod +++ b/go.mod @@ -11,6 +11,7 @@ require ( github.com/antchfx/xmlquery v1.4.0 github.com/antchfx/xpath v1.3.0 github.com/ardanlabs/conf/v3 v3.1.7 + github.com/benpate/digit v0.12.0 github.com/crewjam/csp v0.0.2 github.com/deckarep/golang-set/v2 v2.6.0 github.com/fatih/structtag v1.2.0 @@ -30,6 +31,12 @@ replace github.com/a-h/htmlformat => github.com/alanpearce/htmlformat v0.0.0-202 require ( github.com/Code-Hex/dd v1.1.0 // indirect github.com/andybalholm/cascadia v1.3.2 // indirect + github.com/aymerick/douceur v0.2.0 // indirect + github.com/benpate/derp v0.31.0 // indirect + github.com/benpate/domain v0.2.1 // indirect + github.com/benpate/exp v0.8.3 // indirect + github.com/benpate/remote v0.15.0 // indirect + github.com/benpate/rosetta v0.20.0 // indirect github.com/bep/godartsass v1.2.0 // indirect github.com/bep/godartsass/v2 v2.0.0 // indirect github.com/bep/golibsass v1.1.1 // indirect @@ -37,7 +44,9 @@ require ( github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/gorilla/css v1.0.1 // indirect github.com/mattn/go-isatty v0.0.20 // indirect + github.com/microcosm-cc/bluemonday v1.0.26 // indirect github.com/mitchellh/hashstructure v1.1.0 // indirect github.com/pelletier/go-toml/v2 v2.2.2 // indirect github.com/spf13/afero v1.11.0 // indirect @@ -50,6 +59,5 @@ require ( golang.org/x/text v0.15.0 // indirect golang.org/x/tools v0.21.0 // indirect google.golang.org/protobuf v1.34.1 // indirect - gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/yaml.v2 v2.4.0 // indirect ) diff --git a/go.sum b/go.sum index 4325f54..9b68b1c 100644 --- a/go.sum +++ b/go.sum @@ -27,6 +27,20 @@ github.com/ardanlabs/conf/v3 v3.1.7 h1:p232cF68TafoA5U9ZlbxUIhGJtGNdKHBXF80Fdqb5 github.com/ardanlabs/conf/v3 v3.1.7/go.mod h1:zclexWKe0NVj6LHQ8NgDDZ7bQ1spE0KeKPFficdtAjU= github.com/armon/go-radix v1.0.1-0.20221118154546-54df44f2176c h1:651/eoCRnQ7YtSjAnSzRucrJz+3iGEFt+ysraELS81M= github.com/armon/go-radix v1.0.1-0.20221118154546-54df44f2176c/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= +github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= +github.com/benpate/derp v0.31.0 h1:Vo3oQrD+eDLY/FQ4W3HUtV1Et7lkm8OEF6rJQlSd6xg= +github.com/benpate/derp v0.31.0/go.mod h1:y+PJWv5VOBOnd1y4CGk/c7xVS0Pwxg9BGQE5r/SGc8w= +github.com/benpate/digit v0.12.0 h1:dYqPKgHhTCvddaI91v/8cvhRTDHxRT2ldZ+OdDcub/I= +github.com/benpate/digit v0.12.0/go.mod h1:YK9UZljGMC4ZQPFqz95aJgrS99kkVxcghKou7CurhXs= +github.com/benpate/domain v0.2.1 h1:OGjmZk64KKAuzv2BwBwVkrFjO3Cv/iu0L41+AIydLps= +github.com/benpate/domain v0.2.1/go.mod h1:Of+W1qgA1fCumChsKVwleSotq1wtSefo15hNvOucMBQ= +github.com/benpate/exp v0.8.3 h1:rxlXtdLxc+XU5ySoAFEt7YKOjhOE7YRMz15YUePBLJk= +github.com/benpate/exp v0.8.3/go.mod h1:VWDkZ1uM4HyXJVi+NDA1QvVklsgFE7T9L5lCeZBento= +github.com/benpate/remote v0.15.0 h1:Ciwwg97BiyA+gVEsULC4I14TjZbwb9MJaiGV/JvNpZM= +github.com/benpate/remote v0.15.0/go.mod h1:/+Lv9DLp7QY83HyIdFg+nW9pnVAxmKQjwv5wTTRG1qA= +github.com/benpate/rosetta v0.20.0 h1:V1lIFcrpyeHUQAW5xe8EgvZ94q5OEE9LPCwIXVleEeU= +github.com/benpate/rosetta v0.20.0/go.mod h1:2fBUrF22amsYFiyKniTo/Q0N4lbEN7THkJSKxZDFBfE= github.com/bep/clocks v0.5.0 h1:hhvKVGLPQWRVsBP/UB7ErrHYIO42gINVbvqxvYTPVps= github.com/bep/clocks v0.5.0/go.mod h1:SUq3q+OOq41y2lRQqH5fsOoxN8GbxSiT6jvoVVLCVhU= github.com/bep/debounce v1.2.0 h1:wXds8Kq8qRfwAOpAxHrJDbCXgC5aHSzgQb/0gKsHQqo= @@ -131,6 +145,8 @@ github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/gorilla/css v1.0.1 h1:ntNaBIghp6JmvWnxbZKANoLyuXTPZ4cAMlo6RyhlbO8= +github.com/gorilla/css v1.0.1/go.mod h1:BvnYkspnSzMmwRK+b8/xgNPLiIuNZr6vbZBTPQ2A3b0= github.com/hairyhenderson/go-codeowners v0.4.0 h1:Wx/tRXb07sCyHeC8mXfio710Iu35uAy5KYiBdLHdv4Q= github.com/hairyhenderson/go-codeowners v0.4.0/go.mod h1:iJgZeCt+W/GzXo5uchFCqvVHZY2T4TAIpvuVlKVkLxc= github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= @@ -143,7 +159,6 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -165,6 +180,8 @@ github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWE github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/microcosm-cc/bluemonday v1.0.26 h1:xbqSvqzQMeEHCqMi64VAs4d8uy6Mequs3rQ0k/Khz58= +github.com/microcosm-cc/bluemonday v1.0.26/go.mod h1:JyzOCs9gkyQyjs+6h10UEVSe02CGwkhd72Xdqh78TWs= github.com/mitchellh/hashstructure v1.1.0 h1:P6P1hdjqAAknpY/M1CGipelZgp+4y9ja9kmUZPXP+H0= github.com/mitchellh/hashstructure v1.1.0/go.mod h1:xUDAozZz0Wmdiufv0uyhnHkUTN6/6d8ulp4AwfLKrmA= github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c h1:cqn374mizHuIWj+OSJCajGr/phAmuMug9qIX3l9CflE= diff --git a/internal/config/config.go b/internal/config/config.go index 063f549..be7dcb9 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -37,6 +37,7 @@ type Config struct { Description string DomainStartDate string `toml:"domain_start_date"` OriginalDomain string `toml:"original_domain"` + OIDCHost URL `toml:"oidc_host"` Taxonomies []Taxonomy CSP *CSP `toml:"content-security-policy"` Extra struct { diff --git a/internal/server/server.go b/internal/server/server.go index b4cfc7f..cea349f 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -2,6 +2,7 @@ package server import ( "context" + "encoding/json" "fmt" "mime" "net" @@ -15,6 +16,7 @@ import ( cfg "website/internal/config" "website/internal/log" + "github.com/benpate/digit" "github.com/getsentry/sentry-go" sentryhttp "github.com/getsentry/sentry-go/http" "github.com/pkg/errors" @@ -159,7 +161,33 @@ func New(runtimeConfig *Config) (*Server, error) { top := http.NewServeMux() mux := http.NewServeMux() log.Debug("binding main handler to", "host", runtimeConfig.BaseURL.Hostname()+"/") - mux.Handle(runtimeConfig.BaseURL.Hostname()+"/", webHandler(serveFile)) + hostname := runtimeConfig.BaseURL.Hostname() + mux.Handle(hostname+"/", webHandler(serveFile)) + + var acctResource = "acct:" + config.Email + me := digit.NewResource(acctResource). + Link("http://openid.net/specs/connect/1.0/issuer", "", config.OIDCHost.String()) + mux.HandleFunc(hostname+"/.well-known/webfinger", func(w http.ResponseWriter, r *http.Request) { + if r.URL.Query().Get("resource") == acctResource { + obj, err := json.Marshal(me) + if err != nil { + http.Error( + w, + http.StatusText(http.StatusInternalServerError), + http.StatusInternalServerError, + ) + + return + } + + w.Header().Add("Content-Type", "application/jrd+json") + w.Header().Add("Access-Control-Allow-Origin", "*") + _, err = w.Write(obj) + if err != nil { + log.Warn("error writing webfinger request", "error", err) + } + } + }) mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { newURL := runtimeConfig.BaseURL.String() + r.URL.String() diff --git a/nix/gomod2nix.toml b/nix/gomod2nix.toml index 4669a45..c00865b 100644 --- a/nix/gomod2nix.toml +++ b/nix/gomod2nix.toml @@ -32,6 +32,27 @@ schema = 3 [mod."github.com/ardanlabs/conf/v3"] version = "v3.1.7" hash = "sha256-7H53l0JN5Q6hkAgBivVQ8lFd03oNmP1IG8ihzLKm2CQ=" + [mod."github.com/aymerick/douceur"] + version = "v0.2.0" + hash = "sha256-NiBX8EfOvLXNiK3pJaZX4N73YgfzdrzRXdiBFe3X3sE=" + [mod."github.com/benpate/derp"] + version = "v0.31.0" + hash = "sha256-Q/QxVDgOFbUjPlwKOsbft3R/8vbNGescX/dcuJGRE0Q=" + [mod."github.com/benpate/digit"] + version = "v0.12.0" + hash = "sha256-+leG0kKa+DjkYYbE8l5voMJPDPMYNJ1GIGEGp7wjoKs=" + [mod."github.com/benpate/domain"] + version = "v0.2.1" + hash = "sha256-nO3mRwQqgWaVReRFXhZlxdo3EGt87Z4EzZBOIPyZJcs=" + [mod."github.com/benpate/exp"] + version = "v0.8.3" + hash = "sha256-FHKWQBPK+0JKMbrb+TXB+MVfgzV72DAv4gEhUEhmV/g=" + [mod."github.com/benpate/remote"] + version = "v0.15.0" + hash = "sha256-Rh0YlDycwVAy+CsfB62GIsHgLWen4fD9nT6hrwMp3mk=" + [mod."github.com/benpate/rosetta"] + version = "v0.20.0" + hash = "sha256-SizQ7pbLsKomWxqNG2IwWZBO2gn+ZcTJAfvb6K2zbdc=" [mod."github.com/bep/godartsass"] version = "v1.2.0" hash = "sha256-kkKRFesHX8Yp1+/L7yFeRqltBRlAVKgdSN4d7Lc/uI8=" @@ -68,9 +89,15 @@ schema = 3 [mod."github.com/golang/groupcache"] version = "v0.0.0-20210331224755-41bb18bfe9da" hash = "sha256-7Gs7CS9gEYZkbu5P4hqPGBpeGZWC64VDwraSKFF+VR0=" + [mod."github.com/gorilla/css"] + version = "v1.0.1" + hash = "sha256-6JwNHqlY2NpZ0pSQTyYPSpiNqjXOdFHqrUT10sv3y8A=" [mod."github.com/mattn/go-isatty"] version = "v0.0.20" hash = "sha256-qhw9hWtU5wnyFyuMbKx+7RB8ckQaFQ8D+8GKPkN3HHQ=" + [mod."github.com/microcosm-cc/bluemonday"] + version = "v1.0.26" + hash = "sha256-ZX4QUWHVEoGBeTHfPcLD5XoiubeO8GhkdqkC4Me8nRE=" [mod."github.com/mitchellh/hashstructure"] version = "v1.1.0" hash = "sha256-dNPVpLRsCa2XZHlCRRtkpBVqb8rpHIocpFPNCqZg2EY=" @@ -128,9 +155,6 @@ schema = 3 [mod."google.golang.org/protobuf"] version = "v1.34.1" hash = "sha256-qnHqY6KLZiZDbTVTN6uzF4jedxROYlPCYHoiv6XI0sc=" - [mod."gopkg.in/check.v1"] - version = "v1.0.0-20201130134442-10cb98267c6c" - hash = "sha256-VlIpM2r/OD+kkyItn6vW35dyc0rtkJufA93rjFyzncs=" [mod."gopkg.in/yaml.v2"] version = "v2.4.0" hash = "sha256-uVEGglIedjOIGZzHW4YwN1VoRSTK8o0eGZqzd+TNdd0=" -- cgit 1.4.1