diff --git a/.config/misso.yml.example b/.config/misso.yml.example index dd581b3..79ef846 100644 --- a/.config/misso.yml.example +++ b/.config/misso.yml.example @@ -7,3 +7,8 @@ misskey: secret: "" hydra: admin_url: "http://localhost:4445" +time: + request_valid: 3600 + login_remember: 600 + consent_remember: 0 + userinfo_cache: 3600 diff --git a/consts/time.go b/consts/time.go index 309757e..dda9e94 100644 --- a/consts/time.go +++ b/consts/time.go @@ -1,12 +1,10 @@ package consts -import "time" - const ( - TIME_REQUEST_VALID = 1 * time.Hour + TIME_DEFAULT_REQUEST_VALID = 3600 // 1 Hour - TIME_LOGIN_REMEMBER = 10 * time.Minute - TIME_CONSENT_REMEMBER = 0 // Forever + TIME_DEFAULT_LOGIN_REMEMBER = 600 // 10 Minute + TIME_DEFAULT_CONSENT_REMEMBER = 0 // Forever - TIME_USERINFO_CACHE = 1 * time.Hour + TIME_DEFAULT_USERINFO_CACHE = 3600 // 1 Hour ) diff --git a/handlers/consent/consent_check.go b/handlers/consent/consent_check.go index 6b8c027..0b5bd09 100644 --- a/handlers/consent/consent_check.go +++ b/handlers/consent/consent_check.go @@ -5,10 +5,12 @@ import ( "fmt" "github.com/gin-gonic/gin" client "github.com/ory/hydra-client-go/v2" + "misso/config" "misso/consts" "misso/global" "misso/utils" "net/http" + "time" ) func ConsentCheck(ctx *gin.Context) { @@ -57,7 +59,7 @@ func ConsentCheck(ctx *gin.Context) { global.Logger.Debugf("Generating CSRF token...") csrf := utils.RandString(32) sessKey := fmt.Sprintf(consts.REDIS_KEY_CONSENT_CSRF, oauth2challenge) - err := global.Redis.Set(context.Background(), sessKey, csrf, consts.TIME_REQUEST_VALID).Err() + err := global.Redis.Set(context.Background(), sessKey, csrf, time.Duration(config.Config.Time.RequestValid)*time.Second).Err() if err != nil { global.Logger.Errorf("Failed to save csrf into redis with error: %v", err) ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{ diff --git a/handlers/consent/consent_confirm.go b/handlers/consent/consent_confirm.go index 63e06d8..7591eb8 100644 --- a/handlers/consent/consent_confirm.go +++ b/handlers/consent/consent_confirm.go @@ -5,10 +5,10 @@ import ( "fmt" "github.com/gin-gonic/gin" client "github.com/ory/hydra-client-go/v2" + "misso/config" "misso/consts" "misso/global" "net/http" - "time" ) type ConsentConfirmRequest struct { @@ -88,9 +88,9 @@ func ConsentConfirm(ctx *gin.Context) { global.Logger.Debugf("User accepted the request, reporting back to hydra...") global.Logger.Debugf("Initializing ID Token...") - rememberFor := int64(consts.TIME_CONSENT_REMEMBER / time.Second) // Remember forever + rememberFor := config.Config.Time.ConsentRemember // Remember forever acceptReq, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2ConsentRequest(context.Background()).ConsentChallenge(oauth2challenge).AcceptOAuth2ConsentRequest(client.AcceptOAuth2ConsentRequest{ - GrantScope: consentReq.RequestedScope, // TODO: Specify scopes + GrantScope: consentReq.RequestedScope, GrantAccessTokenAudience: consentReq.RequestedAccessTokenAudience, Remember: &req.Remember, RememberFor: &rememberFor, diff --git a/handlers/login/login.go b/handlers/login/login.go index a5bac0f..68756f9 100644 --- a/handlers/login/login.go +++ b/handlers/login/login.go @@ -5,10 +5,12 @@ import ( "fmt" "github.com/gin-gonic/gin" client "github.com/ory/hydra-client-go/v2" + "misso/config" "misso/consts" "misso/global" "misso/misskey" "net/http" + "time" ) func Login(ctx *gin.Context) { @@ -69,7 +71,7 @@ func Login(ctx *gin.Context) { // Save login challenge state into redis (misskey cannot keep state info) sessKey := fmt.Sprintf(consts.REDIS_KEY_LOGIN_SESSION, authSess.Token) - err = global.Redis.Set(context.Background(), sessKey, oauth2challenge, consts.TIME_REQUEST_VALID).Err() + err = global.Redis.Set(context.Background(), sessKey, oauth2challenge, time.Duration(config.Config.Time.RequestValid)*time.Second).Err() if err != nil { global.Logger.Errorf("Failed to save session into redis with error: %v", err) ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{ diff --git a/handlers/login/misskey_auth_callback.go b/handlers/login/misskey_auth_callback.go index 05635b5..a9c0b32 100644 --- a/handlers/login/misskey_auth_callback.go +++ b/handlers/login/misskey_auth_callback.go @@ -10,7 +10,6 @@ import ( "misso/global" "misso/misskey" "net/http" - "time" ) func MisskeyAuthCallback(ctx *gin.Context) { @@ -75,13 +74,15 @@ func MisskeyAuthCallback(ctx *gin.Context) { } global.Logger.Debugf("User accepted the request, reporting back to hydra...") - remember := true - rememberFor := int64(consts.TIME_LOGIN_REMEMBER / time.Second) - acceptReq, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2LoginRequest(context.Background()).LoginChallenge(oauth2challenge).AcceptOAuth2LoginRequest(client.AcceptOAuth2LoginRequest{ - Subject: userIdentifier, - Remember: &remember, - RememberFor: &rememberFor, - }).Execute() + acceptReq := client.AcceptOAuth2LoginRequest{ + Subject: userIdentifier, + } + if config.Config.Time.LoginRemember > 0 { + remember := true + acceptReq.Remember = &remember + acceptReq.RememberFor = &config.Config.Time.LoginRemember + } + acceptRes, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2LoginRequest(context.Background()).LoginChallenge(oauth2challenge).AcceptOAuth2LoginRequest(acceptReq).Execute() if err != nil { global.Logger.Errorf("Failed to accept login request with error: %v", err) ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{ @@ -91,7 +92,7 @@ func MisskeyAuthCallback(ctx *gin.Context) { } // Redirect to target uri - ctx.Redirect(http.StatusTemporaryRedirect, acceptReq.RedirectTo) + ctx.Redirect(http.StatusTemporaryRedirect, acceptRes.RedirectTo) global.Logger.Debugf("User should now be redirecting to target URI.") diff --git a/inits/config.go b/inits/config.go index f7b74d7..a63c42a 100644 --- a/inits/config.go +++ b/inits/config.go @@ -3,6 +3,7 @@ package inits import ( "gopkg.in/yaml.v3" "misso/config" + "misso/consts" "os" ) @@ -23,5 +24,21 @@ func Config() error { return err } + // Validate time + if config.Config.Time.RequestValid <= 0 { + config.Config.Time.RequestValid = consts.TIME_DEFAULT_REQUEST_VALID + } + if config.Config.Time.LoginRemember < 0 { + // 0 means don't remember (in extreme account switch situations) + config.Config.Time.LoginRemember = consts.TIME_DEFAULT_LOGIN_REMEMBER + } + if config.Config.Time.ConsentRemember < 0 { + // 0 means remember forever (default behavior) + config.Config.Time.ConsentRemember = consts.TIME_DEFAULT_CONSENT_REMEMBER + } + if config.Config.Time.UserinfoCache <= 0 { + config.Config.Time.UserinfoCache = consts.TIME_DEFAULT_USERINFO_CACHE + } + return nil } diff --git a/types/Config.go b/types/Config.go index 99d0e59..9b98f97 100644 --- a/types/Config.go +++ b/types/Config.go @@ -14,4 +14,10 @@ type Config struct { Hydra struct { AdminUrl string `yaml:"admin_url"` } `yaml:"hydra"` + Time struct { + RequestValid int64 `yaml:"request_valid"` + LoginRemember int64 `yaml:"login_remember"` + ConsentRemember int64 `yaml:"consent_remember"` + UserinfoCache int64 `yaml:"userinfo_cache"` + } `yaml:"time"` } diff --git a/utils/save_userinfo.go b/utils/save_userinfo.go index 4b309d6..9c25e03 100644 --- a/utils/save_userinfo.go +++ b/utils/save_userinfo.go @@ -4,9 +4,11 @@ import ( "context" "encoding/json" "fmt" + "misso/config" "misso/consts" "misso/global" "misso/types" + "time" ) func SaveUserinfo(subject string, userinfo *types.MisskeyUser) error { @@ -16,7 +18,7 @@ func SaveUserinfo(subject string, userinfo *types.MisskeyUser) error { return err } sessUserInfoKey := fmt.Sprintf(consts.REDIS_KEY_USER_INFO, subject) - err = global.Redis.Set(context.Background(), sessUserInfoKey, userinfoBytes, consts.TIME_USERINFO_CACHE).Err() + err = global.Redis.Set(context.Background(), sessUserInfoKey, userinfoBytes, time.Duration(config.Config.Time.UserinfoCache)*time.Second).Err() if err != nil { global.Logger.Errorf("Failed to save session user info into redis with error: %v", err) return err