Impl StartOauthLogin

gedorinku · gedorinku · commit a9035d44b56d · 2019-01-20T15:48:34.000+09:00
diff --git a/.env.sample b/.env.sample
@@ -1,6 +1,19 @@
 # for ridgepole
 DATABASE_URL=mysql2://root:password@127.0.0.1:3306/accounts?parseTime=true
+ACCOUNTS_DB_PASSWORD=password
+
+# for hydra
+DATABASE_URL_HYDRA=mysql://root:password@tcp(mysql:3306)/hydra?parseTime=true
+HYDRA_SECRET=youReallyNeedToChangeThis
+HYDRA_SALT=youReallyNeedToChangeThis
+OAUTH2_ISSUER_URL=http://localhost:4444
+OAUTH2_CONSENT_URL=http://localhost:3000/oauth/consent
+OAUTH2_LOGIN_URL=http://localhost:3000/oauth/login
 
 DATA_SOURCE_NAME=root:password@tcp(mysql:3306)/accounts?parseTime=true
+
 REDIS_ADDR=redis:6379
+
 DEBUG_LOG=true
+
+HYDRA_ADMIN_URL=http://localhost:4445
diff --git a/api/oauth.pb.go b/api/oauth.pb.go
diff --git a/api/oauth.swagger.json b/api/oauth.swagger.json
@@ -71,6 +71,10 @@
     "prolab_accountsStartOAuthLoginResponse": {
       "type": "object",
       "properties": {
+        "skip": {
+          "type": "boolean",
+          "format": "boolean"
+        },
         "redirect_url": {
           "type": "string"
         }
diff --git a/api/protos/oauth.proto b/api/protos/oauth.proto
@@ -22,11 +22,12 @@ service OAuthService {
 }
 
 message StartOauthLoginRequest {
-  string challenge = 1;
+  string login_challenge = 1;
 }
 
 message StartOAuthLoginResponse {
-  string redirect_url = 1;
+  bool skip = 1;
+  string redirect_url = 2;
 }
 
 message OAuthLoginRequest {
diff --git a/app/server/oauth_server.go b/app/server/oauth_server.go
@@ -4,7 +4,9 @@ import (
 	"context"
 
 	"github.com/izumin5210/grapi/pkg/grapiserver"
+	"github.com/ory/hydra/sdk/go/hydra/swagger"
 	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/status"
 
 	api_pb "github.com/ProgrammingLab/prolab-accounts/api"
@@ -29,8 +31,31 @@ type oAuthServiceServerImpl struct {
 }
 
 func (s *oAuthServiceServerImpl) StartOauthLogin(ctx context.Context, req *api_pb.StartOauthLoginRequest) (*api_pb.StartOAuthLoginResponse, error) {
-	// TODO: Not yet implemented.
-	return nil, status.Error(codes.Unimplemented, "TODO: You should implement it!")
+	cli := s.HydraClient(ctx)
+	challenge := req.GetLoginChallenge()
+	res, _, err := cli.GetLoginRequest(challenge)
+	if err != nil {
+		grpclog.Error(err)
+		return nil, err
+	}
+	if res.Skip {
+		res, _, err := cli.AcceptLoginRequest(challenge, swagger.AcceptLoginRequest{})
+		if err != nil {
+			grpclog.Error(err)
+			return nil, err
+		}
+
+		resp := &api_pb.StartOAuthLoginResponse{
+			Skip:        true,
+			RedirectUrl: res.RedirectTo,
+		}
+		return resp, nil
+	}
+
+	resp := &api_pb.StartOAuthLoginResponse{
+		Skip: false,
+	}
+	return resp, nil
 }
 
 func (s *oAuthServiceServerImpl) OAuthLogin(ctx context.Context, req *api_pb.OAuthLoginRequest) (*api_pb.OAuthLoginResponse, error) {
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -11,9 +11,53 @@ services:
     depends_on:
       - mysql
       - redis
+      - hydra
     ports:
       - "3000:3000"
 
+  hydra-migrate:
+    image: oryd/hydra:v1.0.0-rc.6_oryOS.10-alpine
+    depends_on:
+      - mysql
+    environment:
+#      - LOG_LEVEL=debug
+      - DATABASE_URL=${DATABASE_URL_HYDRA}
+    command:
+      migrate sql -e
+    restart: on-failure
+
+  hydra:
+    image: oryd/hydra:v1.0.0-rc.6_oryOS.10-alpine
+    depends_on:
+      - hydra-migrate
+    ports:
+      # Public port
+      - "4444:4444"
+      # Admin port
+      - "4445:4445"
+      # Port for hydra token user
+      - "5555:5555"
+    command:
+      serve all --dangerous-force-http
+    environment:
+#      - LOG_LEVEL=debug
+      - OAUTH2_ISSUER_URL=${OAUTH2_ISSUER_URL}
+      - OAUTH2_CONSENT_URL=${OAUTH2_CONSENT_URL}
+      - OAUTH2_LOGIN_URL=${OAUTH2_LOGIN_URL}
+      - DATABASE_URL=${DATABASE_URL_HYDRA}
+      - SYSTEM_SECRET=${HYDRA_SECRET}
+      - OAUTH2_SHARE_ERROR_DEBUG=1
+      - OIDC_SUBJECT_TYPES_SUPPORTED=public,pairwise
+      - OIDC_SUBJECT_TYPE_PAIRWISE_SALT=${HYDRA_SALT}
+#     - OAUTH2_ACCESS_TOKEN_STRATEGY=jwt
+#     Uncomment the following lines when configuring tracing
+#      - TRACING_PROVIDER=jaeger
+#      - TRACING_PROVIDER_JAEGER_SAMPLING_SERVER_URL=http://jaeger:5778/sampling
+#      - TRACING_PROVIDER_JAEGER_LOCAL_AGENT_ADDRESS=jaeger:6831
+#      - TRACING_PROVIDER_JAEGER_SAMPLING_TYPE=const
+#      - TRACING_PROVIDER_JAEGER_SAMPLING_VALUE=1
+    restart: unless-stopped
+
   mysql:
     image: mysql:5.7
     hostname: mysql

Original file line number	Diff line number	Diff line change
`@@ -22,11 +22,12 @@ service OAuthService {`
`22`	`22`	`}`
`23`	`23`
`24`	`24`	`message StartOauthLoginRequest {`
`25`		`- string challenge = 1;`
	`25`	`+ string login_challenge = 1;`
`26`	`26`	`}`
`27`	`27`
`28`	`28`	`message StartOAuthLoginResponse {`
`29`		`- string redirect_url = 1;`
	`29`	`+ bool skip = 1;`
	`30`	`+ string redirect_url = 2;`
`30`	`31`	`}`
`31`	`32`
`32`	`33`	`message OAuthLoginRequest {`