package form import ( "github.com/urfave/cli" "github.com/photoprism/photoprism/internal/acl" "github.com/photoprism/photoprism/pkg/authn" "github.com/photoprism/photoprism/pkg/clean" "github.com/photoprism/photoprism/pkg/rnd" "github.com/photoprism/photoprism/pkg/unix" ) // Client represents client application settings. type Client struct { UserUID string `json:"UserUID,omitempty" yaml:"UserUID,omitempty"` UserName string `gorm:"size:64;index;" json:"UserName" yaml:"UserName,omitempty"` ClientID string `json:"ClientID,omitempty" yaml:"ClientID,omitempty"` ClientSecret string `json:"ClientSecret,omitempty" yaml:"ClientSecret,omitempty"` ClientName string `json:"ClientName,omitempty" yaml:"ClientName,omitempty"` ClientRole string `json:"ClientRole,omitempty" yaml:"ClientRole,omitempty"` AuthProvider string `json:"AuthProvider,omitempty" yaml:"AuthProvider,omitempty"` AuthMethod string `json:"AuthMethod,omitempty" yaml:"AuthMethod,omitempty"` AuthScope string `json:"AuthScope,omitempty" yaml:"AuthScope,omitempty"` AuthExpires int64 `json:"AuthExpires,omitempty" yaml:"AuthExpires,omitempty"` AuthTokens int64 `json:"AuthTokens,omitempty" yaml:"AuthTokens,omitempty"` AuthEnabled bool `json:"AuthEnabled,omitempty" yaml:"AuthEnabled,omitempty"` } // NewClient creates new client application settings. func NewClient() Client { return Client{ UserUID: "", UserName: "", ClientID: "", ClientSecret: "", ClientName: "", ClientRole: acl.RoleClient.String(), AuthProvider: authn.ProviderClientCredentials.String(), AuthMethod: authn.MethodOAuth2.String(), AuthScope: "", AuthExpires: 3600, AuthTokens: 5, AuthEnabled: true, } } // AddClientFromCli creates a new form for adding a client with values from the specified CLI context. func AddClientFromCli(ctx *cli.Context) Client { f := NewClient() if user := clean.Username(ctx.Args().First()); rnd.IsUID(user, 'u') { f.UserUID = user } else if user != "" { f.UserName = user } if ctx.IsSet("id") { f.ClientID = ctx.String("id") } if ctx.IsSet("secret") { f.ClientSecret = ctx.String("secret") } if ctx.IsSet("name") { f.ClientName = clean.Name(ctx.String("name")) } if f.ClientName == "" { f.ClientName = rnd.Name() } f.ClientRole = clean.Name(ctx.String("role")) if f.ClientRole == "" { f.ClientRole = acl.RoleClient.String() } f.AuthProvider = authn.Provider(ctx.String("provider")).String() if f.AuthProvider == "" { f.AuthProvider = authn.ProviderClientCredentials.String() } f.AuthMethod = authn.Method(ctx.String("method")).String() if f.AuthMethod == "" { f.AuthMethod = authn.MethodOAuth2.String() } f.AuthScope = clean.Scope(ctx.String("scope")) if f.AuthScope == "" { f.AuthScope = "*" } f.AuthExpires = ctx.Int64("expires") f.AuthTokens = ctx.Int64("tokens") return f } // ModClientFromCli creates a new form for modifying a client with values from the specified CLI context. func ModClientFromCli(ctx *cli.Context) Client { f := Client{} f.ClientID = clean.UID(ctx.Args().First()) if ctx.IsSet("secret") { f.ClientSecret = ctx.String("secret") } if ctx.IsSet("name") { f.ClientName = clean.Name(ctx.String("name")) } if ctx.IsSet("role") { f.ClientRole = clean.Name(ctx.String("role")) } if ctx.IsSet("provider") { f.AuthProvider = authn.Provider(ctx.String("provider")).String() } if ctx.IsSet("method") { f.AuthMethod = authn.Method(ctx.String("method")).String() } if ctx.IsSet("scope") { f.AuthScope = clean.Scope(ctx.String("scope")) } if ctx.IsSet("expires") { f.AuthExpires = ctx.Int64("expires") } if ctx.IsSet("tokens") { f.AuthTokens = ctx.Int64("tokens") } if ctx.Bool("enable") { f.AuthEnabled = true } else if ctx.Bool("disable") { f.AuthEnabled = false } return f } // ID returns the client id, if any. func (f *Client) ID() string { if !rnd.IsUID(f.ClientID, 'c') { return "" } return f.ClientID } // Secret returns the client secret, if any. func (f *Client) Secret() string { if !rnd.IsClientSecret(f.ClientSecret) { return "" } return f.ClientSecret } // Name returns the sanitized client name. func (f *Client) Name() string { return clean.Name(f.ClientName) } // Role returns the sanitized client role. func (f *Client) Role() string { return clean.Role(f.ClientRole) } // Provider returns the sanitized auth provider name. func (f *Client) Provider() authn.ProviderType { return authn.Provider(f.AuthProvider) } // Method returns the sanitized auth method name. func (f *Client) Method() authn.MethodType { return authn.Method(f.AuthMethod) } // Scope returns the client scopes as sanitized string. func (f Client) Scope() string { return clean.Scope(f.AuthScope) } // Expires returns the access token expiry time in seconds or 0 if not specified. func (f Client) Expires() int64 { if f.AuthExpires > unix.Month { return unix.Month } else if f.AuthExpires > 0 { return f.AuthExpires } else if f.AuthExpires < 0 { return unix.Hour } return 0 } // Tokens returns the access token limit or 0 if not specified. func (f Client) Tokens() int64 { if f.AuthTokens > 2147483647 { return 2147483647 } else if f.AuthTokens > 0 { return f.AuthTokens } else if f.AuthTokens < 0 { return -1 } return 0 }