8316299588

Committed 17 Mar 2024 02:55PM UTC coverage: 64.923% (-0.3%) from 65.241%

Build Type

github

Committed by

Commit Message

fix: remove unneeded if check

Pull Request Pull Request #1474: feat: add custom sms hook

Run Details

87 of 197 new or added lines in 13 files covered. (44.16%)

72 existing lines in 3 files now uncovered.

8005 of 12330 relevant lines covered (64.92%)

59.5 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

40.0

/internal/hooks/auth_hooks.go

package hooks

import (
        "github.com/gofrs/uuid"
        "github.com/golang-jwt/jwt"
        "github.com/supabase/auth/internal/models"
)

type HookType string

const (
        PostgresHook HookType = "pg-functions"
)

const (
        // In Miliseconds
        DefaultTimeout = 2000
)

// Hook Names
const (
        HookRejection = "reject"
)

type HTTPHookInput interface {
        IsHTTPHook()
}

type HookOutput interface {
        IsError() bool
        Error() string
}

// #nosec
const MinimumViableTokenSchema = `{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "type": "object",
  "properties": {
    "aud": {
      "type": "string"
    },
    "exp": {
      "type": "integer"
    },
    "jti": {
      "type": "string"
    },
    "iat": {
      "type": "integer"
    },
    "iss": {
      "type": "string"
    },
    "nbf": {
      "type": "integer"
    },
    "sub": {
      "type": "string"
    },
    "email": {
      "type": "string"
    },
    "phone": {
      "type": "string"
    },
    "app_metadata": {
      "type": "object",
      "additionalProperties": true
    },
    "user_metadata": {
      "type": "object",
      "additionalProperties": true
    },
    "role": {
      "type": "string"
    },
    "aal": {
      "type": "string"
    },
    "amr": {
      "type": "array",
      "items": {
        "type": "object"
      }
    },
    "session_id": {
      "type": "string"
    }
  },
  "required": ["aud", "exp", "iat", "sub", "email", "phone", "role", "aal", "session_id"]
}`

// AccessTokenClaims is a struct thats used for JWT claims
type AccessTokenClaims struct {
        jwt.StandardClaims
        Email                         string                 `json:"email"`
        Phone                         string                 `json:"phone"`
        AppMetaData                   map[string]interface{} `json:"app_metadata"`
        UserMetaData                  map[string]interface{} `json:"user_metadata"`
        Role                          string                 `json:"role"`
        AuthenticatorAssuranceLevel   string                 `json:"aal,omitempty"`
        AuthenticationMethodReference []models.AMREntry      `json:"amr,omitempty"`
        SessionId                     string                 `json:"session_id,omitempty"`
        IsAnonymous                   bool                   `json:"is_anonymous"`
}

type MFAVerificationAttemptInput struct {
        UserID   uuid.UUID `json:"user_id"`
        FactorID uuid.UUID `json:"factor_id"`
        Valid    bool      `json:"valid"`
}

type MFAVerificationAttemptOutput struct {
        Decision  string        `json:"decision"`
        Message   string        `json:"message"`
        HookError AuthHookError `json:"error"`
}

type PasswordVerificationAttemptInput struct {
        UserID uuid.UUID `json:"user_id"`
        Valid  bool      `json:"valid"`
}

type PasswordVerificationAttemptOutput struct {
        Decision         string        `json:"decision"`
        Message          string        `json:"message"`
        ShouldLogoutUser bool          `json:"should_logout_user"`
        HookError        AuthHookError `json:"error"`
}

type CustomAccessTokenInput struct {
        UserID               uuid.UUID          `json:"user_id"`
        Claims               *AccessTokenClaims `json:"claims"`
        AuthenticationMethod string             `json:"authentication_method"`
}

type CustomAccessTokenOutput struct {
        Claims    map[string]interface{} `json:"claims"`
        HookError AuthHookError          `json:"error,omitempty"`
}

type CustomSMSProviderInput struct {
        UserID uuid.UUID `json:"user_id"`
        Phone  string    `json:"phone"`
        OTP    string    `json:"otp"`
}

type CustomSMSProviderOutput struct {
        Success   bool          `json:"success"`
        HookError AuthHookError `json:"error,omitempty"`
}

func (mf *MFAVerificationAttemptOutput) IsError() bool {
        return mf.HookError.Message != ""
}

func (mf *MFAVerificationAttemptOutput) Error() string {
        return mf.HookError.Message
}

func (p *PasswordVerificationAttemptOutput) IsError() bool {
        return p.HookError.Message != ""
}

func (p *PasswordVerificationAttemptOutput) Error() string {
        return p.HookError.Message
}

func (ca *CustomAccessTokenOutput) IsError() bool {
        return ca.HookError.Message != ""
}

func (ca *CustomAccessTokenOutput) Error() string {
        return ca.HookError.Message
}

func (cs *CustomSMSProviderOutput) IsError() bool {
        return cs.HookError.Message != ""
}

func (cs *CustomSMSProviderOutput) Error() string {
        return cs.HookError.Message
}

func (cs *CustomSMSProviderOutput) IsHTTPHook() bool {
        return true
}

type AuthHookError struct {
        HTTPCode int    `json:"http_code,omitempty"`
        Message  string `json:"message,omitempty"`
}

func (a *AuthHookError) Error() string {
        return a.Message
}

const (
        DefaultMFAHookRejectionMessage      = "Further MFA verification attempts will be rejected."
        DefaultPasswordHookRejectionMessage = "Further password verification attempts will be rejected."
)

1	package hooks
2
3	import (
4	"github.com/gofrs/uuid"
5	"github.com/golang-jwt/jwt"
6	"github.com/supabase/auth/internal/models"
7	)
8
9	type HookType string
10
11	const (
12	PostgresHook HookType = "pg-functions"
13	)
14
15	const (
16	// In Miliseconds
17	DefaultTimeout = 2000
18	)
19
20	// Hook Names
21	const (
22	HookRejection = "reject"
23	)
24
25	type HTTPHookInput interface {
26	IsHTTPHook()
27	}
28
29	type HookOutput interface {
30	IsError() bool
31	Error() string
32	}
33
34	// #nosec
35	const MinimumViableTokenSchema = `{
36	"$schema": "http://json-schema.org/draft-07/schema#",
37	"type": "object",
38	"properties": {
39	"aud": {
40	"type": "string"
41	},
42	"exp": {
43	"type": "integer"
44	},
45	"jti": {
46	"type": "string"
47	},
48	"iat": {
49	"type": "integer"
50	},
51	"iss": {
52	"type": "string"
53	},
54	"nbf": {
55	"type": "integer"
56	},
57	"sub": {
58	"type": "string"
59	},
60	"email": {
61	"type": "string"
62	},
63	"phone": {
64	"type": "string"
65	},
66	"app_metadata": {
67	"type": "object",
68	"additionalProperties": true
69	},
70	"user_metadata": {
71	"type": "object",
72	"additionalProperties": true
73	},
74	"role": {
75	"type": "string"
76	},
77	"aal": {
78	"type": "string"
79	},
80	"amr": {
81	"type": "array",
82	"items": {
83	"type": "object"
84	}
85	},
86	"session_id": {
87	"type": "string"
88	}
89	},
90	"required": ["aud", "exp", "iat", "sub", "email", "phone", "role", "aal", "session_id"]
91	}`
92
93	// AccessTokenClaims is a struct thats used for JWT claims
94	type AccessTokenClaims struct {
95	jwt.StandardClaims
96	Email string `json:"email"`
97	Phone string `json:"phone"`
98	AppMetaData map[string]interface{} `json:"app_metadata"`
99	UserMetaData map[string]interface{} `json:"user_metadata"`
100	Role string `json:"role"`
101	AuthenticatorAssuranceLevel string `json:"aal,omitempty"`
102	AuthenticationMethodReference []models.AMREntry `json:"amr,omitempty"`
103	SessionId string `json:"session_id,omitempty"`
104	IsAnonymous bool `json:"is_anonymous"`
105	}
106
107	type MFAVerificationAttemptInput struct {
108	UserID uuid.UUID `json:"user_id"`
109	FactorID uuid.UUID `json:"factor_id"`
110	Valid bool `json:"valid"`
111	}
112
113	type MFAVerificationAttemptOutput struct {
114	Decision string `json:"decision"`
115	Message string `json:"message"`
116	HookError AuthHookError `json:"error"`
117	}
118
119	type PasswordVerificationAttemptInput struct {
120	UserID uuid.UUID `json:"user_id"`
121	Valid bool `json:"valid"`
122	}
123
124	type PasswordVerificationAttemptOutput struct {
125	Decision string `json:"decision"`
126	Message string `json:"message"`
127	ShouldLogoutUser bool `json:"should_logout_user"`
128	HookError AuthHookError `json:"error"`
129	}
130
131	type CustomAccessTokenInput struct {
132	UserID uuid.UUID `json:"user_id"`
133	Claims *AccessTokenClaims `json:"claims"`
134	AuthenticationMethod string `json:"authentication_method"`
135	}
136
137	type CustomAccessTokenOutput struct {
138	Claims map[string]interface{} `json:"claims"`
139	HookError AuthHookError `json:"error,omitempty"`
140	}
141
142	type CustomSMSProviderInput struct {
143	UserID uuid.UUID `json:"user_id"`
144	Phone string `json:"phone"`
145	OTP string `json:"otp"`
146	}
147
148	type CustomSMSProviderOutput struct {
149	Success bool `json:"success"`
150	HookError AuthHookError `json:"error,omitempty"`
151	}
152
153	func (mf *MFAVerificationAttemptOutput) IsError() bool {	2✔
154	return mf.HookError.Message != ""	2✔
155	}	2✔
156
157	func (mf *MFAVerificationAttemptOutput) Error() string {	×
158	return mf.HookError.Message	×
159	}	×
160
161	func (p *PasswordVerificationAttemptOutput) IsError() bool {	2✔
162	return p.HookError.Message != ""	2✔
163	}	2✔
164
165	func (p *PasswordVerificationAttemptOutput) Error() string {	×
166	return p.HookError.Message	×
167	}	×
168
169	func (ca *CustomAccessTokenOutput) IsError() bool {	5✔
170	return ca.HookError.Message != ""	5✔
171	}	5✔
172
173	func (ca *CustomAccessTokenOutput) Error() string {	×
174	return ca.HookError.Message	×
175	}	×
176
NEW 177	func (cs *CustomSMSProviderOutput) IsError() bool {	×
NEW 178	return cs.HookError.Message != ""	×
NEW 179	}	×
180
NEW 181	func (cs *CustomSMSProviderOutput) Error() string {	×
NEW 182	return cs.HookError.Message	×
NEW 183	}	×
184
NEW 185	func (cs *CustomSMSProviderOutput) IsHTTPHook() bool {	×
NEW 186	return true	×
NEW 187	}	×
188
189	type AuthHookError struct {
190	HTTPCode int `json:"http_code,omitempty"`
191	Message string `json:"message,omitempty"`
192	}
193
194	func (a *AuthHookError) Error() string {	1✔
195	return a.Message	1✔
196	}	1✔
197
198	const (
199	DefaultMFAHookRejectionMessage = "Further MFA verification attempts will be rejected."
200	DefaultPasswordHookRejectionMessage = "Further password verification attempts will be rejected."
201	)

supabase / gotrue / 8316299588

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous