FIWARE / VCVerifier / 18713115930

coverage: 43.214% (-1.0%) from 44.17%
18713115930

push

github

web-flow 
Merge pull request #67 from FIWARE/token-exchang

Token exchange

171 of 426 new or added lines in 6 files covered. (40.14%)

3 existing lines in 3 files now uncovered.

1592 of 3684 relevant lines covered (43.21%)

0.49 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

34.95
/openapi/api_frontend.go
1 
/*
2 
 * vcverifier
3 
 *
4 
 * Backend component to verify credentials
5 
 *
6 
 * API version: 0.0.1
7 
 * Generated by: OpenAPI Generator (https://openapi-generator.tech)
8 
 */
9 









10



package openapi










11












12



import (










13



        "net/http"










14



        "slices"










15












16



        "github.com/fiware/VCVerifier/logging"










17



        "github.com/fiware/VCVerifier/verifier"










18












19



        "github.com/gin-gonic/gin"










20



)










21












22



const DEFAULT_REQUEST_MODE = verifier.REQUEST_MODE_BY_REFERENCE










23












24



var frontendVerifier verifier.Verifier










25



var requestObjectClient *verifier.RequestObjectClient










26












27



func getFrontendVerifier() verifier.Verifier {




1





28



        if frontendVerifier == nil {




1





29



                frontendVerifier = verifier.GetVerifier()




×







30



        }




×







31



        return frontendVerifier




1





32



}










33












34



func getRequestObjectClient() *verifier.RequestObjectClient {




×







35



        if requestObjectClient == nil {




×







36



                requestObjectClient = verifier.NewRequestObjectClient()




×







37



        }




×







38



        return requestObjectClient




×







39



}










40












41



// VerifierPageDisplayQRSIOP - Presents a qr as starting point for the auth process










42



func VerifierPageDisplayQRSIOP(c *gin.Context) {




1





43






1





44



        state, stateExists := c.GetQuery("state")




1





45



        if !stateExists {




2






46



                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoState)




1





47



                // early exit




1





48



                return




1





49



        }




1





50












51



        callback, callbackExists := c.GetQuery("client_callback")




1





52



        if !callbackExists {




2






53



                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoCallback)




1





54



                // early exit




1





55



                return




1





56



        }




1





57












58



        clientId, clientIdExists := c.GetQuery("client_id")




1





59



        if !clientIdExists {




2





60



                logging.Log().Infof("Start a login flow for a not specified client.")




1





61



        }




1





62












63



        nonce, nonceExists := c.GetQuery("nonce")




1





64



        if !nonceExists {




2





65



                nonce = ""




1





66



        }




1





67












68



        requestMode, requestModeExists := c.GetQuery("request_mode")




1





69



        if !requestModeExists {




2





70



                logging.Log().Infof("Using default request mode %s.", DEFAULT_REQUEST_MODE)




1





71



                requestMode = DEFAULT_REQUEST_MODE




1





72



        }




1





73












74



        qr, err := getFrontendVerifier().ReturnLoginQR(c.Request.Host, "https", callback, state, clientId, nonce, requestMode)




1





75



        if err != nil {




2






76



                c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessage{"qr_generation_error", err.Error()})




1





77



                return




1





78



        }




1





79












80



        c.HTML(http.StatusOK, "verifier_present_qr", gin.H{"qrcode": qr})




1





81



}










82












83



// VerifierLoginQr - Presents a qr as starting point for the auth process










84



func VerifierLoginQr(c *gin.Context) {




×







85






×







86



        state, stateExists := c.GetQuery("state")




×







87



        if !stateExists {




×








NEW


88



                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoState)




×







89



                // early exit




×







90



                return




×







91



        }




×







92












93



        redirectUri, redirectUriExists := c.GetQuery("redirect_uri")




×







94



        requestUri, requestUriExists := c.GetQuery("request_uri")




×







95






×







96



        if !redirectUriExists && !requestUriExists {




×








NEW


97



                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoRedircetUri)




×







98



                // early exit




×







99



                return




×







100



        }




×







101












102



        clientId, clientIdExists := c.GetQuery("client_id")




×







103



        if !clientIdExists {




×







104



                logging.Log().Infof("Start a login flow for a not specified client.")




×







105



        }




×







106












107



        scope, scopeExists := c.GetQuery("scope")




×







108



        if !scopeExists {




×







109



                logging.Log().Infof("Start a login flow with default scope.")




×







110



                scope = ""




×







111



        }




×







112












113



        if requestUriExists {




×







114



                logging.Log().Debug("Requesting the client for its request object.")




×







115



                cro, err := getRequestObjectClient().GetClientRequestObject(requestUri)




×







116



                if err != nil {




×







117



                        logging.Log().Warnf("Was not able to get request object. Err: %v", err)




×








NEW


118



                        c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessageUnresolvableRequestObject)




×







119



                        return




×







120



                }




×







121



                if !slices.Contains(cro.Aud, getFrontendVerifier().GetHost()) {




×








NEW


122



                        c.AbortWithStatusJSON(http.StatusInternalServerError, ErrorMessageInvalidAudience)




×







123



                        return




×







124



                }




×







125












126



                clientId = cro.ClientId




×







127



                scope = cro.Scope




×







128



                redirectUri = cro.RedirectUri




×







129



        }










130












131



        nonce, nonceExists := c.GetQuery("nonce")




×







132



        if !nonceExists {




×








NEW


133



                c.AbortWithStatusJSON(http.StatusBadRequest, ErrorMessageNoNonce)




×







134



                // early exit




×







135



                return




×







136



        }




×







137












138



        requestMode, requestModeExists := c.GetQuery("request_mode")




×







139



        if !requestModeExists {




×







140



                logging.Log().Infof("Using default request mode %s.", DEFAULT_REQUEST_MODE)




×







141



                requestMode = DEFAULT_REQUEST_MODE




×







142



        }




×







143












144



        qr, err := getFrontendVerifier().ReturnLoginQRV2(c.Request.Host, "https", redirectUri, state, clientId, scope, nonce, requestMode)




×







145



        if err != nil {




×







146



                c.AbortWithStatusJSON(500, ErrorMessage{"qr_generation_error", err.Error()})




×







147



                return




×







148



        }




×







149












150



        c.HTML(http.StatusOK, "verifier_present_qr_v2", gin.H{"qrcode": qr, "wsUrl": getFrontendVerifier().GetHost() + "/ws?state=" + state})




×







151



}










152












153



// VerifierPageLoginExpired - Presents a page when the login session is expired










154



func VerifierPageLoginExpired(c *gin.Context) {




×







155



        c.JSON(http.StatusOK, gin.H{})




×







156



}




×





















    

  • 

    •