initial commit

backend/internal/model/application_configuration.go

@@ -0,0 +1,19 @@
+package model
+
+type ApplicationConfigurationVariable struct {
+	Key        string `gorm:"primaryKey;not null" json:"key"`
+	Type       string `json:"type"`
+	IsPublic   bool   `json:"-"`
+	IsInternal bool   `json:"-"`
+	Value      string `json:"value"`
+}
+
+type ApplicationConfiguration struct {
+	AppName             ApplicationConfigurationVariable
+	BackgroundImageType ApplicationConfigurationVariable
+	LogoImageType       ApplicationConfigurationVariable
+}
+
+type ApplicationConfigurationUpdateDto struct {
+	AppName string `json:"appName" binding:"required"`
+}

backend/internal/model/base.go

@@ -0,0 +1,20 @@
+package model
+
+import (
+	"github.com/google/uuid"
+	"gorm.io/gorm"
+	"time"
+)
+
+// Base contains common columns for all tables.
+type Base struct {
+	ID        string    `gorm:"primaryKey;not null" json:"id"`
+	CreatedAt time.Time `json:"createdAt"`
+}
+
+func (b *Base) BeforeCreate(db *gorm.DB) (err error) {
+	if b.ID == "" {
+		b.ID = uuid.New().String()
+	}
+	return
+}

backend/internal/model/oidc.go

@@ -0,0 +1,65 @@
+package model
+
+import (
+	"gorm.io/gorm"
+	"time"
+)
+
+type UserAuthorizedOidcClient struct {
+	Scope  string
+	UserID string `json:"userId" gorm:"primary_key;"`
+
+	ClientID string `json:"clientId" gorm:"primary_key;"`
+	Client   OidcClient
+}
+
+type OidcClient struct {
+	Base
+
+	Name        string  `json:"name"`
+	Secret      string  `json:"-"`
+	CallbackURL string  `json:"callbackURL"`
+	ImageType   *string `json:"-"`
+	HasLogo     bool    `gorm:"-" json:"hasLogo"`
+
+	CreatedByID string
+	CreatedBy   User
+}
+
+func (c *OidcClient) AfterFind(_ *gorm.DB) (err error) {
+	// Compute HasLogo field
+	c.HasLogo = c.ImageType != nil && *c.ImageType != ""
+	return nil
+}
+
+type OidcAuthorizationCode struct {
+	Base
+
+	Code      string
+	Scope     string
+	Nonce     string
+	ExpiresAt time.Time
+
+	UserID string
+	User   User
+
+	ClientID string
+}
+
+type OidcClientCreateDto struct {
+	Name        string `json:"name" binding:"required"`
+	CallbackURL string `json:"callbackURL" binding:"required"`
+}
+
+type AuthorizeNewClientDto struct {
+	ClientID string `json:"clientID" binding:"required"`
+	Scope    string `json:"scope" binding:"required"`
+	Nonce    string `json:"nonce"`
+}
+
+type OidcIdTokenDto struct {
+	GrantType    string `form:"grant_type" binding:"required"`
+	Code         string `form:"code" binding:"required"`
+	ClientID     string `form:"client_id"`
+	ClientSecret string `form:"client_secret"`
+}

backend/internal/model/user.go

@@ -0,0 +1,73 @@
+package model
+
+import (
+	"github.com/go-webauthn/webauthn/protocol"
+	"github.com/go-webauthn/webauthn/webauthn"
+	"time"
+)
+
+type User struct {
+	Base
+
+	Username  string `json:"username"`
+	Email     string `json:"email" `
+	FirstName string `json:"firstName"`
+	LastName  string `json:"lastName"`
+	IsAdmin   bool   `json:"isAdmin"`
+
+	Credentials []WebauthnCredential `json:"-"`
+}
+
+func (u User) WebAuthnID() []byte { return []byte(u.ID) }
+
+func (u User) WebAuthnName() string { return u.Username }
+
+func (u User) WebAuthnDisplayName() string { return u.FirstName + " " + u.LastName }
+
+func (u User) WebAuthnIcon() string { return "" }
+
+func (u User) WebAuthnCredentials() []webauthn.Credential {
+	credentials := make([]webauthn.Credential, len(u.Credentials))
+
+	for i, credential := range u.Credentials {
+		credentials[i] = webauthn.Credential{
+			ID:              []byte(credential.CredentialID),
+			AttestationType: credential.AttestationType,
+			PublicKey:       credential.PublicKey,
+			Transport:       credential.Transport,
+		}
+
+	}
+	return credentials
+}
+
+func (u User) WebAuthnCredentialDescriptors() (descriptors []protocol.CredentialDescriptor) {
+	credentials := u.WebAuthnCredentials()
+
+	descriptors = make([]protocol.CredentialDescriptor, len(credentials))
+
+	for i, credential := range credentials {
+		descriptors[i] = credential.Descriptor()
+	}
+
+	return descriptors
+}
+
+type OneTimeAccessToken struct {
+	Base
+	Token     string    `json:"token"`
+	ExpiresAt time.Time `json:"expiresAt"`
+
+	UserID string `json:"userId"`
+	User   User
+}
+
+type OneTimeAccessTokenCreateDto struct {
+	UserID    string    `json:"userId" binding:"required"`
+	ExpiresAt time.Time `json:"expiresAt" binding:"required"`
+}
+
+type LoginUserDto struct {
+	Username string `json:"username" binding:"required"`
+	Password string `json:"password" binding:"required"`
+}

backend/internal/model/webauthn.go

@@ -0,0 +1,45 @@
+package model
+
+import (
+	"database/sql/driver"
+	"encoding/json"
+	"errors"
+	"github.com/go-webauthn/webauthn/protocol"
+	"time"
+)
+
+type WebauthnSession struct {
+	Base
+
+	Challenge        string
+	ExpiresAt        time.Time
+	UserVerification string
+}
+
+type WebauthnCredential struct {
+	Base
+
+	Name            string                     `json:"name"`
+	CredentialID    string                     `json:"credentialID"`
+	PublicKey       []byte                     `json:"publicKey"`
+	AttestationType string                     `json:"attestationType"`
+	Transport       AuthenticatorTransportList `json:"-"`
+
+	UserID string
+}
+
+type AuthenticatorTransportList []protocol.AuthenticatorTransport
+
+// Scan and Value methods for GORM to handle the custom type
+func (atl *AuthenticatorTransportList) Scan(value interface{}) error {
+
+	if v, ok := value.([]byte); ok {
+		return json.Unmarshal(v, atl)
+	} else {
+		return errors.New("type assertion to []byte failed")
+	}
+}
+
+func (atl AuthenticatorTransportList) Value() (driver.Value, error) {
+	return json.Marshal(atl)
+}