wg-portal/internal/domain/auth.go

package domain

import (
	"fmt"
	"strings"
)

type LoginProvider string

type LoginProviderInfo struct {
	Identifier  string
	Name        string
	ProviderUrl string
	CallbackUrl string
}

type AuthenticatorUserInfo struct {
	Identifier         UserIdentifier
	Email              string
	UserGroups         []string
	Firstname          string
	Lastname           string
	Phone              string
	Department         string
	IsAdmin            bool
	AdminInfoAvailable bool // true if the IsAdmin flag is valid
}

// Sanitize sanitizes all external identity provider fields in place.
// Returns ErrInvalidData if the identifier becomes empty after sanitization.
func (u *AuthenticatorUserInfo) Sanitize(providerType, providerName string) error {
	identifier := string(u.Identifier)
	LogSanitizeChange(providerType, providerName, "identifier", identifier,
		func() string { return SanitizeIdentifier(identifier, 256) }, &identifier)
	u.Identifier = UserIdentifier(identifier)

	email := u.Email
	LogSanitizeChange(providerType, providerName, "email", email,
		func() string { return SanitizeEmail(email, 254) }, &u.Email)
	LogSanitizeChange(providerType, providerName, "firstname", u.Firstname,
		func() string { return SanitizeString(u.Firstname, 128) }, &u.Firstname)
	LogSanitizeChange(providerType, providerName, "lastname", u.Lastname,
		func() string { return SanitizeString(u.Lastname, 128) }, &u.Lastname)
	LogSanitizeChange(providerType, providerName, "phone", u.Phone,
		func() string { return SanitizePhone(u.Phone, 50) }, &u.Phone)
	LogSanitizeChange(providerType, providerName, "department", u.Department,
		func() string { return SanitizeString(u.Department, 128) }, &u.Department)

	u.UserGroups = sanitizeGroups(providerType, providerName, u.UserGroups)

	if u.Identifier == "" {
		return fmt.Errorf("empty user identifier: %w", ErrInvalidData)
	}

	return nil
}

// sanitizeGroups sanitizes group names, dropping any that were modified by sanitization.
func sanitizeGroups(providerType, providerName string, rawGroups []string) []string {
	if len(rawGroups) == 0 {
		return rawGroups
	}

	groups := make([]string, 0, len(rawGroups))
	for _, rawGroup := range rawGroups {
		sanitized := rawGroup
		LogSanitizeChange(providerType, providerName, "user_group", rawGroup,
			func() string { return SanitizeString(rawGroup, 256) }, &sanitized)
		if sanitized == "" || sanitized != strings.TrimSpace(rawGroup) {
			continue
		}
		groups = append(groups, sanitized)
	}

	return groups
}
V2 alpha - initial version (#172) Initial alpha codebase for version 2 of WireGuard Portal. This version is considered unstable and incomplete (for example, no public REST API)! Use with care! Fixes/Implements the following issues: - OAuth support #154, #1 - New Web UI with internationalisation support #98, #107, #89, #62 - Postgres Support #49 - Improved Email handling #47, #119 - DNS Search Domain support #46 - Bugfixes #94, #48 --------- Co-authored-by: Fabian Wechselberger <wechselbergerf@hotmail.com> 2023-08-04 13:34:18 +02:00			`package domain`

feat: sanitize external identity provider user data (#681) * feat: sanitize external user data * remove config option to disable Sanitization: sanitize_external_user_data * cleanup --------- Co-authored-by: Christoph Haas <christoph.h@sprinternet.at> 2026-05-18 23:28:27 +03:00			`import (`
			`"fmt"`
			`"strings"`
			`)`

V2 alpha - initial version (#172) Initial alpha codebase for version 2 of WireGuard Portal. This version is considered unstable and incomplete (for example, no public REST API)! Use with care! Fixes/Implements the following issues: - OAuth support #154, #1 - New Web UI with internationalisation support #98, #107, #89, #62 - Postgres Support #49 - Improved Email handling #47, #119 - DNS Search Domain support #46 - Bugfixes #94, #48 --------- Co-authored-by: Fabian Wechselberger <wechselbergerf@hotmail.com> 2023-08-04 13:34:18 +02:00			`type LoginProvider string`

			`type LoginProviderInfo struct {`
			`Identifier string`
			`Name string`
			`ProviderUrl string`
			`CallbackUrl string`
			`}`

			`type AuthenticatorUserInfo struct {`
feat: allow multiple auth sources per user (#500,#477) (#612) * feat: allow multiple auth sources per user (#500,#477) * only override isAdmin flag if it is provided by the authentication source 2026-01-21 22:22:22 +01:00			`Identifier UserIdentifier`
			`Email string`
Add support for auth.oidc.allowed_user_groups (#667) (#668) Signed-off-by: Michael Tupitsyn <michael.tupitsyn@gmail.com> 2026-04-11 09:24:18 -07:00			`UserGroups []string`
feat: allow multiple auth sources per user (#500,#477) (#612) * feat: allow multiple auth sources per user (#500,#477) * only override isAdmin flag if it is provided by the authentication source 2026-01-21 22:22:22 +01:00			`Firstname string`
			`Lastname string`
			`Phone string`
			`Department string`
			`IsAdmin bool`
			`AdminInfoAvailable bool // true if the IsAdmin flag is valid`
V2 alpha - initial version (#172) Initial alpha codebase for version 2 of WireGuard Portal. This version is considered unstable and incomplete (for example, no public REST API)! Use with care! Fixes/Implements the following issues: - OAuth support #154, #1 - New Web UI with internationalisation support #98, #107, #89, #62 - Postgres Support #49 - Improved Email handling #47, #119 - DNS Search Domain support #46 - Bugfixes #94, #48 --------- Co-authored-by: Fabian Wechselberger <wechselbergerf@hotmail.com> 2023-08-04 13:34:18 +02:00			`}`
feat: sanitize external identity provider user data (#681) * feat: sanitize external user data * remove config option to disable Sanitization: sanitize_external_user_data * cleanup --------- Co-authored-by: Christoph Haas <christoph.h@sprinternet.at> 2026-05-18 23:28:27 +03:00
			`// Sanitize sanitizes all external identity provider fields in place.`
			`// Returns ErrInvalidData if the identifier becomes empty after sanitization.`
			`func (u *AuthenticatorUserInfo) Sanitize(providerType, providerName string) error {`
			`identifier := string(u.Identifier)`
			`LogSanitizeChange(providerType, providerName, "identifier", identifier,`
			`func() string { return SanitizeIdentifier(identifier, 256) }, &identifier)`
			`u.Identifier = UserIdentifier(identifier)`

			`email := u.Email`
			`LogSanitizeChange(providerType, providerName, "email", email,`
			`func() string { return SanitizeEmail(email, 254) }, &u.Email)`
			`LogSanitizeChange(providerType, providerName, "firstname", u.Firstname,`
			`func() string { return SanitizeString(u.Firstname, 128) }, &u.Firstname)`
			`LogSanitizeChange(providerType, providerName, "lastname", u.Lastname,`
			`func() string { return SanitizeString(u.Lastname, 128) }, &u.Lastname)`
			`LogSanitizeChange(providerType, providerName, "phone", u.Phone,`
			`func() string { return SanitizePhone(u.Phone, 50) }, &u.Phone)`
			`LogSanitizeChange(providerType, providerName, "department", u.Department,`
			`func() string { return SanitizeString(u.Department, 128) }, &u.Department)`

			`u.UserGroups = sanitizeGroups(providerType, providerName, u.UserGroups)`

			`if u.Identifier == "" {`
			`return fmt.Errorf("empty user identifier: %w", ErrInvalidData)`
			`}`

			`return nil`
			`}`

			`// sanitizeGroups sanitizes group names, dropping any that were modified by sanitization.`
			`func sanitizeGroups(providerType, providerName string, rawGroups []string) []string {`
			`if len(rawGroups) == 0 {`
			`return rawGroups`
			`}`

			`groups := make([]string, 0, len(rawGroups))`
			`for _, rawGroup := range rawGroups {`
			`sanitized := rawGroup`
			`LogSanitizeChange(providerType, providerName, "user_group", rawGroup,`
			`func() string { return SanitizeString(rawGroup, 256) }, &sanitized)`
			`if sanitized == "" \|\| sanitized != strings.TrimSpace(rawGroup) {`
			`continue`
			`}`
			`groups = append(groups, sanitized)`
			`}`

			`return groups`
			`}`