bbgo_origin/pkg/interact/auth.go

package interact

import (
	"errors"
	"os"
	"time"

	"github.com/pquerna/otp"
	"github.com/pquerna/otp/totp"
	log "github.com/sirupsen/logrus"
)

type AuthMode string

const (
	AuthModeOTP   AuthMode = "OTP"
	AuthModeToken AuthMode = "TOKEN"
)

var ErrAuthenticationFailed = errors.New("authentication failed")

type Authorizer interface {
	StartAuthorizing()
	Authorize() error
}

type AuthInteract struct {
	Strict bool `json:"strict,omitempty"`

	Mode AuthMode `json:"authMode"`

	Token string `json:"authToken,omitempty"`

	OneTimePasswordKey *otp.Key `json:"otpKey,omitempty"`
}

func (it *AuthInteract) Commands(interact *Interact) {
	if it.Strict {
		// generate a one-time-use otp
		if it.OneTimePasswordKey == nil {
			opts := totp.GenerateOpts{
				Issuer:      "interact",
				AccountName: os.Getenv("USER"),
				Period:      30,
			}
			log.Infof("[interact] one-time password key is not configured, generating one with %+v", opts)
			key, err := totp.Generate(opts)
			if err != nil {
				panic(err)
			}

			it.OneTimePasswordKey = key
		}
		interact.Command("/auth", "authorize", func(reply Reply, session Session) error {
			reply.Message("Please enter your authentication token")
			session.SetAuthorizing(true)
			return nil
		}).Next(func(token string, reply Reply) error {
			if token == it.Token {
				reply.Message("Token passed, please enter your one-time password")

				code, err := totp.GenerateCode(it.OneTimePasswordKey.Secret(), time.Now())
				if err != nil {
					return err
				}

				log.Infof("[interact] ======================================")
				log.Infof("[interact] your one-time password code: %s", code)
				log.Infof("[interact] ======================================")
				return nil
			}

			return ErrAuthenticationFailed
		}).NamedNext(StateAuthenticated, func(code string, reply Reply, session Session) error {
			if totp.Validate(code, it.OneTimePasswordKey.Secret()) {
				reply.Message("Great! You're authenticated!")
				session.SetOriginState(StateAuthenticated)
				session.SetAuthorized()
				return nil
			}

			reply.Message("Incorrect authentication code")
			return ErrAuthenticationFailed
		})
	} else {
		interact.Command("/auth", "authorize", func(reply Reply) error {
			switch it.Mode {
			case AuthModeToken:
				reply.Message("Enter your authentication token")

			case AuthModeOTP:
				reply.Message("Enter your one-time password")

			default:
				log.Warn("unexpected auth mode: %s", it.Mode)
			}
			return nil
		}).NamedNext(StateAuthenticated, func(code string, reply Reply, session Session) error {
			switch it.Mode {
			case AuthModeToken:
				if code == it.Token {
					reply.Message("Great! You're authenticated!")
					session.SetOriginState(StateAuthenticated)
					session.SetAuthorized()
					return nil
				}
				reply.Message("Incorrect authentication token")

			case AuthModeOTP:
				if totp.Validate(code, it.OneTimePasswordKey.Secret()) {
					reply.Message("Great! You're authenticated!")
					session.SetOriginState(StateAuthenticated)
					session.SetAuthorized()
					return nil
				}
				reply.Message("Incorrect one-time pass code")

			default:
				log.Warn("unexpected auth mode: %s", it.Mode)
			}

			return ErrAuthenticationFailed
		})
	}

}
interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00			`package interact`

			`import (`
			`"errors"`
interact: improve strict mode authentication 2022-01-13 18:13:59 +00:00			`"os"`
			`"time"`
interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00
			`"github.com/pquerna/otp"`
interact: let function evaluator returns state, inject nil if object is not found 2022-01-13 17:00:31 +00:00			`"github.com/pquerna/otp/totp"`
interact: improve strict mode authentication 2022-01-13 18:13:59 +00:00			`log "github.com/sirupsen/logrus"`
interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00			`)`

			`type AuthMode string`

			`const (`
			`AuthModeOTP AuthMode = "OTP"`
			`AuthModeToken AuthMode = "TOKEN"`
			`)`

			`var ErrAuthenticationFailed = errors.New("authentication failed")`

interact: support authorizer 2022-01-13 17:58:04 +00:00			`type Authorizer interface {`
interact: improve authentication process 2022-01-13 18:36:06 +00:00			`StartAuthorizing()`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`Authorize() error`
			`}`

interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00			`type AuthInteract struct {`
interact: support authorizer 2022-01-13 17:58:04 +00:00			Strict bool `json:"strict,omitempty"`

interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00			Mode AuthMode `json:"authMode"`

			Token string `json:"authToken,omitempty"`

			OneTimePasswordKey *otp.Key `json:"otpKey,omitempty"`
			`}`

interact: let function evaluator returns state, inject nil if object is not found 2022-01-13 17:00:31 +00:00			`func (it AuthInteract) Commands(interact Interact) {`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`if it.Strict {`
interact: improve strict mode authentication 2022-01-13 18:13:59 +00:00			`// generate a one-time-use otp`
			`if it.OneTimePasswordKey == nil {`
			`opts := totp.GenerateOpts{`
			`Issuer: "interact",`
			`AccountName: os.Getenv("USER"),`
			`Period: 30,`
			`}`
			`log.Infof("[interact] one-time password key is not configured, generating one with %+v", opts)`
			`key, err := totp.Generate(opts)`
			`if err != nil {`
			`panic(err)`
			`}`

			`it.OneTimePasswordKey = key`
			`}`
interact: separate telegram user sessions 2022-01-15 16:25:11 +00:00			`interact.Command("/auth", "authorize", func(reply Reply, session Session) error {`
interact: fix slack response and slash command handling 2022-01-22 17:35:27 +00:00			`reply.Message("Please enter your authentication token")`
interact: separate telegram user sessions 2022-01-15 16:25:11 +00:00			`session.SetAuthorizing(true)`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`return nil`
			`}).Next(func(token string, reply Reply) error {`
			`if token == it.Token {`
			`reply.Message("Token passed, please enter your one-time password")`
interact: improve strict mode authentication 2022-01-13 18:13:59 +00:00
			`code, err := totp.GenerateCode(it.OneTimePasswordKey.Secret(), time.Now())`
			`if err != nil {`
			`return err`
			`}`

			`log.Infof("[interact] ======================================")`
			`log.Infof("[interact] your one-time password code: %s", code)`
			`log.Infof("[interact] ======================================")`
interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00			`return nil`
			`}`
interact: improve strict mode authentication 2022-01-13 18:13:59 +00:00
interact: support authorizer 2022-01-13 17:58:04 +00:00			`return ErrAuthenticationFailed`
interact: separate telegram user sessions 2022-01-15 16:25:11 +00:00			`}).NamedNext(StateAuthenticated, func(code string, reply Reply, session Session) error {`
interact: let function evaluator returns state, inject nil if object is not found 2022-01-13 17:00:31 +00:00			`if totp.Validate(code, it.OneTimePasswordKey.Secret()) {`
			`reply.Message("Great! You're authenticated!")`
interact: separate telegram user sessions 2022-01-15 16:25:11 +00:00			`session.SetOriginState(StateAuthenticated)`
			`session.SetAuthorized()`
			`return nil`
interact: let function evaluator returns state, inject nil if object is not found 2022-01-13 17:00:31 +00:00			`}`
interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00
interact: support authorizer 2022-01-13 17:58:04 +00:00			`reply.Message("Incorrect authentication code")`
			`return ErrAuthenticationFailed`
			`})`
			`} else {`
interact: add command description 2022-01-13 18:57:39 +00:00			`interact.Command("/auth", "authorize", func(reply Reply) error {`
Update auth.go refine message 2022-04-16 13:25:46 +00:00			`switch it.Mode {`
			`case AuthModeToken:`
			`reply.Message("Enter your authentication token")`

			`case AuthModeOTP:`
			`reply.Message("Enter your one-time password")`
interact: add more error check for /auth command 2022-04-16 16:06:37 +00:00
			`default:`
			`log.Warn("unexpected auth mode: %s", it.Mode)`
Update auth.go refine message 2022-04-16 13:25:46 +00:00			`}`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`return nil`
interact: separate telegram user sessions 2022-01-15 16:25:11 +00:00			`}).NamedNext(StateAuthenticated, func(code string, reply Reply, session Session) error {`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`switch it.Mode {`
			`case AuthModeToken:`
			`if code == it.Token {`
			`reply.Message("Great! You're authenticated!")`
interact: separate telegram user sessions 2022-01-15 16:25:11 +00:00			`session.SetOriginState(StateAuthenticated)`
			`session.SetAuthorized()`
			`return nil`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`}`
interact: add more error check for /auth command 2022-04-16 16:06:37 +00:00			`reply.Message("Incorrect authentication token")`
interact: support authorizer 2022-01-13 17:58:04 +00:00
			`case AuthModeOTP:`
			`if totp.Validate(code, it.OneTimePasswordKey.Secret()) {`
			`reply.Message("Great! You're authenticated!")`
interact: separate telegram user sessions 2022-01-15 16:25:11 +00:00			`session.SetOriginState(StateAuthenticated)`
			`session.SetAuthorized()`
			`return nil`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`}`
interact: add more error check for /auth command 2022-04-16 16:06:37 +00:00			`reply.Message("Incorrect one-time pass code")`

			`default:`
			`log.Warn("unexpected auth mode: %s", it.Mode)`
interact: support authorizer 2022-01-13 17:58:04 +00:00			`}`

			`return ErrAuthenticationFailed`
			`})`
			`}`

interact: pull out authentication interaction 2022-01-13 16:26:53 +00:00			`}`