|
| 1 | +// Copyright 2019 Google Inc. All Rights Reserved. |
| 2 | +// |
| 3 | +// Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | +// you may not use this file except in compliance with the License. |
| 5 | +// You may obtain a copy of the License at |
| 6 | +// |
| 7 | +// http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | +// |
| 9 | +// Unless required by applicable law or agreed to in writing, software |
| 10 | +// distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | +// See the License for the specific language governing permissions and |
| 13 | +// limitations under the License. |
| 14 | + |
| 15 | +package auth |
| 16 | + |
| 17 | +import ( |
| 18 | + "context" |
| 19 | + "encoding/json" |
| 20 | + |
| 21 | + identitytoolkit "google.golang.org/api/identitytoolkit/v3" |
| 22 | + "google.golang.org/api/iterator" |
| 23 | +) |
| 24 | + |
| 25 | +const maxReturnedResults = 1000 |
| 26 | + |
| 27 | +// Users returns an iterator over Users. |
| 28 | +// |
| 29 | +// If nextPageToken is empty, the iterator will start at the beginning. |
| 30 | +// If the nextPageToken is not empty, the iterator starts after the token. |
| 31 | +func (c *Client) Users(ctx context.Context, nextPageToken string) *UserIterator { |
| 32 | + it := &UserIterator{ |
| 33 | + ctx: ctx, |
| 34 | + client: c, |
| 35 | + } |
| 36 | + it.pageInfo, it.nextFunc = iterator.NewPageInfo( |
| 37 | + it.fetch, |
| 38 | + func() int { return len(it.users) }, |
| 39 | + func() interface{} { b := it.users; it.users = nil; return b }) |
| 40 | + it.pageInfo.MaxSize = maxReturnedResults |
| 41 | + it.pageInfo.Token = nextPageToken |
| 42 | + return it |
| 43 | +} |
| 44 | + |
| 45 | +// UserIterator is an iterator over Users. |
| 46 | +// |
| 47 | +// Also see: https://github.com/GoogleCloudPlatform/google-cloud-go/wiki/Iterator-Guidelines |
| 48 | +type UserIterator struct { |
| 49 | + client *Client |
| 50 | + ctx context.Context |
| 51 | + nextFunc func() error |
| 52 | + pageInfo *iterator.PageInfo |
| 53 | + users []*ExportedUserRecord |
| 54 | +} |
| 55 | + |
| 56 | +// PageInfo supports pagination. See the google.golang.org/api/iterator package for details. |
| 57 | +// Page size can be determined by the NewPager(...) function described there. |
| 58 | +func (it *UserIterator) PageInfo() *iterator.PageInfo { return it.pageInfo } |
| 59 | + |
| 60 | +// Next returns the next result. Its second return value is [iterator.Done] if |
| 61 | +// there are no more results. Once Next returns [iterator.Done], all subsequent |
| 62 | +// calls will return [iterator.Done]. |
| 63 | +func (it *UserIterator) Next() (*ExportedUserRecord, error) { |
| 64 | + if err := it.nextFunc(); err != nil { |
| 65 | + return nil, err |
| 66 | + } |
| 67 | + user := it.users[0] |
| 68 | + it.users = it.users[1:] |
| 69 | + return user, nil |
| 70 | +} |
| 71 | + |
| 72 | +func (it *UserIterator) fetch(pageSize int, pageToken string) (string, error) { |
| 73 | + request := &identitytoolkit.IdentitytoolkitRelyingpartyDownloadAccountRequest{ |
| 74 | + MaxResults: int64(pageSize), |
| 75 | + NextPageToken: pageToken, |
| 76 | + } |
| 77 | + call := it.client.is.Relyingparty.DownloadAccount(request) |
| 78 | + it.client.setHeader(call) |
| 79 | + resp, err := call.Context(it.ctx).Do() |
| 80 | + if err != nil { |
| 81 | + return "", handleServerError(err) |
| 82 | + } |
| 83 | + |
| 84 | + for _, u := range resp.Users { |
| 85 | + eu, err := makeExportedUser(u) |
| 86 | + if err != nil { |
| 87 | + return "", err |
| 88 | + } |
| 89 | + it.users = append(it.users, eu) |
| 90 | + } |
| 91 | + it.pageInfo.Token = resp.NextPageToken |
| 92 | + return resp.NextPageToken, nil |
| 93 | +} |
| 94 | + |
| 95 | +// ExportedUserRecord is the returned user value used when listing all the users. |
| 96 | +type ExportedUserRecord struct { |
| 97 | + *UserRecord |
| 98 | + PasswordHash string |
| 99 | + PasswordSalt string |
| 100 | +} |
| 101 | + |
| 102 | +func makeExportedUser(r *identitytoolkit.UserInfo) (*ExportedUserRecord, error) { |
| 103 | + var cc map[string]interface{} |
| 104 | + if r.CustomAttributes != "" { |
| 105 | + if err := json.Unmarshal([]byte(r.CustomAttributes), &cc); err != nil { |
| 106 | + return nil, err |
| 107 | + } |
| 108 | + if len(cc) == 0 { |
| 109 | + cc = nil |
| 110 | + } |
| 111 | + } |
| 112 | + |
| 113 | + var providerUserInfo []*UserInfo |
| 114 | + for _, u := range r.ProviderUserInfo { |
| 115 | + info := &UserInfo{ |
| 116 | + DisplayName: u.DisplayName, |
| 117 | + Email: u.Email, |
| 118 | + PhoneNumber: u.PhoneNumber, |
| 119 | + PhotoURL: u.PhotoUrl, |
| 120 | + ProviderID: u.ProviderId, |
| 121 | + UID: u.RawId, |
| 122 | + } |
| 123 | + providerUserInfo = append(providerUserInfo, info) |
| 124 | + } |
| 125 | + |
| 126 | + resp := &ExportedUserRecord{ |
| 127 | + UserRecord: &UserRecord{ |
| 128 | + UserInfo: &UserInfo{ |
| 129 | + DisplayName: r.DisplayName, |
| 130 | + Email: r.Email, |
| 131 | + PhoneNumber: r.PhoneNumber, |
| 132 | + PhotoURL: r.PhotoUrl, |
| 133 | + ProviderID: defaultProviderID, |
| 134 | + UID: r.LocalId, |
| 135 | + }, |
| 136 | + CustomClaims: cc, |
| 137 | + Disabled: r.Disabled, |
| 138 | + EmailVerified: r.EmailVerified, |
| 139 | + ProviderUserInfo: providerUserInfo, |
| 140 | + TokensValidAfterMillis: r.ValidSince * 1000, |
| 141 | + UserMetadata: &UserMetadata{ |
| 142 | + LastLogInTimestamp: r.LastLoginAt, |
| 143 | + CreationTimestamp: r.CreatedAt, |
| 144 | + }, |
| 145 | + }, |
| 146 | + PasswordHash: r.PasswordHash, |
| 147 | + PasswordSalt: r.Salt, |
| 148 | + } |
| 149 | + return resp, nil |
| 150 | +} |
0 commit comments