From c26edcf6786fd8aa1535c09e9581fc6417cddda4 Mon Sep 17 00:00:00 2001 From: JoramWilander Date: Thu, 14 Jan 2016 08:23:48 -0500 Subject: Final updates --- .gitignore | 2 ++ api/license.go | 19 ++++++++++++------- api/user.go | 4 ++++ config/config.json | 23 +++++++++++++++++++++++ mattermost.go | 5 ++++- model/license.go | 23 ++++++++++++++++++++--- utils/license.go | 37 +++++++++++++++++++++---------------- 7 files changed, 86 insertions(+), 27 deletions(-) diff --git a/.gitignore b/.gitignore index dab6b8373..5d6fc98e5 100644 --- a/.gitignore +++ b/.gitignore @@ -9,6 +9,8 @@ web/static/js/bundle*.js web/static/js/bundle*.js.map web/static/js/libs*.js +config/active.dat + # Build Targets .prepare .prepare-go diff --git a/api/license.go b/api/license.go index 9ed2d2afb..06bde2b6c 100644 --- a/api/license.go +++ b/api/license.go @@ -69,14 +69,15 @@ func addLicense(c *Context, w http.ResponseWriter, r *http.Request) { return } - go func() { - if err := writeFileLocally(data, utils.LICENSE_FILE_LOC); err != nil { - l4g.Error("Could not save license file") - } - }() + if err := writeFileLocally(data, utils.LicenseLocation()); err != nil { + c.LogAudit("failed - could not save license file") + c.Err = model.NewAppError("addLicense", "License did not save properly.", "path="+utils.LicenseLocation()) + utils.RemoveLicense() + return + } } else { c.LogAudit("failed - invalid license") - c.Err = model.NewAppError("addLicense", "Invalid license file", "") + c.Err = model.NewAppError("addLicense", "Invalid license file.", "") return } @@ -87,7 +88,11 @@ func addLicense(c *Context, w http.ResponseWriter, r *http.Request) { func removeLicense(c *Context, w http.ResponseWriter, r *http.Request) { c.LogAudit("") - utils.RemoveLicense() + if ok := utils.RemoveLicense(); !ok { + c.LogAudit("failed - could not remove license file") + c.Err = model.NewAppError("removeLicense", "License did not remove properly.", "") + return + } rdata := map[string]string{} rdata["status"] = "ok" diff --git a/api/user.go b/api/user.go index 786414227..a6b4fb654 100644 --- a/api/user.go +++ b/api/user.go @@ -142,6 +142,10 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) { } func CheckUserDomain(user *model.User, domains string) bool { + if len(domains) == 0 { + return true + } + domainArray := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(domains, "@", " ", -1), ",", " ", -1)))) matched := false diff --git a/config/config.json b/config/config.json index 076f795cc..907b66828 100644 --- a/config/config.json +++ b/config/config.json @@ -107,5 +107,28 @@ "AuthEndpoint": "", "TokenEndpoint": "", "UserApiEndpoint": "" + }, + "GoogleSettings": { + "Enable": false, + "Secret": "", + "Id": "", + "Scope": "", + "AuthEndpoint": "", + "TokenEndpoint": "", + "UserApiEndpoint": "" + }, + "LdapSettings": { + "Enable": false, + "LdapServer": null, + "LdapPort": 389, + "BaseDN": null, + "BindUsername": null, + "BindPassword": null, + "FirstNameAttribute": null, + "LastNameAttribute": null, + "EmailAttribute": null, + "UsernameAttribute": null, + "IdAttribute": null, + "QueryTimeout": 60 } } \ No newline at end of file diff --git a/mattermost.go b/mattermost.go index f6abb9019..7ebda451f 100644 --- a/mattermost.go +++ b/mattermost.go @@ -31,7 +31,10 @@ import ( _ "github.com/go-ldap/ldap" ) -//ENTERPRISE_IMPORTS +import ( + _ "github.com/mattermost/enterprise/oauth/google" + _ "github.com/mattermost/enterprise/ldap" +) var flagCmdCreateTeam bool var flagCmdCreateUser bool diff --git a/model/license.go b/model/license.go index 20e49d668..a271b46b7 100644 --- a/model/license.go +++ b/model/license.go @@ -26,9 +26,26 @@ type Customer struct { } type Features struct { - Users int `json:"users"` - LDAP bool `json:"ldap"` - GoogleSSO bool `json:"google_sso"` + Users *int `json:"users"` + LDAP *bool `json:"ldap"` + GoogleSSO *bool `json:"google_sso"` +} + +func (f *Features) SetDefaults() { + if f.Users == nil { + f.Users = new(int) + *f.Users = 0 + } + + if f.LDAP == nil { + f.LDAP = new(bool) + *f.LDAP = true + } + + if f.GoogleSSO == nil { + f.GoogleSSO = new(bool) + *f.GoogleSSO = true + } } func (l *License) IsExpired() bool { diff --git a/utils/license.go b/utils/license.go index 1f8e24f32..84d5bae02 100644 --- a/utils/license.go +++ b/utils/license.go @@ -7,12 +7,13 @@ import ( "bytes" "crypto" "crypto/rsa" - "crypto/sha256" + "crypto/sha512" "crypto/x509" "encoding/base64" "encoding/pem" "io" "os" + "path/filepath" "strconv" "strings" @@ -22,7 +23,7 @@ import ( ) const ( - LICENSE_FILE_LOC = "./data/active.dat" + LICENSE_FILENAME = "active.dat" ) var IsLicensed bool = false @@ -41,7 +42,7 @@ NxpC+5KFhU+xSeeklNqwCgnlOyZ7qSTxmdJHb+60SwuYnnGIYzLJhY4LYDr4J+KR -----END PUBLIC KEY-----`) func LoadLicense() { - file, err := os.Open(LICENSE_FILE_LOC) + file, err := os.Open(LicenseLocation()) if err != nil { l4g.Warn("Unable to open/find license file") return @@ -53,18 +54,15 @@ func LoadLicense() { if success, licenseStr := ValidateLicense(buf.Bytes()); success { license := model.LicenseFromJson(strings.NewReader(licenseStr)) - if !license.IsExpired() && license.IsStarted() && license.StartsAt > License.StartsAt { - License = license - IsLicensed = true - ClientLicense = getClientLicense(license) - return - } + SetLicense(license) } l4g.Warn("No valid enterprise license found") } func SetLicense(license *model.License) bool { + license.Features.SetDefaults() + if !license.IsExpired() && license.IsStarted() { License = license IsLicensed = true @@ -75,14 +73,21 @@ func SetLicense(license *model.License) bool { return false } -func RemoveLicense() { +func LicenseLocation() string { + return filepath.Dir(CfgFileName) + "/" + LICENSE_FILENAME +} + +func RemoveLicense() bool { License = &model.License{} IsLicensed = false ClientLicense = getClientLicense(License) - if err := os.Remove(LICENSE_FILE_LOC); err != nil { + if err := os.Remove(LicenseLocation()); err != nil { l4g.Error("Unable to remove license file, err=%v", err.Error()) + return false } + + return true } func ValidateLicense(signed []byte) (bool, string) { @@ -117,11 +122,11 @@ func ValidateLicense(signed []byte) (bool, string) { rsaPublic := public.(*rsa.PublicKey) - h := sha256.New() + h := sha512.New() h.Write(plaintext) d := h.Sum(nil) - err = rsa.VerifyPKCS1v15(rsaPublic, crypto.SHA256, d, signature) + err = rsa.VerifyPKCS1v15(rsaPublic, crypto.SHA512, d, signature) if err != nil { l4g.Error("Invalid signature, err=%v", err.Error()) return false, "" @@ -136,9 +141,9 @@ func getClientLicense(l *model.License) map[string]string { props["IsLicensed"] = strconv.FormatBool(IsLicensed) if IsLicensed { - props["Users"] = strconv.Itoa(l.Features.Users) - props["LDAP"] = strconv.FormatBool(l.Features.LDAP) - props["GoogleSSO"] = strconv.FormatBool(l.Features.GoogleSSO) + props["Users"] = strconv.Itoa(*l.Features.Users) + props["LDAP"] = strconv.FormatBool(*l.Features.LDAP) + props["GoogleSSO"] = strconv.FormatBool(*l.Features.GoogleSSO) props["IssuedAt"] = strconv.FormatInt(l.IssuedAt, 10) props["StartsAt"] = strconv.FormatInt(l.StartsAt, 10) props["ExpiresAt"] = strconv.FormatInt(l.ExpiresAt, 10) -- cgit v1.2.3-1-g7c22