From 82dc4dd361564c8bece1a1cd2c5a4e5f98796031 Mon Sep 17 00:00:00 2001 From: Knut Ahlers Date: Wed, 12 Jun 2024 21:35:24 +0200 Subject: [PATCH] Disable authentication with Twitch token aside of the `/login` endpoint for the editor Signed-off-by: Knut Ahlers --- authBackends.go | 41 ----------------------------------------- main.go | 1 - 2 files changed, 42 deletions(-) diff --git a/authBackends.go b/authBackends.go index 8264ef8..b0eec52 100644 --- a/authBackends.go +++ b/authBackends.go @@ -1,14 +1,10 @@ package main import ( - "context" - "net/http" "time" "github.com/Luzifer/go_helpers/v2/str" "github.com/Luzifer/twitch-bot/v3/internal/service/authcache" - "github.com/Luzifer/twitch-bot/v3/pkg/twitch" - "github.com/pkg/errors" ) const internalTokenAuthCacheExpiry = 5 * time.Minute @@ -41,40 +37,3 @@ func authBackendInternalEditorToken(token string) ([]string, time.Time, error) { // Editors have full access: Return module "*" return []string{"*"}, expiresAt, nil } - -func authBackendTwitchToken(token string) (modules []string, expiresAt time.Time, err error) { - tc := twitch.New(cfg.TwitchClient, cfg.TwitchClientSecret, token, "") - - var httpError twitch.HTTPError - - id, user, err := tc.GetAuthorizedUser(context.Background()) - switch { - case err == nil: - // We got a valid user, continue check below - if !str.StringInSlice(user, config.BotEditors) && !str.StringInSlice(id, config.BotEditors) { - // That user is none of our editors: Deny access - return nil, time.Time{}, authcache.ErrUnauthorized - } - - _, _, expiresAt, err = tc.GetTokenInfo(context.Background()) - if err != nil { - return nil, time.Time{}, errors.Wrap(err, "getting token expiry") - } - - // Editors have full access: Return module "*" - return []string{"*"}, expiresAt, nil - - case errors.As(err, &httpError): - // We either got "forbidden" or we got another error - if httpError.Code == http.StatusUnauthorized { - // That token wasn't valid or not a Twitch token: Unauthorized - return nil, time.Time{}, authcache.ErrUnauthorized - } - - return nil, time.Time{}, errors.Wrap(err, "validating Twitch token") - - default: - // Something else went wrong - return nil, time.Time{}, errors.Wrap(err, "validating Twitch token") - } -} diff --git a/main.go b/main.go index 3e95da2..e0d261e 100644 --- a/main.go +++ b/main.go @@ -140,7 +140,6 @@ func main() { authService = authcache.New( authBackendInternalAppToken, authBackendInternalEditorToken, - authBackendTwitchToken, ) cronService = cron.New(cron.WithSeconds())