mirror of
https://github.com/router-for-me/CLIProxyAPIPlus.git
synced 2026-03-08 06:43:41 +00:00
02d8a1cfec
- Add --kiro-aws-login flag for AWS Builder ID device code flow - Add DoKiroAWSLogin function for AWS SSO OIDC authentication - Complete Kiro integration with AWS, Google OAuth, and social auth - Add kiro executor, translator, and SDK components - Update browser support for Kiro authentication flows
90 lines
2.4 KiB
Go
90 lines
2.4 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/router-for-me/CLIProxyAPI/v6/internal/config"
|
|
coreauth "github.com/router-for-me/CLIProxyAPI/v6/sdk/cliproxy/auth"
|
|
)
|
|
|
|
// Manager aggregates authenticators and coordinates persistence via a token store.
|
|
type Manager struct {
|
|
authenticators map[string]Authenticator
|
|
store coreauth.Store
|
|
}
|
|
|
|
// NewManager constructs a manager with the provided token store and authenticators.
|
|
// If store is nil, the caller must set it later using SetStore.
|
|
func NewManager(store coreauth.Store, authenticators ...Authenticator) *Manager {
|
|
mgr := &Manager{
|
|
authenticators: make(map[string]Authenticator),
|
|
store: store,
|
|
}
|
|
for i := range authenticators {
|
|
mgr.Register(authenticators[i])
|
|
}
|
|
return mgr
|
|
}
|
|
|
|
// Register adds or replaces an authenticator keyed by its provider identifier.
|
|
func (m *Manager) Register(a Authenticator) {
|
|
if a == nil {
|
|
return
|
|
}
|
|
if m.authenticators == nil {
|
|
m.authenticators = make(map[string]Authenticator)
|
|
}
|
|
m.authenticators[a.Provider()] = a
|
|
}
|
|
|
|
// SetStore updates the token store used for persistence.
|
|
func (m *Manager) SetStore(store coreauth.Store) {
|
|
m.store = store
|
|
}
|
|
|
|
// Login executes the provider login flow and persists the resulting auth record.
|
|
func (m *Manager) Login(ctx context.Context, provider string, cfg *config.Config, opts *LoginOptions) (*coreauth.Auth, string, error) {
|
|
auth, ok := m.authenticators[provider]
|
|
if !ok {
|
|
return nil, "", fmt.Errorf("cliproxy auth: authenticator %s not registered", provider)
|
|
}
|
|
|
|
record, err := auth.Login(ctx, cfg, opts)
|
|
if err != nil {
|
|
return nil, "", err
|
|
}
|
|
if record == nil {
|
|
return nil, "", fmt.Errorf("cliproxy auth: authenticator %s returned nil record", provider)
|
|
}
|
|
|
|
if m.store == nil {
|
|
return record, "", nil
|
|
}
|
|
|
|
if cfg != nil {
|
|
if dirSetter, ok := m.store.(interface{ SetBaseDir(string) }); ok {
|
|
dirSetter.SetBaseDir(cfg.AuthDir)
|
|
}
|
|
}
|
|
|
|
savedPath, err := m.store.Save(ctx, record)
|
|
if err != nil {
|
|
return record, "", err
|
|
}
|
|
return record, savedPath, nil
|
|
}
|
|
|
|
// SaveAuth persists an auth record directly without going through the login flow.
|
|
func (m *Manager) SaveAuth(record *coreauth.Auth, cfg *config.Config) (string, error) {
|
|
if m.store == nil {
|
|
return "", fmt.Errorf("no store configured")
|
|
}
|
|
if cfg != nil {
|
|
if dirSetter, ok := m.store.(interface{ SetBaseDir(string) }); ok {
|
|
dirSetter.SetBaseDir(cfg.AuthDir)
|
|
}
|
|
}
|
|
return m.store.Save(context.Background(), record)
|
|
}
|