Jan Dittberner
26bfcc225e
- switch to structured logging - use JSON formatter - support log level and formatter configuration
311 lines
8.8 KiB
Go
311 lines
8.8 KiB
Go
/*
|
|
Copyright 2020-2023 CAcert Inc.
|
|
SPDX-License-Identifier: Apache-2.0
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
https://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package services
|
|
|
|
import (
|
|
"bytes"
|
|
"errors"
|
|
"fmt"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
"github.com/yuin/goldmark"
|
|
|
|
"code.cacert.org/cacert/oidc_idp/translations"
|
|
|
|
"github.com/BurntSushi/toml"
|
|
"github.com/nicksnyder/go-i18n/v2/i18n"
|
|
"golang.org/x/text/language"
|
|
)
|
|
|
|
func AddMessages(catalog *MessageCatalog) error {
|
|
messages := make(map[string]*i18n.Message)
|
|
messages["unknown"] = &i18n.Message{
|
|
ID: "ErrorUnknown",
|
|
Other: "Unknown error",
|
|
}
|
|
messages["TitleRequestConsent"] = &i18n.Message{
|
|
ID: "TitleRequestConsent",
|
|
Other: "Application requests your consent",
|
|
}
|
|
messages["LabelSubmit"] = &i18n.Message{
|
|
ID: "LabelSubmit",
|
|
Other: "Submit",
|
|
}
|
|
messages["LabelConsent"] = &i18n.Message{
|
|
ID: "LabelConsent",
|
|
Other: "I hereby agree that the application may get the requested permissions.",
|
|
}
|
|
messages["IntroConsentRequested"] = &i18n.Message{
|
|
ID: "IntroConsentRequested",
|
|
Other: "The <strong>{{ .client }}</strong> application requested your consent for the following set of " +
|
|
"permissions:",
|
|
}
|
|
messages["IntroConsentMoreInformation"] = &i18n.Message{
|
|
ID: "IntroConsentMoreInformation",
|
|
Other: "You can find more information about <strong>{{ .client }}</strong> at " +
|
|
"<a href=\"{{ .clientLink }}\">its description page</a>.",
|
|
}
|
|
messages["ClaimsInformation"] = &i18n.Message{
|
|
ID: "ClaimsInformation",
|
|
Other: "In addition the application wants access to the following information:",
|
|
}
|
|
messages["WrongOrLockedUserOrInvalidPassword"] = &i18n.Message{
|
|
ID: "WrongOrLockedUserOrInvalidPassword",
|
|
Other: "You entered an invalid username or password or your account has been locked.",
|
|
}
|
|
messages["CertLoginIntroText"] = &i18n.Message{
|
|
ID: "CertLoginIntroText",
|
|
Other: "The application <strong>{{ .ClientName }}</strong> requests a login.",
|
|
}
|
|
messages["EmailChoiceText"] = &i18n.Message{
|
|
ID: "EmailChoiceText",
|
|
One: "You have presented a valid client certificate for the following email address:",
|
|
Other: "You have presented a valid client certificate for multiple email addresses. " +
|
|
"Please choose which one you want to present to the application:",
|
|
}
|
|
messages["LoginTitle"] = &i18n.Message{
|
|
ID: "LoginTitle",
|
|
Other: "Authenticate with a client certificate",
|
|
}
|
|
messages["CertLoginRequestText"] = &i18n.Message{
|
|
ID: "CertLoginRequestText",
|
|
Other: "Do you want to use the chosen identity from the certificate for authentication?",
|
|
}
|
|
messages["LabelAcceptCertLogin"] = &i18n.Message{
|
|
ID: "LabelAcceptCertLogin",
|
|
Description: "Label for a button to accept certificate login",
|
|
Other: "Yes, please use this identity",
|
|
}
|
|
messages["LabelRejectCertLogin"] = &i18n.Message{
|
|
ID: "LabelRejectCertLogin",
|
|
Description: "Label for a button to reject certificate login",
|
|
Other: "No, please send me back",
|
|
}
|
|
messages["LoginDeniedByUser"] = &i18n.Message{
|
|
ID: "LoginDeniedByUser",
|
|
Other: "Login has been denied by the user.",
|
|
}
|
|
messages["LogoutSuccessfulTitle"] = &i18n.Message{
|
|
ID: "LogoutSuccessfulTitle",
|
|
Other: "Logout successful",
|
|
}
|
|
messages["LogoutSuccessfulText"] = &i18n.Message{
|
|
ID: "LogoutSuccessfulText",
|
|
Other: "You have been logged out successfully.",
|
|
}
|
|
messages["HintChooseAnIdentityForAuthentication"] = &i18n.Message{
|
|
ID: "HintChooseAnIdentityForAuthentication",
|
|
Other: "Choose an identity for authentication.",
|
|
}
|
|
messages["NoEmailsInClientCertificateTitle"] = &i18n.Message{
|
|
ID: "NoEmailsInClientCertificateTitle",
|
|
Other: "No email addresses in client certificate",
|
|
}
|
|
messages["NoEmailsInClientCertificateExplanation"] = &i18n.Message{
|
|
ID: "NoEmailsInClientCertificateExplanation",
|
|
Other: `The presented client certificate does not contain any email address value.
|
|
An email address is required to authenticate yourself.`,
|
|
}
|
|
messages["NoChallengeInRequestTitle"] = &i18n.Message{
|
|
ID: "NoChallengeInRequestTitle",
|
|
Other: "No challenge parameter in your authentication request",
|
|
}
|
|
messages["NoChallengeInRequestExplanation"] = &i18n.Message{
|
|
ID: "NoChallengeInRequestExplanation",
|
|
Other: "Your authentication request did not contain the necessary `login_challenge` parameter." +
|
|
" You can find more information about this parameter in" +
|
|
" [the ORY Hydra documentation](https://www.ory.sh/docs/oauth2-oidc/custom-login-consent/flow).",
|
|
}
|
|
|
|
catalog.AddMessages(messages)
|
|
|
|
return nil
|
|
}
|
|
|
|
type MessageCatalog struct {
|
|
messages map[string]*i18n.Message
|
|
logger *log.Logger
|
|
}
|
|
|
|
func (m *MessageCatalog) AddMessages(messages map[string]*i18n.Message) {
|
|
for key, value := range messages {
|
|
m.messages[key] = value
|
|
}
|
|
}
|
|
|
|
func (m *MessageCatalog) LookupErrorMessage(
|
|
tag string,
|
|
field string,
|
|
value interface{},
|
|
localizer *i18n.Localizer,
|
|
) string {
|
|
fieldTag := fmt.Sprintf("%s-%s", field, tag)
|
|
message, ok := m.messages[fieldTag]
|
|
if !ok {
|
|
m.logger.WithField("field_tag", fieldTag).Info("no specific error message for field and tag")
|
|
|
|
message, ok = m.messages[tag]
|
|
if !ok {
|
|
m.logger.WithField("tag", tag).Info("no specific error message for tag")
|
|
|
|
message, ok = m.messages["unknown"]
|
|
if !ok {
|
|
m.logger.Warn("no default translation found")
|
|
|
|
return tag
|
|
}
|
|
}
|
|
}
|
|
|
|
translation, err := localizer.Localize(&i18n.LocalizeConfig{
|
|
DefaultMessage: message,
|
|
TemplateData: map[string]interface{}{
|
|
"Value": value,
|
|
},
|
|
})
|
|
if err != nil {
|
|
m.logger.WithError(err).Error("localization failed")
|
|
|
|
return tag
|
|
}
|
|
|
|
return translation
|
|
}
|
|
|
|
func (m *MessageCatalog) LookupMessage(
|
|
id string,
|
|
templateData map[string]interface{},
|
|
localizer *i18n.Localizer,
|
|
) string {
|
|
if message, ok := m.messages[id]; ok {
|
|
translation, err := localizer.Localize(&i18n.LocalizeConfig{
|
|
DefaultMessage: message,
|
|
TemplateData: templateData,
|
|
})
|
|
if err != nil {
|
|
return m.handleLocalizeError(id, translation, err)
|
|
}
|
|
|
|
return translation
|
|
}
|
|
|
|
m.logger.WithField("id", id).Warn("no translation found for id")
|
|
|
|
return id
|
|
}
|
|
|
|
func (m *MessageCatalog) LookupMarkdownMessage(
|
|
id string,
|
|
templateData map[string]interface{},
|
|
localizer *i18n.Localizer,
|
|
) string {
|
|
if message, ok := m.messages[id]; ok {
|
|
translation, err := localizer.Localize(&i18n.LocalizeConfig{
|
|
DefaultMessage: message,
|
|
TemplateData: templateData,
|
|
})
|
|
if err != nil {
|
|
return m.handleLocalizeError(id, translation, err)
|
|
}
|
|
|
|
buf := &bytes.Buffer{}
|
|
|
|
err = goldmark.Convert([]byte(translation), buf)
|
|
if err != nil {
|
|
return m.handleLocalizeError(id, translation, fmt.Errorf("markdown conversion error: %w", err))
|
|
}
|
|
|
|
return buf.String()
|
|
}
|
|
|
|
m.logger.WithField("id", id).Warn("no translation found for id")
|
|
|
|
return id
|
|
}
|
|
|
|
func (m *MessageCatalog) LookupMessagePlural(
|
|
id string,
|
|
templateData map[string]interface{},
|
|
localizer *i18n.Localizer,
|
|
count int,
|
|
) string {
|
|
if message, ok := m.messages[id]; ok {
|
|
translation, err := localizer.Localize(&i18n.LocalizeConfig{
|
|
DefaultMessage: message,
|
|
TemplateData: templateData,
|
|
PluralCount: count,
|
|
})
|
|
if err != nil {
|
|
return m.handleLocalizeError(id, translation, err)
|
|
}
|
|
|
|
return translation
|
|
}
|
|
|
|
m.logger.WithField("id", id).Warn("no translation found for id")
|
|
|
|
return id
|
|
}
|
|
|
|
func (m *MessageCatalog) handleLocalizeError(id string, translation string, err error) string {
|
|
var messageNotFound *i18n.MessageNotFoundErr
|
|
|
|
if errors.As(err, &messageNotFound) {
|
|
m.logger.WithError(err).WithField("message", id).Warn("message not found")
|
|
|
|
if translation != "" {
|
|
return translation
|
|
}
|
|
} else {
|
|
m.logger.WithError(err).WithField("message", id).Error("translation error")
|
|
}
|
|
|
|
return id
|
|
}
|
|
|
|
func InitI18n(logger *log.Logger, languages []string) (*i18n.Bundle, *MessageCatalog) {
|
|
bundle := i18n.NewBundle(language.English)
|
|
bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
|
|
|
|
for _, lang := range languages {
|
|
bundleName := fmt.Sprintf("active.%s.toml", lang)
|
|
|
|
bundleBytes, err := translations.Bundles.ReadFile(bundleName)
|
|
if err != nil {
|
|
logger.WithField("bundle", bundleName).Warn("message bundle not found")
|
|
|
|
continue
|
|
}
|
|
|
|
bundle.MustParseMessageFileBytes(bundleBytes, bundleName)
|
|
}
|
|
|
|
catalog := initMessageCatalog(logger)
|
|
|
|
return bundle, catalog
|
|
}
|
|
|
|
func initMessageCatalog(logger *log.Logger) *MessageCatalog {
|
|
messages := make(map[string]*i18n.Message)
|
|
messages["ErrorTitle"] = &i18n.Message{
|
|
ID: "ErrorTitle",
|
|
Other: "An error has occurred",
|
|
}
|
|
|
|
return &MessageCatalog{messages: messages, logger: logger}
|
|
}
|