-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcomplete.go
96 lines (80 loc) · 2.1 KB
/
complete.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
package main
import (
"context"
"errors"
"fmt"
"net/http"
"strings"
"time"
"github.com/go-jose/go-jose/v4"
"github.com/go-jose/go-jose/v4/jwt"
"github.com/labstack/echo/v4"
)
type completeParams struct {
Code string `json:"code"`
State string `json:"state"`
}
func (a *application) completeLogin(c echo.Context) error {
params := new(completeParams)
if err := c.Bind(params); err != nil {
return err
}
stateB64 := params.State
code := params.Code
if stateB64 == "" || code == "" {
return errors.New("Invalid query params")
}
ss, err := jose.ParseSigned(stateB64, []jose.SignatureAlgorithm{jose.ES256})
if err != nil {
return echo.NewHTTPError(http.StatusForbidden, "could not parse login state")
}
verifiedData, err := ss.Verify(&a.publicKey)
if err != nil {
return echo.NewHTTPError(http.StatusForbidden, "could not verify login state")
}
state := string(verifiedData)
sl := strings.Split(state, ":")
if len(sl) < 2 {
return errors.New("unexpected state found")
}
p, ok := a.authMap[sl[0]]
if !ok {
return errors.New("login type not available")
}
oauth2Token, err := p.conf.Exchange(context.Background(), code)
if err != nil {
fmt.Println("exchange:", err, "code:", code)
return err
}
accessToken := oauth2Token.AccessToken
fmt.Println("accessToken:", accessToken)
id, err := p.conf.getUserInfo(accessToken)
if err != nil {
fmt.Println("err:", err)
return err
}
fmt.Println("id:", id)
// Create JWT
cl := jwt.Claims{
Audience: []string{a.jwtAudience},
Issuer: a.jwtIssuer,
NotBefore: jwt.NewNumericDate(time.Now()),
IssuedAt: jwt.NewNumericDate(time.Now()),
Expiry: jwt.NewNumericDate(time.Now().Add(time.Minute * 3)),
}
// Get or insert user to db, get ID and replace UserID
customClaims := customClaims{
UserID: id,
LoginType: sl[0],
LoginID: id,
}
token, err := jwt.Signed(a.signer).Claims(cl).Claims(customClaims).Serialize()
if err != nil {
fmt.Println("jwtcreationerror:", err)
return echo.NewHTTPError(http.StatusInternalServerError)
}
return c.JSON(http.StatusOK, map[string]string{
"token": token,
"userID": id,
})
}