tijl.dev-core/internal/oidc/handler.go

package oidc

import (
	"context"
	"errors"
	"net/http"

	"git.tijl.dev/tijl/tijl.dev/internal/utils"
	log "git.tijl.dev/tijl/tijl.dev/modules/logger"
	"github.com/gofiber/fiber/v2"
	"golang.org/x/oauth2"
)

func HandleRedirect(c *fiber.Ctx) error {
	state, err := utils.RandString(16)
	if err != nil {
		return err
	}
	setCallbackCookie(c, "state", state)
	return c.Redirect(Config.AuthCodeURL(state), http.StatusFound)
}

func HandleCallback(c *fiber.Ctx) error {
	ctx := context.Background()
	state := c.Cookies("state")
	if c.Query("state") != state {
		return errors.New("invalid state")
	}

	oauth2Token, err := Config.Exchange(ctx, c.Query("code"))
	if err != nil {
		return err
	}
	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
	if !ok {
		return err
	}
	idToken, err := Verifier.Verify(ctx, rawIDToken)
	if err != nil {
		return err
	}

	userInfo, err := Provider.UserInfo(ctx, oauth2.StaticTokenSource(oauth2Token))
	if err != nil {
		return err
	}

	log.Debug().Interface("userInfo", userInfo).Interface("idToken", idToken).Msg("data")

	// now we can create a user account and session in the db

	return c.Redirect("/")
}
updates 2024-08-21 15:43:24 +02:00			`package oidc`

			`import (`
			`"context"`
			`"errors"`
			`"net/http"`

			`"git.tijl.dev/tijl/tijl.dev/internal/utils"`
			`log "git.tijl.dev/tijl/tijl.dev/modules/logger"`
			`"github.com/gofiber/fiber/v2"`
			`"golang.org/x/oauth2"`
			`)`

			`func HandleRedirect(c *fiber.Ctx) error {`
			`state, err := utils.RandString(16)`
			`if err != nil {`
			`return err`
			`}`
			`setCallbackCookie(c, "state", state)`
			`return c.Redirect(Config.AuthCodeURL(state), http.StatusFound)`
			`}`

			`func HandleCallback(c *fiber.Ctx) error {`
			`ctx := context.Background()`
			`state := c.Cookies("state")`
			`if c.Query("state") != state {`
			`return errors.New("invalid state")`
			`}`

			`oauth2Token, err := Config.Exchange(ctx, c.Query("code"))`
			`if err != nil {`
			`return err`
			`}`
			`rawIDToken, ok := oauth2Token.Extra("id_token").(string)`
			`if !ok {`
			`return err`
			`}`
			`idToken, err := Verifier.Verify(ctx, rawIDToken)`
			`if err != nil {`
			`return err`
			`}`

			`userInfo, err := Provider.UserInfo(ctx, oauth2.StaticTokenSource(oauth2Token))`
			`if err != nil {`
			`return err`
			`}`

			`log.Debug().Interface("userInfo", userInfo).Interface("idToken", idToken).Msg("data")`

			`// now we can create a user account and session in the db`

			`return c.Redirect("/")`
			`}`