54 lines
1.1 KiB
Go
54 lines
1.1 KiB
Go
|
package oidc
|
||
|
|
||
|
import (
|
||
|
"context"
|
||
|
"errors"
|
||
|
"net/http"
|
||
|
|
||
|
"git.tijl.dev/tijl/tijl.dev/internal/utils"
|
||
|
log "git.tijl.dev/tijl/tijl.dev/modules/logger"
|
||
|
"github.com/gofiber/fiber/v2"
|
||
|
"golang.org/x/oauth2"
|
||
|
)
|
||
|
|
||
|
func HandleRedirect(c *fiber.Ctx) error {
|
||
|
state, err := utils.RandString(16)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
setCallbackCookie(c, "state", state)
|
||
|
return c.Redirect(Config.AuthCodeURL(state), http.StatusFound)
|
||
|
}
|
||
|
|
||
|
func HandleCallback(c *fiber.Ctx) error {
|
||
|
ctx := context.Background()
|
||
|
state := c.Cookies("state")
|
||
|
if c.Query("state") != state {
|
||
|
return errors.New("invalid state")
|
||
|
}
|
||
|
|
||
|
oauth2Token, err := Config.Exchange(ctx, c.Query("code"))
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
rawIDToken, ok := oauth2Token.Extra("id_token").(string)
|
||
|
if !ok {
|
||
|
return err
|
||
|
}
|
||
|
idToken, err := Verifier.Verify(ctx, rawIDToken)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
userInfo, err := Provider.UserInfo(ctx, oauth2.StaticTokenSource(oauth2Token))
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
log.Debug().Interface("userInfo", userInfo).Interface("idToken", idToken).Msg("data")
|
||
|
|
||
|
// now we can create a user account and session in the db
|
||
|
|
||
|
return c.Redirect("/")
|
||
|
}
|