mentos1386/zdravko
1
0
Fork 0
mirror of https://github.com/mentos1386/zdravko.git synced 2025-02-16 14:13:35 +00:00
Code Issues Projects Releases Packages Wiki Activity

feat(oauth2): try to support github

Browse source
This commit is contained in:
Tine 2024-02-16 13:52:27 +01:00
parent e6f6e5ede3
commit 185fd4923f
Signed by: mentos1386
SSH key fingerprint: SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw
3 changed files with 20 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
fly.toml
View file

@ -11,10 +11,9 @@ primary_region = 'waw'
PORT = '8080' PORT = '8080'
ROOT_URL = 'https://zdravko.fly.dev' ROOT_URL = 'https://zdravko.fly.dev'
# Other are defined in secrets # Other are defined in secrets
OAUTH2_ENDPOINT_TOKEN_URL = 'https://id.tjo.space/application/o/token/' OAUTH2_ENDPOINT_TOKEN_URL = 'https://github.com/login/oauth/access_token'
OAUTH2_ENDPOINT_AUTH_URL = 'https://id.tjo.space/application/o/authorize/' OAUTH2_ENDPOINT_AUTH_URL = 'https://github.com/login/oauth/authorize'
OAUTH2_ENDPOINT_USER_INFO_URL = 'https://id.tjo.space/application/o/userinfo/' OAUTH2_ENDPOINT_USER_INFO_URL = 'https://api.github.com/user'
OAUTH2_ENDPOINT_LOGOUT_URL = 'https://id.tjo.space/application/o/zdravko-development/end-session/'
TEMPORAL_UI_HOST = 'temporal.process.zdravko.internal:8223' TEMPORAL_UI_HOST = 'temporal.process.zdravko.internal:8223'
TEMPORAL_SERVER_HOST = 'temporal.process.zdravko.internal:7233' TEMPORAL_SERVER_HOST = 'temporal.process.zdravko.internal:7233'

2
internal/config/config.go
View file

@ -32,7 +32,7 @@ type OAuth2 struct {
EndpointTokenURL string `validate:"required"` EndpointTokenURL string `validate:"required"`
EndpointAuthURL string `validate:"required"` EndpointAuthURL string `validate:"required"`
EndpointUserInfoURL string `validate:"required"` EndpointUserInfoURL string `validate:"required"`
EndpointLogoutURL string `validate:"required"` EndpointLogoutURL string // Optional as not all SSO support this.
} }
type Temporal struct { type Temporal struct {

24
internal/handlers/oauth2.go
View file

@ -16,6 +16,7 @@ import (
) )
type UserInfo struct { type UserInfo struct {
Id string `json:"id"`
Sub string `json:"sub"` Sub string `json:"sub"`
Email string `json:"email"` Email string `json:"email"`
} }
@ -137,8 +138,13 @@ func (h *BaseHandler) OAuth2CallbackGET(w http.ResponseWriter, r *http.Request)
return return
} }
userId := userInfo.Id
if userInfo.Sub != "" {
userId = userInfo.Sub
}
err = h.SetAuthenticatedUserForRequest(w, r, &AuthenticatedUser{ err = h.SetAuthenticatedUserForRequest(w, r, &AuthenticatedUser{
ID: userInfo.Sub, ID: userId,
Email: userInfo.Email, Email: userInfo.Email,
OAuth2AccessToken: tok.AccessToken, OAuth2AccessToken: tok.AccessToken,
OAuth2RefreshToken: tok.RefreshToken, OAuth2RefreshToken: tok.RefreshToken,
@ -154,15 +160,17 @@ func (h *BaseHandler) OAuth2CallbackGET(w http.ResponseWriter, r *http.Request)
} }
func (h *BaseHandler) OAuth2LogoutGET(w http.ResponseWriter, r *http.Request, user *AuthenticatedUser) { func (h *BaseHandler) OAuth2LogoutGET(w http.ResponseWriter, r *http.Request, user *AuthenticatedUser) {
tok := h.AuthenticatedUserToOAuth2Token(user) if h.config.OAuth2.EndpointLogoutURL != "" {
client := oauth2.NewClient(context.Background(), oauth2.StaticTokenSource(tok)) tok := h.AuthenticatedUserToOAuth2Token(user)
_, err := client.Get(h.config.OAuth2.EndpointLogoutURL) client := oauth2.NewClient(context.Background(), oauth2.StaticTokenSource(tok))
if err != nil { _, err := client.Get(h.config.OAuth2.EndpointLogoutURL)
http.Error(w, err.Error(), http.StatusInternalServerError) if err != nil {
return http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
} }
err = h.ClearAuthenticatedUserForRequest(w, r) err := h.ClearAuthenticatedUserForRequest(w, r)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
} }