This repository has been archived by the owner on Mar 11, 2021. It is now read-only.
/
authorize.go
75 lines (59 loc) · 2.67 KB
/
authorize.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package controller
import (
"github.com/fabric8-services/fabric8-auth/app"
"github.com/fabric8-services/fabric8-auth/application"
"github.com/fabric8-services/fabric8-auth/client"
"github.com/fabric8-services/fabric8-auth/errors"
"github.com/fabric8-services/fabric8-auth/jsonapi"
"github.com/fabric8-services/fabric8-auth/log"
"github.com/fabric8-services/fabric8-auth/rest"
"github.com/goadesign/goa"
)
type AuthorizeControllerConfiguration interface {
GetPublicOAuthClientID() string
}
// AuthorizeController implements the authorize resource.
type AuthorizeController struct {
*goa.Controller
app application.Application
config AuthorizeControllerConfiguration
}
// NewAuthorizeController returns a new AuthorizeController
func NewAuthorizeController(service *goa.Service, app application.Application, config AuthorizeControllerConfiguration) *AuthorizeController {
return &AuthorizeController{Controller: service.NewController("AuthorizeController"), app: app, config: config}
}
// Authorize runs the authorize action of /api/authorize endpoint.
func (c *AuthorizeController) Authorize(ctx *app.AuthorizeAuthorizeContext) error {
var scopes []string
if ctx.Scope != nil {
scopes = []string{*ctx.Scope}
}
// Default value of this public client id is set to "740650a2-9c44-4db5-b067-a3d1b2cd2d01"
if ctx.ClientID != c.config.GetPublicOAuthClientID() {
log.Error(ctx, map[string]interface{}{
"client_id": ctx.ClientID,
}, "unknown oauth client id")
return jsonapi.JSONErrorResponse(ctx, errors.NewUnauthorizedError("invalid oauth client id"))
}
// Get the URL of the callback endpoint, the client will be redirected here after being redirected to the authentication provider
callbackURL := rest.AbsoluteURL(ctx.RequestData, client.CallbackAuthorizePath(), nil)
redirectTo, err := c.app.AuthenticationProviderService().GenerateAuthCodeURL(ctx, &ctx.RedirectURI, ctx.APIClient,
&ctx.State, scopes, ctx.ResponseMode, ctx.RequestData.Header.Get("Referer"), callbackURL)
if err != nil {
return jsonapi.JSONErrorResponse(ctx, err)
}
ctx.ResponseData.Header().Set("Cache-Control", "no-cache")
ctx.ResponseData.Header().Set("Location", *redirectTo)
return ctx.TemporaryRedirect()
}
// Callback takes care of Authorize callback
func (c *AuthorizeController) Callback(ctx *app.CallbackAuthorizeContext) error {
redirectTo, err := c.app.AuthenticationProviderService().AuthorizeCallback(ctx, ctx.State, ctx.Code)
//redirectTo, err := c.Auth.AuthCodeCallback(ctx)
if err != nil {
return jsonapi.JSONErrorResponse(ctx, err)
}
ctx.ResponseData.Header().Set("Cache-Control", "no-cache")
ctx.ResponseData.Header().Set("Location", *redirectTo)
return ctx.TemporaryRedirect()
}