2021-06-23 18:43:05 +02:00
/ *
2022-11-11 05:49:16 +01:00
* Copyright © 2020 - 2021 Musing Studio LLC and respective authors .
2021-06-23 18:43:05 +02:00
*
* This file is part of WriteFreely .
*
* WriteFreely is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License , included
* in the LICENSE file in this source code package .
* /
2020-03-28 05:44:04 +01:00
package writefreely
import (
"context"
"errors"
2021-06-23 18:43:05 +02:00
"fmt"
"github.com/writeas/web-core/log"
2020-03-28 05:44:04 +01:00
"net/http"
"net/url"
"strings"
)
type genericOauthClient struct {
ClientID string
ClientSecret string
AuthLocation string
ExchangeLocation string
InspectLocation string
CallbackLocation string
2020-10-13 05:54:48 +02:00
Scope string
2020-10-22 21:59:19 +02:00
MapUserID string
MapUsername string
MapDisplayName string
MapEmail string
2020-03-28 05:44:04 +01:00
HttpClient HttpClient
}
var _ oauthClient = genericOauthClient { }
const (
2020-03-28 06:21:24 +01:00
genericOauthDisplayName = "OAuth"
2020-03-28 05:44:04 +01:00
)
func ( c genericOauthClient ) GetProvider ( ) string {
return "generic"
}
func ( c genericOauthClient ) GetClientID ( ) string {
return c . ClientID
}
func ( c genericOauthClient ) GetCallbackLocation ( ) string {
return c . CallbackLocation
}
func ( c genericOauthClient ) buildLoginURL ( state string ) ( string , error ) {
u , err := url . Parse ( c . AuthLocation )
if err != nil {
return "" , err
}
q := u . Query ( )
q . Set ( "client_id" , c . ClientID )
q . Set ( "redirect_uri" , c . CallbackLocation )
q . Set ( "response_type" , "code" )
q . Set ( "state" , state )
2020-10-13 05:54:48 +02:00
q . Set ( "scope" , c . Scope )
2020-03-28 05:44:04 +01:00
u . RawQuery = q . Encode ( )
return u . String ( ) , nil
}
func ( c genericOauthClient ) exchangeOauthCode ( ctx context . Context , code string ) ( * TokenResponse , error ) {
form := url . Values { }
2024-06-10 08:05:15 +02:00
form . Add ( "client_id" , c . ClientID )
form . Add ( "client_secret" , c . ClientSecret )
2020-03-28 05:44:04 +01:00
form . Add ( "grant_type" , "authorization_code" )
form . Add ( "redirect_uri" , c . CallbackLocation )
2020-10-13 05:54:48 +02:00
form . Add ( "scope" , c . Scope )
2020-03-28 05:44:04 +01:00
form . Add ( "code" , code )
req , err := http . NewRequest ( "POST" , c . ExchangeLocation , strings . NewReader ( form . Encode ( ) ) )
if err != nil {
return nil , err
}
req . WithContext ( ctx )
2020-08-18 18:22:04 +02:00
req . Header . Set ( "User-Agent" , ServerUserAgent ( "" ) )
2020-03-28 05:44:04 +01:00
req . Header . Set ( "Accept" , "application/json" )
req . Header . Set ( "Content-Type" , "application/x-www-form-urlencoded" )
req . SetBasicAuth ( c . ClientID , c . ClientSecret )
resp , err := c . HttpClient . Do ( req )
if err != nil {
return nil , err
}
if resp . StatusCode != http . StatusOK {
return nil , errors . New ( "unable to exchange code for access token" )
}
var tokenResponse TokenResponse
if err := limitedJsonUnmarshal ( resp . Body , tokenRequestMaxLen , & tokenResponse ) ; err != nil {
return nil , err
}
if tokenResponse . Error != "" {
return nil , errors . New ( tokenResponse . Error )
}
return & tokenResponse , nil
}
func ( c genericOauthClient ) inspectOauthAccessToken ( ctx context . Context , accessToken string ) ( * InspectResponse , error ) {
req , err := http . NewRequest ( "GET" , c . InspectLocation , nil )
if err != nil {
return nil , err
}
req . WithContext ( ctx )
2020-08-18 18:22:04 +02:00
req . Header . Set ( "User-Agent" , ServerUserAgent ( "" ) )
2020-03-28 05:44:04 +01:00
req . Header . Set ( "Accept" , "application/json" )
req . Header . Set ( "Authorization" , "Bearer " + accessToken )
resp , err := c . HttpClient . Do ( req )
if err != nil {
return nil , err
}
if resp . StatusCode != http . StatusOK {
return nil , errors . New ( "unable to inspect access token" )
}
2020-10-22 21:15:55 +02:00
// since we don't know what the JSON from the server will look like, we create a
// generic interface and then map manually to values set in the config
2020-10-22 21:59:19 +02:00
var genericInterface map [ string ] interface { }
2020-10-22 21:15:55 +02:00
if err := limitedJsonUnmarshal ( resp . Body , infoRequestMaxLen , & genericInterface ) ; err != nil {
2020-03-28 05:44:04 +01:00
return nil , err
}
2020-10-22 21:15:55 +02:00
// map each relevant field in inspectResponse to the mapped field from the config
var inspectResponse InspectResponse
2020-10-22 21:59:19 +02:00
inspectResponse . UserID , _ = genericInterface [ c . MapUserID ] . ( string )
2021-06-23 18:43:05 +02:00
if inspectResponse . UserID == "" {
log . Error ( "[CONFIGURATION ERROR] Generic OAuth provider returned empty UserID value (`%s`).\n Do you need to configure a different `map_user_id` value for this provider?" , c . MapUserID )
return nil , fmt . Errorf ( "no UserID (`%s`) value returned" , c . MapUserID )
}
2020-10-22 21:59:19 +02:00
inspectResponse . Username , _ = genericInterface [ c . MapUsername ] . ( string )
inspectResponse . DisplayName , _ = genericInterface [ c . MapDisplayName ] . ( string )
inspectResponse . Email , _ = genericInterface [ c . MapEmail ] . ( string )
2020-10-13 05:54:48 +02:00
2020-03-28 05:44:04 +01:00
return & inspectResponse , nil
}