87 lines
2 KiB
Go
87 lines
2 KiB
Go
package handlers
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/http"
|
|
"os"
|
|
|
|
"git.klink.asia/paul/certman/views"
|
|
"golang.org/x/oauth2"
|
|
|
|
"git.klink.asia/paul/certman/services"
|
|
)
|
|
|
|
var GitlabConfig = &oauth2.Config{
|
|
ClientID: os.Getenv("OAUTH2_CLIENT_ID"),
|
|
ClientSecret: os.Getenv("OAUTH2_CLIENT_SECRET"),
|
|
Scopes: []string{"read_user"},
|
|
RedirectURL: os.Getenv("HOST") + "/login/oauth2/redirect",
|
|
Endpoint: oauth2.Endpoint{
|
|
AuthURL: os.Getenv("OAUTH2_AUTH_URL"),
|
|
TokenURL: os.Getenv("OAUTH2_TOKEN_URL"),
|
|
},
|
|
}
|
|
|
|
func OAuth2Endpoint(p *services.Provider) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, req *http.Request) {
|
|
v := views.NewWithSession(req, p.Sessions)
|
|
|
|
code := req.FormValue("code")
|
|
|
|
// exchange code for token
|
|
accessToken, err := GitlabConfig.Exchange(oauth2.NoContext, code)
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
http.NotFound(w, req)
|
|
return
|
|
}
|
|
|
|
if accessToken.Valid() {
|
|
// generate a client using the access token
|
|
httpClient := GitlabConfig.Client(oauth2.NoContext, accessToken)
|
|
|
|
apiRequest, err := http.NewRequest("GET", "https://git.klink.asia/api/v4/user", nil)
|
|
if err != nil {
|
|
v.RenderError(w, http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
resp, err := httpClient.Do(apiRequest)
|
|
if err != nil {
|
|
fmt.Println(err.Error())
|
|
v.RenderError(w, http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
var user struct {
|
|
Username string `json:"username"`
|
|
}
|
|
|
|
err = json.NewDecoder(resp.Body).Decode(&user)
|
|
if err != nil {
|
|
fmt.Println(err.Error())
|
|
v.RenderError(w, http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
if user.Username != "" {
|
|
p.Sessions.SetUsername(w, req, user.Username)
|
|
http.Redirect(w, req, "/certs", http.StatusFound)
|
|
return
|
|
}
|
|
|
|
fmt.Println(err.Error())
|
|
v.RenderError(w, http.StatusInternalServerError)
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
func GetLoginHandler(p *services.Provider) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, req *http.Request) {
|
|
authURL := GitlabConfig.AuthCodeURL("", oauth2.AccessTypeOnline)
|
|
http.Redirect(w, req, authURL, http.StatusFound)
|
|
}
|
|
}
|