Wannabe oauth implementation

2019-10-20 12:59:50 -06:00
commit 6dc2e074fb
11 changed files with 548 additions and 0 deletions
--- a/oauth2server/server/authorize.go
+++ b/oauth2server/server/authorize.go
@@ -0,0 +1,59 @@
+package server
+
+import (
+	"local/oauth2"
+	"local/storage"
+	"net/http"
+
+	"github.com/google/uuid"
+)
+
+func (s *Server) authorize(w http.ResponseWriter, r *http.Request) {
+	if r.Method != "POST" {
+		http.NotFound(w, r)
+		return
+	}
+	id := r.FormValue("username")
+	user, ok := s.getUser(id)
+	if !ok {
+		http.Error(w, "unknown user", http.StatusForbidden)
+		return
+	}
+	access, ok := s.getAccess(user)
+	if !ok {
+		http.Error(w, "no oauth for user", http.StatusForbidden)
+		return
+	}
+	cookie := &http.Cookie{
+		Name:     oauth2.COOKIE,
+		Value:    access,
+		SameSite: http.SameSiteLaxMode,
+	}
+	http.SetCookie(w, cookie)
+	redirectCookie, err := r.Cookie(oauth2.REDIRECT)
+	if err != nil {
+		return
+	}
+	http.Redirect(w, r, redirectCookie.Value, http.StatusSeeOther)
+}
+
+func (s *Server) genAuth(user string) {
+	access := uuid.New().String()
+	token := uuid.New().String()
+	s.store.Set(user, []byte(access), ACCESS)
+	s.store.Set(access, []byte(token), TOKEN)
+}
+
+func (s *Server) getAccess(user string) (string, bool) {
+	access, err := s.store.Get(user, ACCESS)
+	if err == storage.ErrNotFound {
+		s.genAuth(user)
+		access, err = s.store.Get(user, ACCESS)
+	}
+	return string(access), err == nil
+}
+
+func (s *Server) getToken(access string) (string, bool) {
+	token, err := s.store.Get(access, TOKEN)
+	return string(token), err == nil
+}