oauth bug fix

backend/entities/auth/base/handlers.go

@@ -37,7 +37,7 @@ func (h *Handler) Login(c *fiber.Ctx) error {
 			return err
 		}
 
-		if err := sothic.StoreInSession("user", *strUser, c); err != nil {
+		if err := sothic.StoreInSession("microsoftonline", *strUser, c); err != nil {
 			return err
 		}
 
@@ -59,7 +59,7 @@ func (h *Handler) Provider(c *fiber.Ctx) error {
 			return err
 		}
 
-		if err := sothic.StoreInSession("user", *strUser, c); err != nil {
+		if err := sothic.StoreInSession("microsoftonline", *strUser, c); err != nil {
 			return err
 		}
 
@@ -85,7 +85,7 @@ func (h *Handler) ProviderCallback(c *fiber.Ctx) error {
 		return err
 	}
 
-	if err := sothic.StoreInSession("user", *strUser, c); err != nil {
+	if err := sothic.StoreInSession("microsoftonline", *strUser, c); err != nil {
 		return err
 	}
 

backend/integrations/oauth/soth/sothic/sothic.go

@@ -31,11 +31,12 @@ const (
 	ProviderParamKey key = iota
 )
 
-// Session can/should be set by applications using sothic.
 var (
+	// Session can/should be set by applications using sothic.
 	SessionStore *session.Store
-	encrypter    func(string) (string, error)
-	decrypter    func(string) (string, error)
+
+	encrypter func(string) (string, error)
+	decrypter func(string) (string, error)
 )
 
 // MUST be called before using the package
@@ -314,6 +315,7 @@ func GetFromSession(key string, c *fiber.Ctx) (string, error) {
 
 	value, err := getSessionValue(session, key)
 	if err != nil {
+		slog.Error("error getting session value", "error", err)
 		return "", errors.New("could not find a matching session for this request")
 	}
 
@@ -326,8 +328,12 @@ func getSessionValue(store *session.Session, key string) (string, error) {
 		return "", errors.New("could not find a matching session for this request")
 	}
 
-	rdata := strings.NewReader(value.(string))
-	r, err := gzip.NewReader(rdata)
+	decrypted, err := decrypter(value.(string))
+	if err != nil {
+		return "", err
+	}
+
+	r, err := gzip.NewReader(strings.NewReader(decrypted))
 	if err != nil {
 		return "", err
 	}
@@ -336,7 +342,7 @@ func getSessionValue(store *session.Session, key string) (string, error) {
 		return "", err
 	}
 
-	return decrypter(string(s))
+	return string(s), nil
 }
 
 func updateSessionValue(session *session.Session, key, value string) error {

backend/middleware/auth/authorize.go

@@ -15,7 +15,7 @@ import (
 
 func (m *AuthMiddlewareHandler) Authorize(requiredPermissions ...permission.Permission) fiber.Handler {
 	return func(c *fiber.Ctx) error {
-		strUser, err := sothic.GetFromSession("user", c)
+		strUser, err := sothic.GetFromSession("microsoftonline", c)
 		if err != nil {
 			c.Set("redirect", "/api/v1/auth/login")
 			return c.SendStatus(http.StatusUnauthorized)

backend/middleware/auth/club.go

@@ -14,7 +14,7 @@ import (
 
 // Authorizes admins of the specific club to make this request, skips check if super user
 func (m *AuthMiddlewareHandler) ClubAuthorizeById(c *fiber.Ctx, extractor ExtractID) error {
-	strUser, err := sothic.GetFromSession("user", c)
+	strUser, err := sothic.GetFromSession("microsoftonline", c)
 	if err != nil {
 		c.Set("redirect", "/api/v1/auth/login")
 		return c.SendStatus(http.StatusUnauthorized)

backend/middleware/auth/event.go

@@ -15,7 +15,7 @@ import (
 
 // Authorizes admins of the host club of this event to make this request, skips check if super user
 func (m *AuthMiddlewareHandler) EventAuthorizeById(c *fiber.Ctx, extractor ExtractID) error {
-	strUser, err := sothic.GetFromSession("user", c)
+	strUser, err := sothic.GetFromSession("microsoftonline", c)
 	if err != nil {
 		c.Set("redirect", "/api/v1/auth/login")
 		return c.SendStatus(http.StatusUnauthorized)

backend/middleware/auth/user.go

@@ -11,7 +11,7 @@ import (
 )
 
 func (m *AuthMiddlewareHandler) UserAuthorizeById(c *fiber.Ctx) error {
-	strUser, err := sothic.GetFromSession("user", c)
+	strUser, err := sothic.GetFromSession("microsoftonline", c)
 	if err != nil {
 		c.Set("redirect", "/api/v1/auth/login")
 		return c.SendStatus(http.StatusUnauthorized)