-
Notifications
You must be signed in to change notification settings - Fork 28
/
session.go
151 lines (125 loc) · 4.04 KB
/
session.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package authenticationflow
import (
"context"
"github.com/authgear/authgear-server/pkg/lib/uiparam"
"github.com/authgear/authgear-server/pkg/util/intl"
)
// Session must not contain web session ID.
// This is to ensure webapp does not have privilege in authflow.
type Session struct {
FlowID string `json:"flow_id"`
OAuthSessionID string `json:"oauth_session_id,omitempty"`
ClientID string `json:"client_id,omitempty"`
RedirectURI string `json:"redirect_uri,omitempty"`
Prompt []string `json:"prompt,omitempty"`
State string `json:"state,omitempty"`
XState string `json:"x_state,omitempty"`
UILocales string `json:"ui_locales,omitempty"`
IDToken string `json:"id_token,omitempty"`
SuppressIDPSessionCookie bool `json:"suppress_idp_session_cookie,omitempty"`
UserIDHint string `json:"user_id_hint,omitempty"`
LoginHint string `json:"login_hint,omitempty"`
}
type SessionOutput struct {
FlowID string `json:"flow_id"`
ClientID string `json:"client_id,omitempty"`
RedirectURI string `json:"redirect_uri,omitempty"`
}
type SessionOptions struct {
OAuthSessionID string
ClientID string
RedirectURI string
Prompt []string
State string
XState string
UILocales string
IDToken string
SuppressIDPSessionCookie bool
UserIDHint string
LoginHint string
}
func (s *SessionOptions) PartiallyMergeFrom(o *SessionOptions) *SessionOptions {
out := &SessionOptions{}
if s != nil {
out.OAuthSessionID = s.OAuthSessionID
out.ClientID = s.ClientID
out.RedirectURI = s.RedirectURI
out.Prompt = s.Prompt
out.State = s.State
out.XState = s.XState
out.UILocales = s.UILocales
out.IDToken = s.IDToken
out.SuppressIDPSessionCookie = s.SuppressIDPSessionCookie
out.UserIDHint = s.UserIDHint
out.LoginHint = s.LoginHint
}
if o != nil {
if o.ClientID != "" {
out.ClientID = o.ClientID
}
if o.State != "" {
out.State = o.State
}
if o.XState != "" {
out.XState = o.XState
}
if o.UILocales != "" {
out.UILocales = o.UILocales
}
}
return out
}
func NewSession(opts *SessionOptions) *Session {
return &Session{
FlowID: newFlowID(),
OAuthSessionID: opts.OAuthSessionID,
ClientID: opts.ClientID,
RedirectURI: opts.RedirectURI,
Prompt: opts.Prompt,
State: opts.State,
XState: opts.XState,
UILocales: opts.UILocales,
IDToken: opts.IDToken,
SuppressIDPSessionCookie: opts.SuppressIDPSessionCookie,
UserIDHint: opts.UserIDHint,
LoginHint: opts.LoginHint,
}
}
func (s *Session) ToOutput() *SessionOutput {
return &SessionOutput{
FlowID: s.FlowID,
ClientID: s.ClientID,
RedirectURI: s.RedirectURI,
}
}
func (s *Session) MakeContext(ctx context.Context, deps *Dependencies, publicFlow PublicFlow) (context.Context, error) {
ctx = context.WithValue(ctx, contextKeyOAuthSessionID, s.OAuthSessionID)
ctx = uiparam.WithUIParam(ctx, &uiparam.T{
ClientID: s.ClientID,
Prompt: s.Prompt,
UILocales: s.UILocales,
State: s.State,
XState: s.XState,
})
if s.UILocales != "" {
tags := intl.ParseUILocales(s.UILocales)
ctx = intl.WithPreferredLanguageTags(ctx, tags)
} else {
acceptLanguage := deps.HTTPRequest.Header.Get("Accept-Language")
tags := intl.ParseAcceptLanguage(acceptLanguage)
ctx = intl.WithPreferredLanguageTags(ctx, tags)
}
ctx = context.WithValue(ctx, contextKeyIDToken, s.IDToken)
ctx = context.WithValue(ctx, contextKeySuppressIDPSessionCookie, s.SuppressIDPSessionCookie)
ctx = context.WithValue(ctx, contextKeyUserIDHint, s.UserIDHint)
ctx = context.WithValue(ctx, contextKeyLoginHint, s.LoginHint)
ctx = context.WithValue(ctx, contextKeyFlowID, s.FlowID)
flowReference := publicFlow.FlowFlowReference()
ctx = context.WithValue(ctx, contextKeyFlowReference, flowReference)
flowRootObject, err := publicFlow.FlowRootObject(deps)
if err != nil {
return nil, err
}
ctx = context.WithValue(ctx, contextKeyFlowRootObject, flowRootObject)
return ctx, nil
}