-
Notifications
You must be signed in to change notification settings - Fork 5
/
sso.go
62 lines (54 loc) · 1.54 KB
/
sso.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package auth
import (
"context"
"net/http"
"github.com/descope/go-sdk/descope"
"github.com/descope/go-sdk/descope/api"
"github.com/descope/go-sdk/descope/internal/utils"
"github.com/descope/go-sdk/descope/logger"
)
type sso struct {
authenticationsBase
}
type ssoStartResponse struct {
URL string `json:"url"`
}
func (auth *sso) Start(ctx context.Context, tenant string, redirectURL string, prompt string, r *http.Request, loginOptions *descope.LoginOptions, w http.ResponseWriter) (url string, err error) {
if tenant == "" {
return "", utils.NewInvalidArgumentError("tenant")
}
m := map[string]string{
"tenant": string(tenant),
}
if len(redirectURL) > 0 {
m["redirectURL"] = redirectURL
}
if len(prompt) > 0 {
m["prompt"] = prompt
}
var pswd string
if loginOptions.IsJWTRequired() {
pswd, err = getValidRefreshToken(r)
if err != nil {
return "", descope.ErrInvalidStepUpJWT
}
}
httpResponse, err := auth.client.DoPostRequest(ctx, composeSSOStartURL(), loginOptions, &api.HTTPRequest{QueryParams: m}, pswd)
if err != nil {
return
}
if httpResponse.Res != nil {
res := &ssoStartResponse{}
err = utils.Unmarshal([]byte(httpResponse.BodyStr), res)
if err != nil {
logger.LogError("Failed to parse sso location from response for [%s]", err, tenant)
return "", err
}
url = res.URL
redirectToURL(url, w)
}
return
}
func (auth *sso) ExchangeToken(ctx context.Context, code string, w http.ResponseWriter) (*descope.AuthenticationInfo, error) {
return auth.exchangeToken(ctx, code, composeSSOExchangeTokenURL(), w)
}