forked from HackIllinois/api
/
oauth_service.go
206 lines (182 loc) · 5.18 KB
/
oauth_service.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
package service
import (
"errors"
"github.com/HackIllinois/api/services/auth/config"
"net/url"
"strings"
)
var HASHTAG_INVALID_ERR = errors.New("`#` is an invalid character")
/*
Return the oauth authorization url for the given provider
*/
func GetAuthorizeRedirect(provider string, redirect_uri string) (string, error) {
switch provider {
case "github":
return ConstructSafeURL("https", "github.com", "login/oauth/authorize",
map[string]string{
"client_id": config.GITHUB_CLIENT_ID,
"scope": "user:email",
"redirect_uri": redirect_uri,
})
case "google":
return ConstructSafeURL("https", "accounts.google.com", "o/oauth2/v2/auth",
map[string]string{
"client_id": config.GOOGLE_CLIENT_ID,
"scope": "profile email",
"response_type": "code",
"redirect_uri": redirect_uri,
})
case "linkedin":
return ConstructSafeURL("https", "www.linkedin.com", "oauth2/v2/authorization",
map[string]string{
"client_id": config.LINKEDIN_CLIENT_ID,
"scope": "r_basicprofile r_emailaddress",
"response_type": "code",
"redirect_uri": redirect_uri,
})
default:
return "", errors.New("Invalid provider")
}
}
/*
Gets the user's email from the specified oauth provider
*/
func GetEmail(oauth_token string, provider string) (string, bool, error) {
switch provider {
case "github":
return GetGithubEmail(oauth_token)
case "google":
return GetGoogleEmail(oauth_token)
case "linkedin":
return GetLinkedinEmail(oauth_token)
default:
return "", false, errors.New("Invalid provider")
}
}
/*
Converts an oauth code to an oauth token for the specified provider
*/
func GetOauthToken(code string, provider string, redirect_uri string) (string, error) {
switch provider {
case "github":
return GetGithubOauthToken(code)
case "google":
return GetGoogleOauthToken(code, redirect_uri)
case "linkedin":
return GetLinkedinOauthToken(code, redirect_uri)
default:
return "", errors.New("Invalid provider")
}
}
/*
Gets the user's unique id from the specified oauth provider
*/
func GetUniqueId(oauth_token string, provider string) (string, error) {
switch provider {
case "github":
return GetGithubUniqueId(oauth_token)
case "google":
return GetGoogleUniqueId(oauth_token)
case "linkedin":
return GetLinkedinUniqueId(oauth_token)
default:
return "", errors.New("Invalid provider")
}
}
/*
Gets the user's username from the specified oauth provider
*/
func GetUsername(oauth_token string, provider string) (string, error) {
switch provider {
case "github":
return GetGithubUsername(oauth_token)
case "google":
return GetGoogleUsername(oauth_token)
case "linkedin":
return GetLinkedinUsername(oauth_token)
default:
return "", errors.New("Invalid provider")
}
}
/*
Gets the user's first name from the specified oauth provider
*/
func GetFirstName(oauth_token string, provider string) (string, error) {
const number_of_names int = 2
const name_delimiter string = " "
switch provider {
case "github":
name, err := GetGithubName(oauth_token)
if err != nil {
return "", err
}
split_name := strings.SplitAfterN(name, name_delimiter, number_of_names)
return strings.TrimSpace(split_name[0]), nil
case "google":
return GetGoogleFirstName(oauth_token)
case "linkedin":
return GetLinkedinFirstName(oauth_token)
default:
return "", errors.New("Invalid provider")
}
}
/*
Gets the user's last name from the specified oauth provider
*/
func GetLastName(oauth_token string, provider string) (string, error) {
const number_of_names int = 2
const name_delimiter string = " "
switch provider {
case "github":
name, err := GetGithubName(oauth_token)
if err != nil {
return "", err
}
split_name := strings.SplitAfterN(name, name_delimiter, number_of_names)
// If there is only a single name, or if the name cannot be split.
if len(split_name) < 2 {
return "", nil
} else {
return strings.TrimSpace(split_name[1]), nil
}
case "google":
return GetGoogleLastName(oauth_token)
case "linkedin":
return GetLinkedinLastName(oauth_token)
default:
return "", errors.New("Invalid provider")
}
}
/*
A helper function that takes a URL pointer and a map of query params->values, and modifies the URL's
RawQuery property with the supplied query params.
*/
func ConstructURLQuery(u *url.URL, params map[string]string) {
q := u.Query()
for param, value := range params {
q.Set(param, value)
}
u.RawQuery = q.Encode()
}
/*
This function takes in the ingredients to a URL and outputs a string of them all together.
It also checks for the appearance of "#" anywhere in the query params and throws an error if it is there.
queryParams is an optional param. nil can be passed in if the url needs no query params.
*/
func ConstructSafeURL(scheme string, host string, path string, queryParams map[string]string) (string, error) {
url := url.URL{
Scheme: scheme,
Host: host,
Path: path,
}
// Per the OAuth 2.0 RFC 6749, we need to disallow the `#` fragment character in the URL
if queryParams != nil {
for _, val := range queryParams {
if strings.Contains(val, "#") {
return url.String(), HASHTAG_INVALID_ERR
}
}
ConstructURLQuery(&url, queryParams)
}
return url.String(), nil
}