-
Notifications
You must be signed in to change notification settings - Fork 1
/
token_fetcher.gleam
173 lines (147 loc) · 3.79 KB
/
token_fetcher.gleam
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
import gleam/bit_array
import gleam/function
import gleam/list
import gleam/pair
import gleam/string
import gleam/uri.{type Uri, Uri}
import gleam/option.{type Option, None, Some}
import gleam/result
import gleam/erlang/os
import gleam/erlang/process.{type Subject}
import gleam/otp/actor
import prng/random
import prng/seed
import shellout
import glitch/auth/redirect_server
import glitch/api/auth
import glitch/error.{
type AuthError, type TwitchError, AuthError, TokenFetcherFetchError,
TokenFetcherStartError,
}
import glitch/types/access_token.{type AccessToken}
import glitch/types/scope.{type Scope}
import glitch/extended/uri_ext
const base_authorization_uri = Uri(
Some("https"),
None,
Some("id.twitch.tv"),
None,
"oauth2/authorize",
None,
None,
)
const default_redirect_uri = Uri(
Some("http"),
None,
Some("localhost"),
Some(3000),
"redirect",
None,
None,
)
pub type TokenFetcher =
Subject(Message)
pub opaque type Message {
Fetch(reply_to: Subject(Result(AccessToken, TwitchError)))
}
pub opaque type TokenFetcherState {
State(
client_id: String,
client_secret: String,
redirect_uri: Option(Uri),
scopes: List(Scope),
)
}
pub fn new(
client_id: String,
client_secret: String,
scopes: List(Scope),
redirect_uri: Option(Uri),
) -> Result(TokenFetcher, TwitchError) {
let state = State(client_id, client_secret, redirect_uri, scopes)
actor.start(state, handle_message)
|> result.replace_error(AuthError(TokenFetcherStartError))
}
fn new_authorization_uri(token_fetcher: TokenFetcherState, csrf_state) -> Uri {
let scopes =
token_fetcher.scopes
|> list.fold("", fn(acc, scope) {
case acc {
"" -> scope.to_string(scope)
_ -> acc <> "+" <> scope.to_string(scope)
}
})
let redirect_uri =
token_fetcher.redirect_uri
|> option.unwrap(default_redirect_uri)
|> uri.to_string
let query_params = [
#("client_id", token_fetcher.client_id),
#("redirect_uri", redirect_uri),
#("response_type", "code"),
#("scope", scopes),
#("state", csrf_state),
]
uri_ext.set_query(base_authorization_uri, query_params)
}
fn handle_message(
message: Message,
state: TokenFetcherState,
) -> actor.Next(Message, TokenFetcherState) {
case message {
Fetch(reply_to) -> handle_fetch(state, reply_to)
}
}
pub fn fetch(
token_fetcher: TokenFetcher,
reply_to: Subject(Result(AccessToken, TwitchError)),
) -> Nil {
actor.send(token_fetcher, Fetch(reply_to))
}
fn handle_fetch(
state: TokenFetcherState,
reply_to: Subject(Result(AccessToken, TwitchError)),
) {
let mailbox: Subject(String) = process.new_subject()
let assert Ok(csrf_state) =
random.bit_array()
|> random.step(seed.random())
|> pair.first
|> bit_array.to_string
let redirect_uri = option.unwrap(state.redirect_uri, default_redirect_uri)
let assert Ok(server) = redirect_server.new(csrf_state, mailbox, redirect_uri)
redirect_server.start(server)
let authorize_uri =
state
|> new_authorization_uri(csrf_state)
|> uri.to_string
let assert Ok(_) = case os.family() {
os.WindowsNt ->
shellout.command(
"cmd",
["/c", "start", string.replace(authorize_uri, "&", "^&")],
".",
[],
)
_ -> shellout.command("open", [authorize_uri], ".", [])
}
let code: String =
process.new_selector()
|> process.selecting(mailbox, function.identity)
|> process.select_forever
let request =
auth.new_authorization_code_grant_request(
state.client_id,
state.client_secret,
code,
redirect_uri,
)
let response =
auth.get_token(request)
|> result.map_error(fn(error) {
AuthError(TokenFetcherFetchError(cause: error))
})
redirect_server.shutdown(server)
actor.send(reply_to, response)
actor.continue(state)
}