/
legacyIdentifier.go
112 lines (94 loc) · 3.38 KB
/
legacyIdentifier.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package interfaces
import (
"context"
"errors"
"net/url"
"flamingo.me/flamingo/v3/core/auth"
"flamingo.me/flamingo/v3/core/auth/oauth"
"flamingo.me/flamingo/v3/core/oauth/application"
"flamingo.me/flamingo/v3/core/oauth/domain"
"flamingo.me/flamingo/v3/framework/web"
"github.com/coreos/go-oidc/v3/oidc"
"golang.org/x/oauth2"
)
// LegacyIdentity is an oauth.OIDCIdentifier for old oauth module
type LegacyIdentity struct {
auth domain.Auth
}
var _ oauth.OpenIDIdentity = new(LegacyIdentity)
// Subject for this identity
func (identity *LegacyIdentity) Subject() string {
return identity.auth.IDToken.Subject
}
// Broker code, hardcoded
func (identity *LegacyIdentity) Broker() string {
return "flamingo.core.oauth"
}
// TokenSource returns the oauth2 token source
func (identity *LegacyIdentity) TokenSource() oauth2.TokenSource {
return identity.auth.TokenSource
}
// AccessTokenClaims is not supported with the old module
func (identity *LegacyIdentity) AccessTokenClaims(into interface{}) error {
return errors.New("flamingo.core.oauth does not support AccessTokenClaims")
}
// IDToken getter
func (identity *LegacyIdentity) IDToken() *oidc.IDToken {
return identity.auth.IDToken
}
// IDTokenClaims mapper
func (identity *LegacyIdentity) IDTokenClaims(into interface{}) error {
return identity.auth.IDToken.Claims(into)
}
// LegacyIdentifier bridges core/oauth and core/auth/oauth together
type LegacyIdentifier struct {
authmanager *application.AuthManager
responder *web.Responder
callbackController CallbackControllerInterface
loginController LoginControllerInterface
logoutController LogoutControllerInterface
}
// Inject dependencies
func (identifier *LegacyIdentifier) Inject(
authmanager *application.AuthManager,
responder *web.Responder,
callbackController CallbackControllerInterface,
loginController LoginControllerInterface,
logoutController LogoutControllerInterface,
) *LegacyIdentifier {
identifier.authmanager = authmanager
identifier.responder = responder
identifier.loginController = loginController
identifier.callbackController = callbackController
identifier.logoutController = logoutController
return identifier
}
// Broker hardcoded to flamingo.core.oauth
func (*LegacyIdentifier) Broker() string {
return "flamingo.core.oauth"
}
// Identify an incoming request with the authmanager
func (identifier *LegacyIdentifier) Identify(ctx context.Context, request *web.Request) (auth.Identity, error) {
authData, err := identifier.authmanager.Auth(ctx, request.Session())
if err != nil {
return nil, err
}
return &LegacyIdentity{auth: authData}, nil
}
// Authenticate an incoming request with the logincontroller
func (identifier *LegacyIdentifier) Authenticate(ctx context.Context, request *web.Request) web.Result {
return identifier.loginController.Get(ctx, request)
}
// Callback for the current request
func (identifier *LegacyIdentifier) Callback(ctx context.Context, request *web.Request, returnTo func(*web.Request) *url.URL) web.Result {
request.Session().Store("auth.redirect", returnTo(request).String())
return identifier.callbackController.Get(ctx, request)
}
// Logout using the legacy logout controller
func (identifier *LegacyIdentifier) Logout(ctx context.Context, request *web.Request) *url.URL {
resp := identifier.logoutController.Get(ctx, request)
if ur, ok := resp.(*web.URLRedirectResponse); ok {
return ur.URL
}
return nil
}