/
provider_discord.go
100 lines (84 loc) · 2.45 KB
/
provider_discord.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
// Copyright © 2023 Ory Corp
// SPDX-License-Identifier: Apache-2.0
package oidc
import (
"context"
"fmt"
"net/url"
"github.com/ory/kratos/x"
"github.com/bwmarrin/discordgo"
"github.com/pkg/errors"
"golang.org/x/oauth2"
"github.com/ory/herodot"
"github.com/ory/x/stringslice"
"github.com/ory/x/stringsx"
)
type ProviderDiscord struct {
config *Configuration
reg Dependencies
}
func NewProviderDiscord(
config *Configuration,
reg Dependencies,
) Provider {
return &ProviderDiscord{
config: config,
reg: reg,
}
}
func (d *ProviderDiscord) Config() *Configuration {
return d.config
}
func (d *ProviderDiscord) oauth2(ctx context.Context) *oauth2.Config {
return &oauth2.Config{
ClientID: d.config.ClientID,
ClientSecret: d.config.ClientSecret,
Endpoint: oauth2.Endpoint{
AuthURL: discordgo.EndpointOauth2 + "authorize",
TokenURL: discordgo.EndpointOauth2 + "token",
},
RedirectURL: d.config.Redir(d.reg.Config().OIDCRedirectURIBase(ctx)),
Scopes: d.config.Scope,
}
}
func (d *ProviderDiscord) OAuth2(ctx context.Context) (*oauth2.Config, error) {
return d.oauth2(ctx), nil
}
func (d *ProviderDiscord) AuthCodeURLOptions(r ider) []oauth2.AuthCodeOption {
if isForced(r) {
return []oauth2.AuthCodeOption{
oauth2.SetAuthURLParam("prompt", "consent"),
}
}
return []oauth2.AuthCodeOption{
oauth2.SetAuthURLParam("prompt", "none"),
}
}
func (d *ProviderDiscord) Claims(ctx context.Context, exchange *oauth2.Token, query url.Values) (*Claims, error) {
grantedScopes := stringsx.Splitx(fmt.Sprintf("%s", exchange.Extra("scope")), " ")
for _, check := range d.Config().Scope {
if !stringslice.Has(grantedScopes, check) {
return nil, errors.WithStack(ErrScopeMissing)
}
}
dg, err := discordgo.New(fmt.Sprintf("Bearer %s", exchange.AccessToken))
if err != nil {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err))
}
user, err := dg.User("@me")
if err != nil {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err))
}
claims := &Claims{
Issuer: discordgo.EndpointOauth2,
Subject: user.ID,
Name: fmt.Sprintf("%s#%s", user.Username, user.Discriminator),
Nickname: user.Username,
PreferredUsername: user.Username,
Picture: user.AvatarURL(""),
Email: user.Email,
EmailVerified: x.ConvertibleBoolean(user.Verified),
Locale: user.Locale,
}
return claims, nil
}