diff options
Diffstat (limited to 'internal/api/client/auth/auth.go')
| -rw-r--r-- | internal/api/client/auth/auth.go | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/internal/api/client/auth/auth.go b/internal/api/client/auth/auth.go index 7cddc3e74..bcc338ce0 100644 --- a/internal/api/client/auth/auth.go +++ b/internal/api/client/auth/auth.go @@ -26,6 +26,7 @@ import ( "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/db" "github.com/superseriousbusiness/gotosocial/internal/oauth" + "github.com/superseriousbusiness/gotosocial/internal/oidc" "github.com/superseriousbusiness/gotosocial/internal/router" ) @@ -36,40 +37,37 @@ const ( OauthTokenPath = "/oauth/token" // OauthAuthorizePath is the API path for authorization requests (eg., authorize this app to act on my behalf as a user) OauthAuthorizePath = "/oauth/authorize" + // CallbackPath is the API path for receiving callback tokens from external OIDC providers + CallbackPath = oidc.CallbackPath + + callbackStateParam = "state" + callbackCodeParam = "code" sessionUserID = "userid" sessionClientID = "client_id" sessionRedirectURI = "redirect_uri" sessionForceLogin = "force_login" sessionResponseType = "response_type" - sessionCode = "code" sessionScope = "scope" + sessionState = "state" ) -var sessionKeys []string = []string{ - sessionUserID, - sessionClientID, - sessionRedirectURI, - sessionForceLogin, - sessionResponseType, - sessionCode, - sessionScope, -} - // Module implements the ClientAPIModule interface for type Module struct { config *config.Config db db.DB server oauth.Server + idp oidc.IDP log *logrus.Logger } // New returns a new auth module -func New(config *config.Config, db db.DB, server oauth.Server, log *logrus.Logger) api.ClientModule { +func New(config *config.Config, db db.DB, server oauth.Server, idp oidc.IDP, log *logrus.Logger) api.ClientModule { return &Module{ config: config, db: db, server: server, + idp: idp, log: log, } } @@ -84,6 +82,8 @@ func (m *Module) Route(s router.Router) error { s.AttachHandler(http.MethodGet, OauthAuthorizePath, m.AuthorizeGETHandler) s.AttachHandler(http.MethodPost, OauthAuthorizePath, m.AuthorizePOSTHandler) + s.AttachHandler(http.MethodGet, CallbackPath, m.CallbackGETHandler) + s.AttachMiddleware(m.OauthTokenMiddleware) return nil } |