From 05e9af089c3041fa162e4dca3b1c5906496e8e90 Mon Sep 17 00:00:00 2001
From: Tobi Smethurst <31960611+tsmethurst@users.noreply.github.com>
Date: Fri, 23 Jul 2021 10:36:28 +0200
Subject: Oidc (#109)

* add oidc config

* inching forward with oidc idp

* lil webfingy fix

* bit more progress

* further oidc

* oidc now working

* document dex config

* replace broken images

* add additional credits

* tiny doc update

* update

* add oidc config

* inching forward with oidc idp

* bit more progress

* further oidc

* oidc now working

* document dex config

* replace broken images

* add additional credits

* tiny doc update

* update

* document

* docs + comments
---
 internal/api/client/auth/auth.go | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'internal/api/client/auth/auth.go')

diff --git a/internal/api/client/auth/auth.go b/internal/api/client/auth/auth.go
index 7cddc3e74..bcc338ce0 100644
--- a/internal/api/client/auth/auth.go
+++ b/internal/api/client/auth/auth.go
@@ -26,6 +26,7 @@ import (
 	"github.com/superseriousbusiness/gotosocial/internal/config"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
 	"github.com/superseriousbusiness/gotosocial/internal/oauth"
+	"github.com/superseriousbusiness/gotosocial/internal/oidc"
 	"github.com/superseriousbusiness/gotosocial/internal/router"
 )
 
@@ -36,40 +37,37 @@ const (
 	OauthTokenPath = "/oauth/token"
 	// OauthAuthorizePath is the API path for authorization requests (eg., authorize this app to act on my behalf as a user)
 	OauthAuthorizePath = "/oauth/authorize"
+	// CallbackPath is the API path for receiving callback tokens from external OIDC providers
+	CallbackPath = oidc.CallbackPath
+
+	callbackStateParam = "state"
+	callbackCodeParam  = "code"
 
 	sessionUserID       = "userid"
 	sessionClientID     = "client_id"
 	sessionRedirectURI  = "redirect_uri"
 	sessionForceLogin   = "force_login"
 	sessionResponseType = "response_type"
-	sessionCode         = "code"
 	sessionScope        = "scope"
+	sessionState        = "state"
 )
 
-var sessionKeys []string = []string{
-	sessionUserID,
-	sessionClientID,
-	sessionRedirectURI,
-	sessionForceLogin,
-	sessionResponseType,
-	sessionCode,
-	sessionScope,
-}
-
 // Module implements the ClientAPIModule interface for
 type Module struct {
 	config *config.Config
 	db     db.DB
 	server oauth.Server
+	idp    oidc.IDP
 	log    *logrus.Logger
 }
 
 // New returns a new auth module
-func New(config *config.Config, db db.DB, server oauth.Server, log *logrus.Logger) api.ClientModule {
+func New(config *config.Config, db db.DB, server oauth.Server, idp oidc.IDP, log *logrus.Logger) api.ClientModule {
 	return &Module{
 		config: config,
 		db:     db,
 		server: server,
+		idp:    idp,
 		log:    log,
 	}
 }
@@ -84,6 +82,8 @@ func (m *Module) Route(s router.Router) error {
 	s.AttachHandler(http.MethodGet, OauthAuthorizePath, m.AuthorizeGETHandler)
 	s.AttachHandler(http.MethodPost, OauthAuthorizePath, m.AuthorizePOSTHandler)
 
+	s.AttachHandler(http.MethodGet, CallbackPath, m.CallbackGETHandler)
+
 	s.AttachMiddleware(m.OauthTokenMiddleware)
 	return nil
 }
-- 
cgit v1.2.3