Albirew/nyaa-pantsu
Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0
Code Activité
Ce dépôt a été archivé le 2022-05-07. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
nyaa-pantsu/vendor/github.com/ory/fosite/handler/oauth2/flow_authorize_code_auth.go
akuma06 03ea72595d OAuth API [done] (#1275) 
* Initial Commit for OAuth API

This builds and run and return the right error.
Need to test it and then adding all users as possible client

* Added mising dependency

* just compile already...

* Fixing template test

* Imrpovements

Moved db stuff in models
Added some tests
Added form in modpanel to add/update a client
Added controllers for add/update of client

* Added Forms + speed improvements

Controller oauth client listing + html
Controller oauth client delete + messages
Messages on comment delete
New ES config that disable ES if set to false. Improve load speed on local development
Fix a load config bug
Fix index admin & translation string sign_out broken by @ewhal

* Sanitize empty strig in form array + css

Multiple empty array of strings are sanitized for the oauth client create form
Added some css for the form display

* Upload and Create form works

* Fix splitting response types

* Removing required on secret when updating

* fix travis error

* Fix travis template test

* Update dependency

* Moved to jinzhu instead of azhao

* randomizen secret on creation

* Final touch on oath api

improved display name
fix grant form csrf
fix login csrf on oauth

* Fix gorm test

* fix template test

* Fixing deleted dependency issue

* Make travis faster

* Fix typo

* Fix csrf for api calls

* This shouldn't be exempt

* Removing hard coded hash

@ewhal Don't forget to replace the hash in tokens.go with another one

* Added an example on how to use OAuth middleware

* Renamed fosite utils to oauth2 utils
2017-07-28 13:46:40 +10:00

72 lignes
2,4 Kio
Go
Brut Annotations Historique

package oauth2
import (
"strings"
"time"
"fmt"
"context"
"github.com/ory/fosite"
"github.com/pkg/errors"
)
// AuthorizeExplicitGrantTypeHandler is a response handler for the Authorize Code grant using the explicit grant type
// as defined in https://tools.ietf.org/html/rfc6749#section-4.1
type AuthorizeExplicitGrantHandler struct {
AccessTokenStrategy AccessTokenStrategy
RefreshTokenStrategy RefreshTokenStrategy
AuthorizeCodeStrategy AuthorizeCodeStrategy
CoreStorage CoreStorage
// AuthCodeLifespan defines the lifetime of an authorize code.
AuthCodeLifespan time.Duration
// AccessTokenLifespan defines the lifetime of an access token.
AccessTokenLifespan time.Duration
ScopeStrategy fosite.ScopeStrategy
}
func (c *AuthorizeExplicitGrantHandler) HandleAuthorizeEndpointRequest(ctx context.Context, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) error {
// This let's us define multiple response types, for example open id connect's id_token
if !ar.GetResponseTypes().Exact("code") {
return nil
}
if !ar.GetClient().GetResponseTypes().Has("code") {
return errors.WithStack(fosite.ErrInvalidGrant)
}
if !fosite.IsRedirectURISecure(ar.GetRedirectURI()) {
return errors.Wrap(fosite.ErrInvalidRequest, "Redirect URL is using an insecure protocol, http is only allowed for hosts with suffix `localhost`, for example: http://myapp.localhost/")
}
client := ar.GetClient()
for _, scope := range ar.GetRequestedScopes() {
if !c.ScopeStrategy(client.GetScopes(), scope) {
return errors.Wrap(fosite.ErrInvalidScope, fmt.Sprintf("The client is not allowed to request scope %s", scope))
}
}
return c.IssueAuthorizeCode(ctx, ar, resp)
}
func (c *AuthorizeExplicitGrantHandler) IssueAuthorizeCode(ctx context.Context, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) error {
code, signature, err := c.AuthorizeCodeStrategy.GenerateAuthorizeCode(ctx, ar)
if err != nil {
return errors.Wrap(fosite.ErrServerError, err.Error())
}
ar.GetSession().SetExpiresAt(fosite.AuthorizeCode, time.Now().Add(c.AuthCodeLifespan))
if err := c.CoreStorage.CreateAuthorizeCodeSession(ctx, signature, ar); err != nil {
return errors.Wrap(fosite.ErrServerError, err.Error())
}
resp.AddQuery("code", code)
resp.AddQuery("state", ar.GetState())
resp.AddQuery("scope", strings.Join(ar.GetGrantedScopes(), " "))
ar.SetResponseTypeHandled("code")
return nil
}
Voir Git blame Copier le lien permanent