mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2025-10-31 22:25:43 +00:00
fc73e25d51
* feat: allow generic provider to use untrusted SSL certificates * chore: fix typo * chore: bot suggestion Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
89 lines
2.0 KiB
Go
89 lines
2.0 KiB
Go
package oauth
|
|
|
|
import (
|
|
"context"
|
|
"crypto/rand"
|
|
"crypto/tls"
|
|
"encoding/base64"
|
|
"net/http"
|
|
|
|
"golang.org/x/oauth2"
|
|
)
|
|
|
|
func NewOAuth(config oauth2.Config, insecureSkipVerify bool) *OAuth {
|
|
return &OAuth{
|
|
Config: config,
|
|
InsecureSkipVerify: insecureSkipVerify,
|
|
}
|
|
}
|
|
|
|
type OAuth struct {
|
|
Config oauth2.Config
|
|
Context context.Context
|
|
Token *oauth2.Token
|
|
Verifier string
|
|
InsecureSkipVerify bool
|
|
}
|
|
|
|
func (oauth *OAuth) Init() {
|
|
// Create transport with TLS
|
|
transport := &http.Transport{
|
|
TLSClientConfig: &tls.Config{
|
|
InsecureSkipVerify: oauth.InsecureSkipVerify,
|
|
MinVersion: tls.VersionTLS12,
|
|
},
|
|
}
|
|
|
|
// Create a new context
|
|
oauth.Context = context.Background()
|
|
|
|
// Create the HTTP client with the transport
|
|
httpClient := &http.Client{
|
|
Transport: transport,
|
|
}
|
|
|
|
// Set the HTTP client in the context
|
|
oauth.Context = context.WithValue(oauth.Context, oauth2.HTTPClient, httpClient)
|
|
// Create the verifier
|
|
oauth.Verifier = oauth2.GenerateVerifier()
|
|
}
|
|
|
|
func (oauth *OAuth) GetAuthURL(state string) string {
|
|
// Return the auth url
|
|
return oauth.Config.AuthCodeURL(state, oauth2.AccessTypeOffline, oauth2.S256ChallengeOption(oauth.Verifier))
|
|
}
|
|
|
|
func (oauth *OAuth) ExchangeToken(code string) (string, error) {
|
|
// Exchange the code for a token
|
|
token, err := oauth.Config.Exchange(oauth.Context, code, oauth2.VerifierOption(oauth.Verifier))
|
|
|
|
// Check if there was an error
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
// Set the token
|
|
oauth.Token = token
|
|
|
|
// Return the access token
|
|
return oauth.Token.AccessToken, nil
|
|
}
|
|
|
|
func (oauth *OAuth) GetClient() *http.Client {
|
|
// Return the http client with the token set
|
|
return oauth.Config.Client(oauth.Context, oauth.Token)
|
|
}
|
|
|
|
func (oauth *OAuth) GenerateState() string {
|
|
// Generate a random state string
|
|
b := make([]byte, 128)
|
|
|
|
// Fill the byte slice with random data
|
|
rand.Read(b)
|
|
|
|
// Encode the byte slice to a base64 string
|
|
state := base64.URLEncoding.EncodeToString(b)
|
|
|
|
return state
|
|
}
|