hamza
/
hackathon
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
hackathon/api/auth.go

89 lines
2.3 KiB
Go
Raw Blame History

package api
import (
"context"
"errors"
"log"
codequestpb "github.com/hhhapz/codequest/api/v1"
"github.com/hhhapz/codequest/models"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/types/known/emptypb"
)
type AuthService struct {
codequestpb.UnimplementedAuthServiceServer
oauthStore OAuthStore
userStore UserStore
}
const (
forwardedHostKey = "x-forwarded-host"
uiHost = "codequest.teamortix.com"
)
func (as *AuthService) AuthFuncOverride(ctx context.Context, method string) (context.Context, error) {
switch method {
case "DeleteToken":
return BearerAuth(ctx, as.userStore)
}
return ctx, nil
}
func (as *AuthService) OAuthCode(ctx context.Context, req *codequestpb.OAuthCodeRequest) (*codequestpb.OAuthCodeResponse, error) {
md := RequestMetadata(ctx)
host := md.Get(forwardedHostKey)
if host != uiHost && inProd {
return nil, status.Errorf(codes.InvalidArgument, "invalid host: %v", host)
}
page := as.oauthStore.Create(host)
return &codequestpb.OAuthCodeResponse{
RedirectURI: page,
}, nil
}
func (as *AuthService) Token(ctx context.Context, req *codequestpb.TokenRequest) (*codequestpb.Token, error) {
token, _, err := as.oauthStore.Validate(ctx, req.State, req.Code)
if err != nil {
if errors.As(err, &models.UserError{}) {
return nil, status.Errorf(codes.InvalidArgument, err.Error())
}
log.Printf("could not perform token exchange: %v", err)
return nil, status.Errorf(codes.Internal, "could not sign in")
}
tk, err := as.userStore.ConsumeToken(ctx, token)
if err != nil {
if errors.As(err, &models.UserError{}) {
return nil, status.Errorf(codes.InvalidArgument, "could not authorize: %v", err)
}
log.Printf("could not authorize request: %v", err)
return nil, status.Errorf(codes.Internal, "could not authorize: internal error")
}
return &codequestpb.Token{
Token: tk.Token,
Expires: nil,
}, nil
}
func (as *AuthService) DeleteToken(ctx context.Context, req *codequestpb.DeleteTokenRequest) (*emptypb.Empty, error) {
u := UserCtx(ctx)
var err error
if req.All {
_, err = as.userStore.RevokeUserTokens(ctx, u)
} else {
err = as.userStore.RevokeToken(ctx, TokenCtx(ctx))
}
if err != nil {
log.Printf("could not revoke token: %v", err)
return nil, status.Errorf(codes.Internal, "could not revoke token")
}
return &emptypb.Empty{}, nil
}
Reference in New Issue View Git Blame Copy Permalink