use http.Handler for oidc

779a56a4 · Christian Pointner · 126d3aee · 779a56a4
Commit 779a56a4 authored 6 years ago by Christian Pointner
--- a/auth/oidc.go
+++ b/auth/oidc.go
@@ -80,8 +80,20 @@ func NewOIDCBackend(cfg *OIDCConfig) (b *OIDCBackend, err error) {
 	return
 }

+func (b *OIDCBackend) LoginHandler() http.Handler {
+	return &oidcLoginHandler{backend: b}
+}
+
+func (b *OIDCBackend) CallbackHandler() http.Handler {
+	return &oidcCallbackHandler{backend: b}
+}
+
+type oidcLoginHandler struct {
+	backend *OIDCBackend
+}
+
 // TODO: error handling?
-func (b *OIDCBackend) HandleLogin(w http.ResponseWriter, r *http.Request) {
+func (h *oidcLoginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	// TODO: check if we alreay have a session coockie!
 	s, err := NewOIDCSession()
 	if err != nil {
@@ -90,10 +102,14 @@ func (b *OIDCBackend) HandleLogin(w http.ResponseWriter, r *http.Request) {

 	// TODO: add session to session-manager and create session coockie

-	http.Redirect(w, r, b.oauth2Config.AuthCodeURL(s.State, oidc.Nonce(s.Nonce)), http.StatusFound)
+	http.Redirect(w, r, h.backend.oauth2Config.AuthCodeURL(s.State, oidc.Nonce(s.Nonce)), http.StatusFound)
+}
+
+type oidcCallbackHandler struct {
+	backend *OIDCBackend
 }

-func (b *OIDCBackend) HandleCallback(w http.ResponseWriter, r *http.Request) {
+func (h *oidcCallbackHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	// TODO: check if we have a session coockie!

 	// TODO: get OIDCSession from session-manager, based on session coockie
@@ -104,7 +120,7 @@ func (b *OIDCBackend) HandleCallback(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	oauth2Token, err := b.oauth2Config.Exchange(r.Context(), r.URL.Query().Get("code"))
+	oauth2Token, err := h.backend.oauth2Config.Exchange(r.Context(), r.URL.Query().Get("code"))
 	if err != nil {
 		http.Error(w, "OIDC: failed to exchange token: "+err.Error(), http.StatusInternalServerError)
 		return
@@ -116,7 +132,7 @@ func (b *OIDCBackend) HandleCallback(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	// Verify the ID Token signature and nonce.
-	idToken, err := b.verifier.Verify(r.Context(), rawIDToken)
+	idToken, err := h.backend.verifier.Verify(r.Context(), rawIDToken)
 	if err != nil {
 		http.Error(w, "OIDC: failed to verify ID Token: "+err.Error(), http.StatusInternalServerError)
 		return
@@ -128,7 +144,7 @@ func (b *OIDCBackend) HandleCallback(w http.ResponseWriter, r *http.Request) {

 	// TODO: parse userInfo, populeate new session and update it inside the session-manager

-	// userInfo, err := b.provider.UserInfo(r.Context(), oauth2.StaticTokenSource(oauth2Token))
+	// userInfo, err := h.backend.provider.UserInfo(r.Context(), oauth2.StaticTokenSource(oauth2Token))
 	// if err != nil {
 	// 	http.Error(w, "OIDC: failed to get userinfo: "+err.Error(), http.StatusInternalServerError)
 	// 	return