mirror of
https://github.com/amir20/dozzle.git
synced 2025-12-21 13:23:07 +01:00
61 lines
1.4 KiB
Go
61 lines
1.4 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"github.com/coreos/go-oidc/v3/oidc"
|
|
"golang.org/x/oauth2"
|
|
)
|
|
|
|
type OpenID struct {
|
|
provider *oidc.Provider
|
|
}
|
|
|
|
func NewOpenID(ctx context.Context, issuer string) (*OpenID, error) {
|
|
provider, err := oidc.NewProvider(ctx, issuer)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to create provider: %w", err)
|
|
}
|
|
|
|
return &OpenID{
|
|
provider: provider,
|
|
}, nil
|
|
}
|
|
|
|
func (o *OpenID) CreateToken(ctx context.Context, claims map[string]interface{}) (*oidc.IDToken, error) {
|
|
config := oauth2.Config{
|
|
ClientID: clientID,
|
|
ClientSecret: clientSecret,
|
|
Endpoint: provider.Endpoint(),
|
|
RedirectURL: "http://127.0.0.1:5556/auth/google/callback",
|
|
Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
|
|
}
|
|
token, err := o.provider.NewIDToken(ctx, claims)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to create token: %w", err)
|
|
}
|
|
|
|
return token, nil
|
|
}
|
|
|
|
func (o *OpenID) AuthMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
token, err := o.Verify(r.Context(), r)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
userInfo, err := o.UserInfo(r.Context(), token)
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
ctx := context.WithValue(r.Context(), "user", userInfo)
|
|
next.ServeHTTP(w, r.WithContext(ctx))
|
|
})
|
|
}
|