func (s *AccountsController) SetRoutes(router gin.IRouter) gin.IRouter {
g := router.Group("/accounts")
g.GET("/", s.GetAccountList)
g.GET("/:major", s.GetAccount)
return g
}
// oidcAddRoutes adds OpenID Connect endpoints to an existing gin.IRouter.
func oidcAddRoutes(router gin.IRouter, origin string, rsakey *rsa.PrivateKey) {
jwksPath := "/jwks.json"
authPath := "/authorize"
router.GET("/.well-known/openid-configuration", discovery(origin, jwksPath, authPath))
router.GET(jwksPath, keyset(&rsakey.PublicKey))
router.POST(authPath, authorize(origin, rsakey))
}
func (a *authManager) RegisterRoutes(login, callback, logout string, r gin.IRouter) {
a.loginRoute = login
r.GET(login, func(ctx *gin.Context) {
state := &oauthState{
RedirectPath: ctx.DefaultQuery("redirect", "/"),
Random: make([]byte, 15),
}
rand.Read(state.Random)
b, err := json.Marshal(state)
if err != nil {
return
}
stateStr := a.encrypt(b)
rand.Read(state.Random)
ctx.Redirect(302, a.conf.AuthCodeURL(stateStr))
})
r.GET(callback, func(ctx *gin.Context) {
state := a.decrypt(ctx.Query("state"))
if state == "" {
ctx.Redirect(302, "/")
}
s := &oauthState{}
if err := json.Unmarshal([]byte(state), s); err != nil {
ctx.Redirect(302, "/")
}
tok, err := a.conf.Exchange(context.Background(), ctx.Query("code"))
if err != nil {
ctx.Redirect(302, "/")
}
c := client(tok.AccessToken)
u, _, err := c.Users.Get("")
if err != nil {
ctx.Redirect(302, "/")
}
user := &GithubUser{
Token: tok.AccessToken,
Login: *u.Login,
AvatarURL: *u.AvatarURL,
ID: *u.ID,
}
a.SetCookie(ctx, user)
ctx.Redirect(302, s.RedirectPath)
})
r.GET(logout, func(ctx *gin.Context) {
a.ClearCookie(ctx)
ctx.Redirect(302, "/")
})
}
func (s *AccountMinorsController) SetRoutes(router gin.IRouter) gin.IRouter {
g := router.Group("/:major/minors")
g.GET("/", s.GetMinorList)
return router
}
