Exemple #1
0
// authCallbackHandler handles redirect from Facebook OAuth2 authorization page.
func authCallbackHandler(req *web.Request) {
	code := req.Param.Get("code")
	if code == "" {
		// should display error_reason
		req.Redirect("/", false)
		return
	}
	f, err := getUrlEncodedForm("https://graph.facebook.com/oauth/access_token",
		web.NewValues(
			"client_id", appID, // defined in settings.go
			"client_secret", appSecret, // defined in settings.go
			"redirect_uri", req.URL.Scheme+"://"+req.URL.Host+"/callback",
			"code", code))
	if err != nil {
		req.Error(web.StatusInternalServerError, err)
		return
	}
	token := f.Get("access_token")
	expires := f.Get("expires")
	if expires == "" {
		expires = "3600"
	}
	maxAge, err := strconv.Atoi(expires)
	if err != nil {
		maxAge = 3600
	} else {
		maxAge -= 30 // fudge
	}
	req.Redirect("/", false,
		web.HeaderSetCookie, web.NewCookie("fbtok", token).
			MaxAge(maxAge-30).String())
}
Exemple #2
0
// home handles requests to the home page.
func homeHandler(req *web.Request) {
	token, err := accessToken(req)
	if err != nil {
		loggedOutHandler(req)
		return
	}
	feed, err := getJSON("https://graph.facebook.com/me/home", web.NewValues("access_token", token))
	if err != nil {
		req.Error(web.StatusInternalServerError, err,
			web.HeaderSetCookie, web.NewCookie("fbtok", "").Delete().String())
		return
	}
	homeTemplate.respond(req, web.StatusOK, feed)
}
Exemple #3
0
// the mandatory serveWeb method
func (h *sessionHandler) ServeWeb(req *web.Request) {
	sess := h.manager.Load(req)
	req.Env["session"] = sess

	web.FilterRespond(req, func(status int, header web.Header) (int, web.Header) {
		sess, ok := req.Env["session"].(*Session)
		if !ok {
			return status, header
		}
		h.manager.Save(req, sess)

		c := web.NewCookie(sessionCookieName, sess.id).String()
		header.Add(web.HeaderSetCookie, c)
		return status, header
	})
	h.h.ServeWeb(req)
}
Exemple #4
0
// authCallback handles OAuth callbacks from Twitter.
func authCallback(req *web.Request) {
	temporaryCredentials, err := credentials(req, "tmp")
	if err != nil {
		req.Error(web.StatusNotFound, err)
		return
	}
	s := req.Param.Get("oauth_token")
	if s == "" {
		req.Error(web.StatusNotFound, os.NewError("main: no token"))
		return
	}
	if s != temporaryCredentials.Token {
		req.Error(web.StatusNotFound, os.NewError("main: token mismatch"))
		return
	}
	tokenCredentials, _, err := oauthClient.RequestToken(http.DefaultClient, temporaryCredentials, req.Param.Get("oauth_verifier"))
	if err != nil {
		req.Error(web.StatusNotFound, err)
		return
	}
	req.Redirect("/", false,
		web.HeaderSetCookie, credentialsCookie("tok", tokenCredentials, 30),
		web.HeaderSetCookie, web.NewCookie("tmp", "").Delete().String())
}
Exemple #5
0
// logoutHandler logs the user out by clearing the access token cookie.
func logoutHandler(req *web.Request) {
	req.Redirect("/", false,
		web.HeaderSetCookie, web.NewCookie("fbtok", "").Delete().String())
}
Exemple #6
0
// credentialsCookie encodes OAuth credentials to a Set-Cookie header value.
func credentialsCookie(name string, c *oauth.Credentials, maxAgeDays int) string {
	return web.NewCookie(name, url.QueryEscape(c.Token)+"/"+url.QueryEscape(c.Secret)).
		MaxAgeDays(maxAgeDays).
		String()
}