func inner_GET_authorize(c martini.Context, sess sessions.Session, r *http.Request, ar *osin.AuthorizeRequest) bool {
var (
identity = ActiveIdentity(c)
source = current_url(r)
handler martini.Handler
)
if identity != nil {
ar.UserData = identity
sess.Delete("flow")
return true
} else {
sess.Set("flow", FlowState{
Type: AuthorizeFlow,
Source: source,
StartAt: time.Now(),
})
if provider := r.URL.Query().Get("p"); provider == "" {
handler = show_provider_chooser()
} else {
handler = redirect_to_provider(provider)
}
}
c.Invoke(handler)
return false
}
func GET_home(c martini.Context, identity *data.Identity, render render.Render) {
if identity == nil {
c.Invoke(redirect_to("/login"))
} else {
c.Invoke(GET_profile)
}
}
// Performs validation and combines errors from validation
// with errors from deserialization, then maps both the
// resulting struct and the errors to the context.
func validateAndMap(obj reflect.Value, context martini.Context, errors *Errors, ifacePtr ...interface{}) {
context.Invoke(Validate(obj.Interface()))
errors.combine(getErrors(context))
context.Map(*errors)
context.Map(obj.Elem().Interface())
if len(ifacePtr) > 0 {
context.MapTo(obj.Elem().Interface(), ifacePtr[0])
}
}
func ActiveIdentity(c martini.Context) *data.Identity {
var (
identity *data.Identity
)
c.Invoke(MayAuthenticate())
c.Invoke(func(i *data.Identity) { identity = i })
return identity
}
func must_authenticate(c martini.Context, sess sessions.Session, db *sqlx.DB, r *http.Request) {
identity := ActiveIdentity(c)
if identity != nil {
return
}
if r.Header.Get("x-interactive") == "true" {
sess.Delete("identity_id")
c.Invoke(redirect_to("/login"))
} else {
c.Invoke(forbidden())
}
}
func GET_continue(c martini.Context, params martini.Params) {
var (
provider = params["provider"]
handler martini.Handler
)
if provider == "" {
handler = show_provider_chooser()
} else {
handler = redirect_to_provider(provider)
}
c.Invoke(handler)
}
func GET_callback_BC(c martini.Context, sess sessions.Session) {
flow := sess.Get("flow").(FlowState)
c.Invoke(create_identity)
c.Invoke(create_account)
c.Invoke(activate_session)
c.Invoke(redirect_to(flow.Source))
}
func GET_callback_AB(c martini.Context, sess sessions.Session) {
flow := sess.Get("flow").(FlowState)
c.Invoke(match_session_identity_with_account)
c.Invoke(match_session_identity_with_flow)
c.Invoke(update_account)
c.Invoke(redirect_to(flow.Source))
}
func GET_login(c martini.Context, sess sessions.Session, r *http.Request) {
var (
identity = ActiveIdentity(c)
source = r.Referer()
handler martini.Handler
)
if identity != nil {
sess.Delete("flow")
handler = redirect_to(source)
} else {
sess.Set("flow", FlowState{
Type: LoginFlow,
Source: source,
StartAt: time.Now(),
})
handler = show_provider_chooser()
}
c.Invoke(handler)
}
func GET_link(c martini.Context, sess sessions.Session, r *http.Request) {
var (
identity = ActiveIdentity(c)
source = r.Referer()
handler martini.Handler
)
if identity == nil {
sess.Delete("flow")
handler = forbidden()
} else {
sess.Set("flow", FlowState{
Type: LinkFlow,
Source: source,
IdentityId: identity.Id,
StartAt: time.Now(),
})
handler = show_provider_chooser()
}
c.Invoke(handler)
}
func GET_callback_B(c martini.Context, sess sessions.Session) {
flow := sess.Get("flow").(FlowState)
switch flow.Type {
case LoginFlow:
c.Invoke(GET_callback_BA)
case LinkFlow:
c.Invoke(GET_callback_BB)
case AuthorizeFlow:
c.Invoke(GET_callback_BC)
default:
panic("unknown flow type")
}
}
// Performs validation and combines errors from validation
// with errors from deserialization, then maps both the
// resulting struct and the errors to the context.
func validateAndMap(obj reflect.Value, context martini.Context, errors *Errors) {
context.Invoke(Validate(obj.Interface()))
errors.combine(getErrors(context))
context.Map(*errors)
context.Map(obj.Elem().Interface())
}
func GET_callback(c martini.Context, sess sessions.Session, r *http.Request, db *sqlx.DB) {
flow, ok := sess.Get("flow").(FlowState)
if !ok {
c.Invoke(redirect_to("/login"))
return
}
if flow.StartAt.Before(time.Now().Add(-10 * time.Minute)) {
c.Invoke(redirect_to("/login"))
return
}
if flow.State == "" {
c.Invoke(redirect_to("/login"))
return
}
if r.URL.Query().Get("code") == "" {
c.Invoke(redirect_to("/login"))
return
}
if flow.State != r.URL.Query().Get("state") {
c.Invoke(redirect_to("/login"))
return
}
var (
provider = tmp_new_provider(flow.Provider)
transport = provider.Transport(nil)
)
token, err := transport.Exchange(r.URL.Query().Get("code"))
if err != nil {
panic(err)
}
profile, err := provider.GetProfile(transport)
if err != nil {
panic(err)
}
var (
tx = db.MustBegin()
success bool
)
defer func() {
if success {
tx.Commit()
} else {
tx.Rollback()
}
}()
account, err := data.GetAccountWithRemoteId(tx, profile.RemoteId())
if err != nil {
panic(err)
}
c.MapTo(profile, (*providers.Profile)(nil))
c.Map(token)
c.Map(tx)
c.Map(account)
if account != nil {
c.Invoke(GET_callback_A)
} else {
c.Invoke(GET_callback_B)
}
success = true
}