func (service *Service) GetConfig(w http.ResponseWriter, request *http.Request) { token, err := totp.NewToken() if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } totpsession, err := service.GetSession(request, SessionForRegistration, "totp") if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } totpsession.Values["secret"] = token.Secret sessions.Save(request, w) data := struct { TotpSecret string `json:"totpsecret"` GithubClientId string `json:"githubclientid"` FacebookClientId string `json:"facebookclientid"` }{} data.TotpSecret = token.Secret data.GithubClientId, _ = identityservice.GetOauthClientID("github") data.FacebookClientId, _ = identityservice.GetOauthClientID("facebook") json.NewEncoder(w).Encode(&data) }
func (service *Service) GithubCallback(w http.ResponseWriter, request *http.Request) { var code = request.URL.Query().Get("code") // Get GitHub access token clientId, err := identityservice.GetOauthClientID("github") log.Info("clientId") log.Info(clientId) if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } clientSecret, err := identityservice.GetOauthSecret("github") if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } redirect_uri := "https://" + request.Host + "/github_callback" var oauthUrl = fmt.Sprintf("https://github.com/login/oauth/access_token?&client_id=%s&client_secret=%s&code=%s&redirect_uri=%s", clientId, clientSecret, code, redirect_uri) var githubUserInfo user.GithubAccount httpClient := &http.Client{} req, _ := http.NewRequest("POST", oauthUrl, nil) req.Header.Add("Accept", "application/json") // Get access token from Github response, err := httpClient.Do(req) if err != nil || response.StatusCode != 200 { log.Error(response.Status) log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } githubResponse := struct { Access_token string Scope string Token_type string Error string Error_description string Error_uri string }{} if err := json.NewDecoder(response.Body).Decode(&githubResponse); err != nil { log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } if githubResponse.Error != "" { log.Error(githubResponse) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } // Get user info from github var apiUrl = fmt.Sprintf("https://api.github.com/user?access_token=%s", githubResponse.Access_token) req, _ = http.NewRequest("GET", apiUrl, nil) // Get GitHub profile info from this user response, err = httpClient.Do(req) if err != nil || response.StatusCode != 200 { log.Error(response.Status) log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } if err := json.NewDecoder(response.Body).Decode(&githubUserInfo); err != nil { log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } userMgr := user.NewManager(request) // Save Github user info in db var loggedInUser, e = service.GetLoggedInUser(request, w) if e != nil { log.Error(e) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } if err := userMgr.UpdateGithubAccount(loggedInUser, githubUserInfo); err != nil { log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } http.Redirect(w, request, "/", http.StatusTemporaryRedirect) }
func (service *Service) FacebookCallback(w http.ResponseWriter, request *http.Request) { var code = request.URL.Query().Get("code") var redirectUri = "https://" + request.Host + "/facebook_callback" clientId, err := identityservice.GetOauthClientID("facebook") if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } clientSecret, err := identityservice.GetOauthSecret("facebook") if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } var oauthUrl = fmt.Sprintf("https://graph.facebook.com/v2.6/oauth/access_token?client_id=%s&client_secret=%s&code=%s&redirect_uri=%s", clientId, clientSecret, code, redirectUri) var fbInfo user.FBInfo httpClient := &http.Client{} req, _ := http.NewRequest("POST", oauthUrl, nil) // Get access token from Github response, _ := httpClient.Do(req) facebookResponse := struct { Access_token string Token_type string Expires_in int Error user.FacebookError }{} if err := json.NewDecoder(response.Body).Decode(&facebookResponse); err != nil { log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } if facebookResponse.Error.Message != "" { log.Error(facebookResponse.Error) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } // Get Facebook user info using the Graph API. var fields = "id,picture,link,name" var apiUrl = fmt.Sprintf("https://graph.facebook.com/v2.6/me/?access_token=%s&fields=%s", facebookResponse.Access_token, fields) req, _ = http.NewRequest("GET", apiUrl, nil) response, _ = httpClient.Do(req) if err := json.NewDecoder(response.Body).Decode(&fbInfo); err != nil { log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } // Save facebook info in database. userMgr := user.NewManager(request) var loggedInUser, e = service.GetLoggedInUser(request, w) if e != nil { log.Error(e) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } var fbAccount user.FacebookAccount fbAccount.Id = fbInfo.Id fbAccount.Name = fbInfo.Name fbAccount.Picture = fbInfo.Picture.Data.Url fbAccount.Link = fbInfo.Link if err := userMgr.UpdateFacebookAccount(loggedInUser, fbAccount); err != nil { log.Error(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } http.Redirect(w, request, "/", http.StatusTemporaryRedirect) }