예제 #1
0
func (s *AEServer) FinishTokenInfoRequest(c context.Context, w *osin.Response, r *TokenInfoRequest) {
	if w.IsError {
		w.Output["error_description"] = w.InternalError.Error()
		return
	}

	if aestorage, ok := s.storage.(*AEStorage); ok {
		//decode from claims
		u, err := aestorage.LoadUserFromAccessData(c, r.AccessData)
		if err != nil {
			w.IsError = true
			w.InternalError = err
			w.Output["error"] = err.Error()
			w.Output["error_description"] = err.Error()
		} else if u == nil {
			w.IsError = true
			w.InternalError = errors.New("User not found")
			w.Output["error"] = err.Error()
			w.Output["error_description"] = err.Error()
		} else {
			w.Output["user_id"] = u.ID
			w.Output["email"] = u.Email
			w.Output["verified_email"] = !u.VerifiedAt.IsZero()
			w.Output["issued_to"] = r.AccessData.Client.GetId()
			w.Output["audience"] = r.AccessData.Client.GetId() //TODO: works temporarily but needs to be updated for Android devices
			w.Output["scope"] = r.AccessData.Scope
			w.Output["expires_in"] = r.AccessData.CreatedAt.Add(time.Duration(r.AccessData.ExpiresIn)*time.Second).Sub(s.server.Now()) / time.Second
			w.Output["access_type"] = "online"
		}
	} else {
		w.IsError = true
		w.InternalError = errors.New("Storage is not available")
		w.Output["error"] = w.InternalError.Error()
		w.Output["error_description"] = w.InternalError.Error()
	}
}
예제 #2
0
func (s *AEServer) HandleTokenInfoRequest(c context.Context, w *osin.Response, r *http.Request) *TokenInfoRequest {
	r.ParseForm()
	token := r.Form.Get("access_token")
	if token == "" {
		w.SetError(osin.E_INVALID_REQUEST, "")
		return nil
	}
	ret := &TokenInfoRequest{
		AccessToken: token,
	}
	var err error
	ret.AccessData, err = s.storage.LoadAccess(c, ret.AccessToken)
	if err != nil {
		w.SetError(osin.E_INVALID_REQUEST, "")
		w.InternalError = err
		return nil
	}
	if ret.AccessData == nil {
		w.SetError(osin.E_INVALID_REQUEST, "")
		return nil
	}
	if ret.AccessData.Client.GetRedirectUri() == "" {
		w.SetError(osin.E_UNAUTHORIZED_CLIENT, "")
		return nil
	}
	if ret.AccessData.IsExpiredAt(s.server.Now()) {
		w.SetError(osin.E_UNAUTHORIZED_CLIENT, "")
		return nil
	}
	return ret
}