Exemplo n.º 1
0
func initTransport(transport *oauth.Transport) error {
	// First: check the cache.
	if token, err := transport.Config.TokenCache.Token(); err == nil {
		// We have a token, refresh it. The lifetime is 1h, so we always
		// refresh to ensure lengthy commands do not time out.
		transport.Token = token
		err := transport.Refresh()
		if err == nil {
			return nil
		}
		log.Infof("token refresh failed, requesting new one")
	}

	// Get a new token. Pops up a browser window (hopefully).
	randState := fmt.Sprintf("st%d", time.Now().UnixNano())
	authURL := transport.Config.AuthCodeURL(randState)
	log.Infof("Opening auth URL in browser: %s", authURL)
	log.Infof("If the URL doesn't open please open it manually and copy the code here.")
	openURL(authURL)
	code := getCodeFromStdin()

	_, err := transport.Exchange(code)
	if err != nil {
		log.Infof("problem exchanging code: %v", err)
		return err
	}

	return nil
}
Exemplo n.º 2
0
func authenticate(transport *oauth.Transport) error {
	code := make(chan string)

	listener, err := net.Listen("tcp", "localhost:0")
	if err != nil {
		return err
	}
	go http.Serve(listener, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		fmt.Fprint(w, closeMessage)
		code <- r.FormValue("code") // send code to OAuth flow
		listener.Close()            // shut down HTTP server
	}))

	transport.Config.RedirectURL = fmt.Sprintf("http://%s/", listener.Addr())
	url := transport.Config.AuthCodeURL("")
	if err := openURL(url); err != nil {
		fmt.Fprintln(os.Stderr, visitMessage)
	} else {
		fmt.Fprintln(os.Stderr, openedMessage)
	}
	fmt.Fprintf(os.Stderr, "\n%s\n\n", url)
	fmt.Fprintln(os.Stderr, resumeMessage)

	_, err = transport.Exchange(<-code)
	return err
}
Exemplo n.º 3
0
Arquivo: print.go Projeto: 0x7cc/rsc
// VerifyClaim checks that the printer has been claimed.
// If the printer is claimed, VerifyClaim returns no error.
// If the printer is unclaimed, VerifyClaim retruns ErrUnclaimed.
// It is possible for VerifyClaim to return other errors, such as
// in the case of network problems.
//
// A side effect of verifying that claim is that Google creates
// a synthetic account that is only useful in a future call to
// NewServer, to manage just this one printer.
// The information about that account can be retrieved
// from the Auth, Printer, and Server methods after VerifyClaim
// succeeds.
func (p *OpenPrinter) VerifyClaim() error {
	if p.verify != nil {
		return nil
	}

	var resp verifyResponse
	if err := jsonRPC(&p.auth, "GET", p.register.PollingURL+p.auth.APIClientID, nil, &resp); err != nil {
		return fmt.Errorf("VerifyClaim: %v", err)
	}

	var tr oauth.Transport
	tr.Config = &oauth.Config{
		ClientId:     p.auth.APIClientID,
		ClientSecret: p.auth.APIClientSecret,
		Scope:        "https://www.googleapis.com/auth/cloudprint https://www.googleapis.com/auth/googletalk",
		AuthURL:      "https://accounts.google.com/o/oauth2/auth",
		TokenURL:     "https://accounts.google.com/o/oauth2/token",
		RedirectURL:  "oob",
	}
	tok, err := tr.Exchange(resp.AuthorizationCode)
	if err != nil {
		return fmt.Errorf("VerifyClaim: oauth exchange: %v", err)
	}

	p.auth.Token = *tok
	p.auth.TokenUser = resp.UserEmail
	p.auth.XMPPJID = resp.XMPPJID
	p.verify = &resp
	return nil
}
Exemplo n.º 4
0
func getToken(t *oauth.Transport) {
	var c string
	authURL := config.AuthCodeURL("state")
	log.Printf("Open in browser: %v\n", authURL)
	log.Printf("Enter verification code: ")
	fmt.Scanln(&c)
	_, err := t.Exchange(c)
	if err != nil {
		log.Fatalf("An error occurred exchanging the code: %v\n", err)
	}
}
Exemplo n.º 5
0
func handleOAuth2Callback(t *oauth.Transport, s sessions.Session, w http.ResponseWriter, r *http.Request) {
	next := extractPath(r.URL.Query().Get("state"))
	code := r.URL.Query().Get("code")
	tk, err := t.Exchange(code)
	if err != nil {
		// Pass the error message, or allow dev to provide its own
		// error handler.
		http.Redirect(w, r, PathError, codeRedirect)
		return
	}
	// Store the credentials in the session.
	val, _ := json.Marshal(tk)
	s.Set(keyToken, val)
	http.Redirect(w, r, next, codeRedirect)
}
func authorize(w http.ResponseWriter, r *http.Request, t *oauth.Transport) (*oauth.Token, error) {
	//Get the code from the response
	code := r.FormValue("code")

	if code == "" {
		// Get an authorization code from the data provider.
		// ("Please ask the user if I can access this resource.")
		url := config.AuthCodeURL("")
		http.Redirect(w, r, url, http.StatusFound)
		return nil, nil
	}
	// Exchange the authorization code for an access token.
	// ("Here's the code you gave the user, now give me a token!")
	return t.Exchange(code)
}
Exemplo n.º 7
0
func obtainToken(transport *oauth.Transport) {
	t, _ := config.TokenCache.Token()
	if t != nil {
		return
	}

	authUrl := config.AuthCodeURL("state")
	fmt.Printf("Go to the following link in your browser: %v\n", authUrl)

	fmt.Printf("Enter verification code: ")
	var code string
	fmt.Scanln(&code)

	// Read the code, and exchange it for a token.
	_, err := transport.Exchange(code)
	if err != nil {
		log.Errorf("An error occurred exchanging the token: %v\n", err)
		panic(-2)
	}
}
Exemplo n.º 8
0
func oauthCallbackHandler(w http.ResponseWriter, r *http.Request) {
	profileInfoURL := "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
	code := r.FormValue("code")
	t := oauth.Transport{Config: oauthCfg}
	t.Exchange(code)
	resp, err := t.Client().Get(profileInfoURL)
	if err != nil {
		panic(err)
	}
	defer resp.Body.Close()

	user := User{}
	contents, err := ioutil.ReadAll(resp.Body)
	json.Unmarshal(contents, &user)

	session, _ := store.Get(r, "session")
	session.Values["UserId"] = user.Id
	session.Values["GivenName"] = user.Given_Name
	log.Printf("** %s Logged in **", user.Name)
	session.Save(r, w)

	http.Redirect(w, r, "/view/", http.StatusFound)
}
Exemplo n.º 9
0
func Setup(r pork.Router, ctx *context.Context) {
	r.RespondWithFunc("/auth/a", func(w pork.ResponseWriter, r *http.Request) {
		http.Redirect(w, r,
			configFromRequest(ctx.Cfg, r).AuthCodeURL(""),
			http.StatusTemporaryRedirect)
	})

	r.RespondWithFunc("/auth/z", func(w pork.ResponseWriter, r *http.Request) {
		code := r.FormValue("code")
		if code == "" {
			http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
			return
		}

		tx := oauth.Transport{
			Config: configFromRequest(ctx.Cfg, r),
		}

		_, err := tx.Exchange(code)
		if err != nil {
			http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
			return
		}

		var user ghUser
		if err := fetchGhUser(&tx, &user); err != nil {
			http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
			return
		}

		sess, err := createSessionFrom(ctx, &user, tx.Token)
		if err != nil {
			panic(err)
		}

		if err := setAuthCookie(w, ctx.Cfg, sess); err != nil {
			panic(err)
		}
	})

	r.RespondWithFunc("/auth/sock", func(w pork.ResponseWriter, r *http.Request) {
		sess, err := SessionFromRequest(ctx, r)
		if err != nil {
			http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
			return
		}

		buf, err := secure.Encrypt(sess.Key, ctx.Cfg.AesKey, ctx.Cfg.HmacKey)
		if err != nil {
			panic(err)
		}

		var res bytes.Buffer
		e := base62.NewEncoder(&res)
		if _, err := e.Write(buf); err != nil {
			panic(err)
		}
		e.Close()

		w.Header().Set("Content-Type", "text/plain")
		w.Write(res.Bytes())
	})

	r.RespondWithFunc("/auth/exit", func(w pork.ResponseWriter, r *http.Request) {
		sid, err := SessionIdFromRequest(ctx, r)
		if err != nil {
			panic(err)
		}

		if sid == nil {
			return
		}

		if err := store.DeleteSession(ctx, sid); err != nil {
			panic(err)
		}

		http.SetCookie(w, &http.Cookie{
			Name:     AuthCookieName,
			Value:    "",
			Path:     "/",
			MaxAge:   0,
			HttpOnly: true,
		})
	})
}