func (o *OAuthHandler) handleLoginPage(ar *osin.AuthorizeRequest, w http.ResponseWriter, r *http.Request) bool { _ = "breakpoint" r.ParseForm() username := "" password := "" loginError := false if r.Method == "POST" { username = r.Form.Get("username") password = r.Form.Get("password") user, _ := userRepo.Login(username, password) ar.UserData = user loginError = (user == nil) if user != nil || loginError == false { return true } //return (user != nil) } page := &LoginPage{ ResponseType: ar.Type, ClientId: ar.Client.GetId(), State: ar.State, RedirectUri: url.QueryEscape(ar.RedirectUri), Username: username, LoginError: loginError, } renderLoginPage(w, page) return false }
func inner_GET_authorize(c martini.Context, sess sessions.Session, r *http.Request, ar *osin.AuthorizeRequest) bool { var ( identity = ActiveIdentity(c) source = current_url(r) handler martini.Handler ) if identity != nil { ar.UserData = identity sess.Delete("flow") return true } else { sess.Set("flow", FlowState{ Type: AuthorizeFlow, Source: source, StartAt: time.Now(), }) if provider := r.URL.Query().Get("p"); provider == "" { handler = show_provider_chooser() } else { handler = redirect_to_provider(provider) } } c.Invoke(handler) return false }
// HandleAuthorize implements osinserver.AuthorizeHandler to ensure the AuthorizeRequest is authenticated. // If the request is authenticated, UserData and Authorized are set and false is returned. // If the request is not authenticated, the auth handler is called and the request is not authorized func (h *AuthorizeAuthenticator) HandleAuthorize(ar *osin.AuthorizeRequest, w http.ResponseWriter) (bool, error) { info, ok, err := h.request.AuthenticateRequest(ar.HttpRequest) if err != nil { return h.errorHandler.AuthenticationError(err, w, ar.HttpRequest) } if !ok { return h.handler.AuthenticationNeeded(ar.Client, w, ar.HttpRequest) } ar.UserData = info ar.Authorized = true return false, nil }
// HandleAuthorize implements osinserver.AuthorizeHandler to ensure the AuthorizeRequest is authenticated. // If the request is authenticated, UserData and Authorized are set and false is returned. // If the request is not authenticated, the auth handler is called and the request is not authorized func (h *AuthorizeAuthenticator) HandleAuthorize(ar *osin.AuthorizeRequest, w http.ResponseWriter) (bool, error) { info, ok, err := h.request.AuthenticateRequest(ar.HttpRequest) if err != nil { glog.V(4).Infof("OAuth authentication error: %v", err) return h.errorHandler.AuthenticationError(err, w, ar.HttpRequest) } if !ok { return h.handler.AuthenticationNeeded(ar.Client, w, ar.HttpRequest) } glog.V(4).Infof("OAuth authentication succeeded: %#v", info) ar.UserData = info ar.Authorized = true return false, nil }