func spotifyTokenStorage(encryptToken common.EncryptToken, user *models.SpotifyAuthedUserProfile, env *Env) error { var err error var executeQuery string //encrypt the token with it's methods. dbToken, err := encryptToken.EncryptAccessToken() if err != nil { return err } query := "SELECT spotify_id FROM spotify_tokens WHERE spotify_id=?" id, err := env.Db.Search(query, user.ID) if err != nil && err != sql.ErrNoRows { return err } if id == nil || err == sql.ErrNoRows { executeQuery = "INSERT INTO spotify_tokens(spotify_id,access_token,refresh_token,token_type,expiry) VALUES(?,?,?,?,?)" } else { executeQuery = "UPDATE spotify_tokens SET access_token=?, refresh_token=?, token_type=?, expiry=? WHERE spotify_id=?" } stmt, err := env.Db.PrepareQuery(executeQuery) defer stmt.Close() if err != nil { return err } repo := &data.TokenRepository{S: stmt} if id != nil { //no idea why id is being stored/pull as []uint8 byte_id, _ := id.([]uint8) spotify_id := string(byte_id) err = repo.UpdateToken(dbToken, spotify_id) } else { err = repo.StoreNewToken(dbToken, user.ID) } return err }
//handler for /callback func (env *Env) SpotifyCallback(w http.ResponseWriter, r *http.Request) { //check cookie: session, err := store.Get(r, "spotify_auth_state") if err != nil { common.DisplayAppError(w, err, "Error getting session in SpotifyCallback", 500) return } checkState := session.Values["state_key"] // get state query parameter and check it it matches cookie: state := r.FormValue("state") if checkState == "" || checkState != state || state == "" { common.DisplayAppError(w, err, "Not valid Oauth state in SpotifyCallback. Browser identification issue.", 500) return } //will return a token token, err := authClient.Token(state, r) if err != nil { common.DisplayAppError(w, err, "Error getting token", http.StatusForbidden) return } client := authClient.FinalAuth(token) //clear state: session.Values["state_key"] = "" session.Options = &sessions.Options{ MaxAge: -1, } session.Save(r, w) encryptToken := common.EncryptToken{ Key: RandomString(16), Token: client.Token, } user, err := client.GetCurrentProfile() if err != nil { common.DisplayAppError(w, err, "Error after User auth", 500) return } //check and register if new: err = spotifyUserStorage(user, env) if err != nil { common.DisplayAppError(w, err, "Error in spotifyUserStorage", 500) return } //store token in DB err = spotifyTokenStorage(encryptToken, user, env) if err != nil { common.DisplayAppError(w, err, "Error in spotifyTokenStorage", 500) return } //write cookie: cookie, err := encryptToken.GenerateSpotifyCookieToken(user.ID) if err != nil { common.DisplayAppError(w, err, "Error Generating spotify jwt token", 500) return } sessionToken, err := encryptToken.GenerateSpotifySessionToken(user.ID) if err != nil { common.DisplayAppError(w, err, "Error Generating spotify jwt token", 500) return } http.SetCookie(w, &cookie) queryURL := queryMaker(user, sessionToken) http.Redirect(w, r, queryURL, 302) //also clear the cookie. }