From c7a1e65b508752b492db97d72563d7034117ad20 Mon Sep 17 00:00:00 2001
From: Peter Stuifzand <peter@stuifzand.eu>
Date: Fri, 9 Aug 2019 20:47:27 +0200
Subject: [PATCH] Use baseurl as ClientID

---
 cmd/eksterd/http.go | 12 ++++++------
 cmd/eksterd/main.go |  9 ---------
 2 files changed, 6 insertions(+), 15 deletions(-)

diff --git a/cmd/eksterd/http.go b/cmd/eksterd/http.go
index 93f24ea..323c5f2 100644
--- a/cmd/eksterd/http.go
+++ b/cmd/eksterd/http.go
@@ -153,10 +153,10 @@ func saveSession(sessionVar string, sess *session, conn redis.Conn) error {
 	return err
 }
 
-func verifyAuthCode(code, redirectURI, authEndpoint string) (bool, *authResponse, error) {
+func verifyAuthCode(code, redirectURI, authEndpoint, clientID string) (bool, *authResponse, error) {
 	reqData := url.Values{}
 	reqData.Set("code", code)
-	reqData.Set("client_id", ClientID)
+	reqData.Set("client_id", clientID)
 	reqData.Set("redirect_uri", redirectURI)
 
 	req, err := http.NewRequest(http.MethodPost, authEndpoint, strings.NewReader(reqData.Encode()))
@@ -206,14 +206,14 @@ func isLoggedIn(backend *memoryBackend, sess *session) bool {
 	return true
 }
 
-func performIndieauthCallback(r *http.Request, sess *session) (bool, *authResponse, error) {
+func performIndieauthCallback(clientID string, r *http.Request, sess *session) (bool, *authResponse, error) {
 	state := r.Form.Get("state")
 	if state != sess.State {
 		return false, &authResponse{}, fmt.Errorf("mismatched state")
 	}
 
 	code := r.Form.Get("code")
-	return verifyAuthCode(code, sess.RedirectURI, sess.AuthorizationEndpoint)
+	return verifyAuthCode(code, sess.RedirectURI, sess.AuthorizationEndpoint, clientID)
 }
 
 type app struct {
@@ -301,7 +301,7 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			sessionVar := c.Value
 			sess, err := loadSession(sessionVar, conn)
 
-			verified, authResponse, err := performIndieauthCallback(r, &sess)
+			verified, authResponse, err := performIndieauthCallback(h.BaseURL, r, &sess)
 			if err != nil {
 				fmt.Fprintf(w, "ERROR: %q\n", err)
 				return
@@ -520,7 +520,7 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				return
 			}
 
-			authenticationURL := indieauth.CreateAuthenticationURL(*endpoints.AuthorizationEndpoint, endpoints.Me.String(), ClientID, redirectURI, state)
+			authenticationURL := indieauth.CreateAuthenticationURL(*endpoints.AuthorizationEndpoint, endpoints.Me.String(), h.BaseURL, redirectURI, state)
 			http.Redirect(w, r, authenticationURL, 302)
 
 			return
diff --git a/cmd/eksterd/main.go b/cmd/eksterd/main.go
index 5f7fca4..69547e5 100644
--- a/cmd/eksterd/main.go
+++ b/cmd/eksterd/main.go
@@ -30,11 +30,6 @@ import (
 	"p83.nl/go/ekster/pkg/server"
 )
 
-const (
-	// ClientID is used to identify the server when we make authentication requests.
-	ClientID string = "https://p83.nl/microsub-client"
-)
-
 // AppOptions are options for the app
 type AppOptions struct {
 	Port        int
@@ -46,10 +41,6 @@ type AppOptions struct {
 	pool        *redis.Pool
 }
 
-var (
-// pool *redis.Pool
-)
-
 func init() {
 	log.SetFlags(log.Lshortfile | log.Ldate | log.Ltime)
 }