Clean up url generation and callback

2018-07-16 21:05:52 +02:00 · 2018-07-16 21:05:52 +02:00 · f3da9da58d
commit f3da9da58d
parent e596a116bb
2 changed files with 41 additions and 29 deletions
--- a/cmd/eksterd/http.go
+++ b/cmd/eksterd/http.go
@ -185,6 +185,16 @@ func isLoggedIn(backend *memoryBackend, sess *session) bool {
 	return true
 }

+func performIndieauthCallback(r *http.Request, sess *session) (bool, *authResponse, error) {
+	state := r.Form.Get("state")
+	if state != sess.State {
+		return false, &authResponse{}, fmt.Errorf("mismatched state")
+	}
+
+	code := r.Form.Get("code")
+	return verifyAuthCode(code, sess.RedirectURI, sess.AuthorizationEndpoint)
+}
+
 func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	conn := pool.Get()
 	defer conn.Close()
@ -225,15 +235,7 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			sessionVar := c.Value
 			sess, err := loadSession(sessionVar, conn)

-			state := r.Form.Get("state")
-			if state != sess.State {
-				w.WriteHeader(http.StatusBadRequest)
-				fmt.Fprintf(w, "ERROR: Mismatched state\n")
-				return
-			}
-			code := r.Form.Get("code")
-
-			verified, authResponse, err := verifyAuthCode(code, sess.RedirectURI, sess.AuthorizationEndpoint)
+			verified, authResponse, err := performIndieauthCallback(r, &sess)
 			if err != nil {
 				fmt.Fprintf(w, "ERROR: %q\n", err)
 				return
@ -390,10 +392,7 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				return
 			}
 			return
-
-		} else if r.URL.Path == "/auth/token" {
 		}
-
 	} else if r.Method == http.MethodPost {
 		if r.URL.Path == "/session" {
 			c, err := r.Cookie("session")
@ -438,15 +437,9 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			}
 			saveSession(sessionVar, &sess, conn)

-			q := authURL.Query()
-			q.Add("response_type", "id")
-			q.Add("me", meURL.String())
-			q.Add("client_id", ClientID)
-			q.Add("redirect_uri", redirectURI)
-			q.Add("state", state)
-			authURL.RawQuery = q.Encode()
+			authenticationURL := indieauth.CreateAuthenticationURL(*authURL, meURL.String(), ClientID, redirectURI, state)

-			http.Redirect(w, r, authURL.String(), 302)
+			http.Redirect(w, r, authenticationURL, 302)
 			return
 		} else if r.URL.Path == "/session/logout" {
 			c, err := r.Cookie("session")
--- a/pkg/indieauth/auth.go
+++ b/pkg/indieauth/auth.go
@ -94,16 +94,9 @@ func Authorize(me *url.URL, endpoints Endpoints, clientID, scope string) (TokenR
 	redirectURI := fmt.Sprintf("http://%s/", local)
 	state := util.RandStringBytes(16)

-	q := authURL.Query()
-	q.Add("response_type", "code")
-	q.Add("me", me.String())
-	q.Add("client_id", clientID)
-	q.Add("redirect_uri", redirectURI)
-	q.Add("state", state)
-	q.Add("scope", scope)
-	authURL.RawQuery = q.Encode()
+	authorizationURL := CreateAuthorizationURL(*authURL, me.String(), clientID, redirectURI, state, scope)

-	log.Printf("Browse to %s\n", authURL.String())
+	log.Printf("Browse to %s\n", authorizationURL)

 	shutdown := make(chan struct{}, 1)

@ -164,3 +157,29 @@ func Authorize(me *url.URL, endpoints Endpoints, clientID, scope string) (TokenR

 	return tokenResponse, nil
 }
+
+func CreateAuthenticationURL(authURL url.URL, meURL, clientID, redirectURI, state string) string {
+	q := authURL.Query()
+
+	q.Add("response_type", "id")
+	q.Add("me", meURL)
+	q.Add("client_id", clientID)
+	q.Add("redirect_uri", redirectURI)
+	q.Add("state", state)
+
+	authURL.RawQuery = q.Encode()
+
+	return authURL.String()
+}
+
+func CreateAuthorizationURL(authURL url.URL, meURL, clientID, redirectURI, state, scope string) string {
+	q := authURL.Query()
+	q.Add("response_type", "code")
+	q.Add("me", meURL)
+	q.Add("client_id", clientID)
+	q.Add("redirect_uri", redirectURI)
+	q.Add("state", state)
+	q.Add("scope", scope)
+	authURL.RawQuery = q.Encode()
+	return authURL.String()
+}