statping/handlers/oauth.go

package handlers

import (
	"encoding/json"
	"fmt"
	"github.com/gorilla/mux"
	"github.com/statping/statping/types/core"
	"github.com/statping/statping/types/null"
	"github.com/statping/statping/types/users"
	"github.com/statping/statping/utils"
	"golang.org/x/oauth2"
	"golang.org/x/oauth2/github"
	"golang.org/x/oauth2/google"
	"golang.org/x/oauth2/slack"
	"net/http"
	"time"
)

type oAuth struct {
	ID           string
	Email        string
	Username     string
	Token        string
	RefreshToken string
	Valid        bool
	Type         string
}

func oauthHandler(w http.ResponseWriter, r *http.Request) {
	vars := mux.Vars(r)
	provider := vars["provider"]
	code := r.URL.Query().Get("code")
	fmt.Println("code: ", code)
	fmt.Println("client: ", core.App.OAuth.SlackClientID)
	fmt.Println("secret: ", core.App.OAuth.SlackClientSecret)

	var err error
	var oauth *oAuth
	switch provider {
	case "google":
		oauth, err = googleOAuth(r)
	case "github":
		oauth, err = githubOAuth(r)
	case "slack":
		oauth, err = slackOAuth(r)
	}

	if err != nil {
		log.Error(err)
		sendErrorJson(err, w, r)
		return
	}

	oauthLogin(oauth, w, r)
}

func oauthLogin(oauth *oAuth, w http.ResponseWriter, r *http.Request) {
	log.Infoln(oauth)
	user := &users.User{
		Id:       0,
		Username: oauth.Username,
		Email:    oauth.Email,
		Admin:    null.NewNullBool(true),
	}
	log.Infoln(fmt.Sprintf("OAuth User %s logged in from IP %s", oauth.Email, r.RemoteAddr))
	setJwtToken(user, w)

	//returnJson(user, w, r)
	http.Redirect(w, r, core.App.Domain, http.StatusPermanentRedirect)
}

func githubOAuth(r *http.Request) (*oAuth, error) {
	c := *core.App
	code := r.URL.Query().Get("code")

	config := &oauth2.Config{
		ClientID:     c.OAuth.GithubClientID,
		ClientSecret: c.OAuth.GithubClientSecret,
		Endpoint:     github.Endpoint,
	}

	gg, err := config.Exchange(r.Context(), code)
	if err != nil {
		return nil, err
	}

	return &oAuth{
		Token:        gg.AccessToken,
		RefreshToken: gg.RefreshToken,
		Valid:        gg.Valid(),
	}, nil
}

func googleOAuth(r *http.Request) (*oAuth, error) {
	c := core.App
	code := r.URL.Query().Get("code")

	config := &oauth2.Config{
		ClientID:     c.OAuth.GoogleClientID,
		ClientSecret: c.OAuth.GoogleClientSecret,
		Endpoint:     google.Endpoint,
	}

	gg, err := config.Exchange(r.Context(), code)
	if err != nil {
		return nil, err
	}

	return &oAuth{
		Token:        gg.AccessToken,
		RefreshToken: gg.RefreshToken,
		Valid:        gg.Valid(),
	}, nil
}

func slackOAuth(r *http.Request) (*oAuth, error) {
	c := core.App
	code := r.URL.Query().Get("code")

	config := &oauth2.Config{
		ClientID:     c.OAuth.SlackClientID,
		ClientSecret: c.OAuth.SlackClientSecret,
		Endpoint:     slack.Endpoint,
		RedirectURL:  c.Domain + basePath + "oauth/slack",
		Scopes:       []string{"identity.basic"},
	}

	gg, err := config.Exchange(r.Context(), code)
	if err != nil {
		return nil, err
	}

	oauther := &oAuth{
		Token:        gg.AccessToken,
		RefreshToken: gg.RefreshToken,
		Valid:        gg.Valid(),
		Type:         gg.Type(),
	}

	return oauther.slackIdentity()
}

// slackIdentity will query the Slack API to fetch the users ID, username, and email address.
func (a *oAuth) slackIdentity() (*oAuth, error) {
	url := fmt.Sprintf("https://slack.com/api/users.identity?token=%s", a.Token)
	out, resp, err := utils.HttpRequest(url, "GET", "application/x-www-form-urlencoded", nil, nil, 10*time.Second, true)
	if err != nil {
		return a, err
	}
	defer resp.Body.Close()

	var i *slackIdentity
	if err := json.Unmarshal(out, &i); err != nil {
		return a, err
	}
	a.Email = i.User.Email
	a.ID = i.User.ID
	a.Username = i.User.Name
	return a, nil
}

type slackIdentity struct {
	Ok   bool `json:"ok"`
	User struct {
		Name  string `json:"name"`
		ID    string `json:"id"`
		Email string `json:"email"`
	} `json:"user"`
	Team struct {
		ID string `json:"id"`
	} `json:"team"`
}

func secureToken(w http.ResponseWriter, r *http.Request) {

}
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`package handlers`

			`import (`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`"encoding/json"`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`"fmt"`
			`"github.com/gorilla/mux"`
			`"github.com/statping/statping/types/core"`
			`"github.com/statping/statping/types/null"`
			`"github.com/statping/statping/types/users"`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`"github.com/statping/statping/utils"`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`"golang.org/x/oauth2"`
			`"golang.org/x/oauth2/github"`
			`"golang.org/x/oauth2/google"`
oauth, UX 2020-04-07 14:56:49 +00:00			`"golang.org/x/oauth2/slack"`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`"net/http"`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`"time"`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`)`

			`type oAuth struct {`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`ID string`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`Email string`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`Username string`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`Token string`
			`RefreshToken string`
			`Valid bool`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`Type string`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`}`

			`func oauthHandler(w http.ResponseWriter, r *http.Request) {`
			`vars := mux.Vars(r)`
			`provider := vars["provider"]`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`code := r.URL.Query().Get("code")`
			`fmt.Println("code: ", code)`
			`fmt.Println("client: ", core.App.OAuth.SlackClientID)`
			`fmt.Println("secret: ", core.App.OAuth.SlackClientSecret)`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00
			`var err error`
			`var oauth *oAuth`
			`switch provider {`
			`case "google":`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`oauth, err = googleOAuth(r)`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`case "github":`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`oauth, err = githubOAuth(r)`
oauth 2020-04-20 03:02:34 +00:00			`case "slack":`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`oauth, err = slackOAuth(r)`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`}`

			`if err != nil {`
			`log.Error(err)`
oauth 2020-04-20 03:02:34 +00:00			`sendErrorJson(err, w, r)`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`return`
			`}`

			`oauthLogin(oauth, w, r)`
			`}`

			`func oauthLogin(oauth oAuth, w http.ResponseWriter, r http.Request) {`
oauth 2020-04-20 03:02:34 +00:00			`log.Infoln(oauth)`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`user := &users.User{`
			`Id: 0,`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`Username: oauth.Username,`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`Email: oauth.Email,`
			`Admin: null.NewNullBool(true),`
			`}`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`log.Infoln(fmt.Sprintf("OAuth User %s logged in from IP %s", oauth.Email, r.RemoteAddr))`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`setJwtToken(user, w)`

fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`//returnJson(user, w, r)`
			`http.Redirect(w, r, core.App.Domain, http.StatusPermanentRedirect)`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`}`

fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`func githubOAuth(r http.Request) (oAuth, error) {`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`c := *core.App`
			`code := r.URL.Query().Get("code")`

			`config := &oauth2.Config{`
			`ClientID: c.OAuth.GithubClientID,`
			`ClientSecret: c.OAuth.GithubClientSecret,`
			`Endpoint: github.Endpoint,`
			`}`

			`gg, err := config.Exchange(r.Context(), code)`
			`if err != nil {`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`return nil, err`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`}`

fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`return &oAuth{`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`Token: gg.AccessToken,`
			`RefreshToken: gg.RefreshToken,`
			`Valid: gg.Valid(),`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`}, nil`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`}`

fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`func googleOAuth(r http.Request) (oAuth, error) {`
oauth 2020-04-20 03:02:34 +00:00			`c := core.App`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`code := r.URL.Query().Get("code")`

			`config := &oauth2.Config{`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`ClientID: c.OAuth.GoogleClientID,`
			`ClientSecret: c.OAuth.GoogleClientSecret,`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`Endpoint: google.Endpoint,`
			`}`

			`gg, err := config.Exchange(r.Context(), code)`
			`if err != nil {`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`return nil, err`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`}`

fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`return &oAuth{`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`Token: gg.AccessToken,`
			`RefreshToken: gg.RefreshToken,`
			`Valid: gg.Valid(),`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`}, nil`
oauth, incidents, fixes 2020-04-07 11:53:32 +00:00			`}`
oauth, UX 2020-04-07 14:56:49 +00:00
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`func slackOAuth(r http.Request) (oAuth, error) {`
			`c := core.App`
oauth, UX 2020-04-07 14:56:49 +00:00			`code := r.URL.Query().Get("code")`

			`config := &oauth2.Config{`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`ClientID: c.OAuth.SlackClientID,`
			`ClientSecret: c.OAuth.SlackClientSecret,`
oauth, UX 2020-04-07 14:56:49 +00:00			`Endpoint: slack.Endpoint,`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`RedirectURL: c.Domain + basePath + "oauth/slack",`
			`Scopes: []string{"identity.basic"},`
oauth, UX 2020-04-07 14:56:49 +00:00			`}`

			`gg, err := config.Exchange(r.Context(), code)`
			`if err != nil {`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`return nil, err`
oauth, UX 2020-04-07 14:56:49 +00:00			`}`

fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`oauther := &oAuth{`
oauth, UX 2020-04-07 14:56:49 +00:00			`Token: gg.AccessToken,`
			`RefreshToken: gg.RefreshToken,`
			`Valid: gg.Valid(),`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00			`Type: gg.Type(),`
oauth, UX 2020-04-07 14:56:49 +00:00			`}`
fixed authentication via cookies, oauth login, 2020-05-04 20:45:43 +00:00
			`return oauther.slackIdentity()`
			`}`

			`// slackIdentity will query the Slack API to fetch the users ID, username, and email address.`
			`func (a oAuth) slackIdentity() (oAuth, error) {`
			`url := fmt.Sprintf("https://slack.com/api/users.identity?token=%s", a.Token)`
			`out, resp, err := utils.HttpRequest(url, "GET", "application/x-www-form-urlencoded", nil, nil, 10*time.Second, true)`
			`if err != nil {`
			`return a, err`
			`}`
			`defer resp.Body.Close()`

			`var i *slackIdentity`
			`if err := json.Unmarshal(out, &i); err != nil {`
			`return a, err`
			`}`
			`a.Email = i.User.Email`
			`a.ID = i.User.ID`
			`a.Username = i.User.Name`
			`return a, nil`
			`}`

			`type slackIdentity struct {`
			Ok bool `json:"ok"`
			`User struct {`
			Name string `json:"name"`
			ID string `json:"id"`
			Email string `json:"email"`
			} `json:"user"`
			`Team struct {`
			ID string `json:"id"`
			} `json:"team"`
oauth, UX 2020-04-07 14:56:49 +00:00			`}`

			`func secureToken(w http.ResponseWriter, r *http.Request) {`
fixes 2020-04-08 03:30:41 +00:00
oauth, UX 2020-04-07 14:56:49 +00:00			`}`