🐛 Bug fixes of missing id token (via goth)
All checks were successful
release-nightly / build-docker (push) Successful in 3m44s
All checks were successful
release-nightly / build-docker (push) Successful in 3m44s
This commit is contained in:
parent
55c3eec1c8
commit
359d3604d2
@ -18,9 +18,9 @@ func CalcRisk(user models.Account, ip, ua string) int {
|
|||||||
IpAddress: ip,
|
IpAddress: ip,
|
||||||
}).Model(models.AuthChallenge{}).Count(&secureFactor).Error; err == nil {
|
}).Model(models.AuthChallenge{}).Count(&secureFactor).Error; err == nil {
|
||||||
if secureFactor >= 3 {
|
if secureFactor >= 3 {
|
||||||
risk -= 2
|
risk -= 3
|
||||||
} else if secureFactor >= 1 {
|
} else if secureFactor >= 1 {
|
||||||
risk -= 1
|
risk -= 2
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -102,41 +102,36 @@ func exchangeToken(c *fiber.Ctx) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var err error
|
||||||
|
var access, refresh string
|
||||||
switch data.GrantType {
|
switch data.GrantType {
|
||||||
case "authorization_code":
|
case "authorization_code":
|
||||||
// Authorization Code Mode
|
// Authorization Code Mode
|
||||||
access, refresh, err := security.ExchangeOauthToken(data.ClientID, data.ClientSecret, data.RedirectUri, data.Code)
|
access, refresh, err = security.ExchangeOauthToken(data.ClientID, data.ClientSecret, data.RedirectUri, data.Code)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.JSON(fiber.Map{
|
|
||||||
"access_token": access,
|
|
||||||
"refresh_token": refresh,
|
|
||||||
})
|
|
||||||
case "grant_token":
|
case "grant_token":
|
||||||
// Internal Usage
|
// Internal Usage
|
||||||
access, refresh, err := security.ExchangeToken(data.Code)
|
access, refresh, err = security.ExchangeToken(data.Code)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.JSON(fiber.Map{
|
|
||||||
"access_token": access,
|
|
||||||
"refresh_token": refresh,
|
|
||||||
})
|
|
||||||
case "refresh_token":
|
case "refresh_token":
|
||||||
// Refresh Token
|
// Refresh Token
|
||||||
access, refresh, err := security.RefreshToken(data.RefreshToken)
|
access, refresh, err = security.RefreshToken(data.RefreshToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.JSON(fiber.Map{
|
|
||||||
"access_token": access,
|
|
||||||
"refresh_token": refresh,
|
|
||||||
})
|
|
||||||
default:
|
default:
|
||||||
return fiber.NewError(fiber.StatusBadRequest, "unsupported exchange token type")
|
return fiber.NewError(fiber.StatusBadRequest, "unsupported exchange token type")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return c.JSON(fiber.Map{
|
||||||
|
"id_token": access,
|
||||||
|
"access_token": access,
|
||||||
|
"refresh_token": refresh,
|
||||||
|
"token_type": "Bearer",
|
||||||
|
"expires_in": (30 * time.Minute).Seconds(),
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
@ -19,7 +19,7 @@ func preConnect(c *fiber.Ctx) error {
|
|||||||
if err := database.C.Where(&models.ThirdClient{Alias: id}).First(&client).Error; err != nil {
|
if err := database.C.Where(&models.ThirdClient{Alias: id}).First(&client).Error; err != nil {
|
||||||
return fiber.NewError(fiber.StatusNotFound, err.Error())
|
return fiber.NewError(fiber.StatusNotFound, err.Error())
|
||||||
} else if !client.IsDraft && !lo.Contains(client.Callbacks, strings.Split(redirect, "?")[0]) {
|
} else if !client.IsDraft && !lo.Contains(client.Callbacks, strings.Split(redirect, "?")[0]) {
|
||||||
return fiber.NewError(fiber.StatusBadRequest, "invalid request url")
|
return fiber.NewError(fiber.StatusBadRequest, "invalid callback url")
|
||||||
}
|
}
|
||||||
|
|
||||||
user := c.Locals("principal").(models.Account)
|
user := c.Locals("principal").(models.Account)
|
||||||
|
Loading…
Reference in New Issue
Block a user