🐛 Bug fixes of missing id token (via goth)
All checks were successful
release-nightly / build-docker (push) Successful in 3m44s
All checks were successful
release-nightly / build-docker (push) Successful in 3m44s
This commit is contained in:
parent
55c3eec1c8
commit
359d3604d2
@ -18,9 +18,9 @@ func CalcRisk(user models.Account, ip, ua string) int {
|
||||
IpAddress: ip,
|
||||
}).Model(models.AuthChallenge{}).Count(&secureFactor).Error; err == nil {
|
||||
if secureFactor >= 3 {
|
||||
risk -= 2
|
||||
risk -= 3
|
||||
} else if secureFactor >= 1 {
|
||||
risk -= 1
|
||||
risk -= 2
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -102,41 +102,36 @@ func exchangeToken(c *fiber.Ctx) error {
|
||||
return err
|
||||
}
|
||||
|
||||
var err error
|
||||
var access, refresh string
|
||||
switch data.GrantType {
|
||||
case "authorization_code":
|
||||
// Authorization Code Mode
|
||||
access, refresh, err := security.ExchangeOauthToken(data.ClientID, data.ClientSecret, data.RedirectUri, data.Code)
|
||||
access, refresh, err = security.ExchangeOauthToken(data.ClientID, data.ClientSecret, data.RedirectUri, data.Code)
|
||||
if err != nil {
|
||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||
}
|
||||
|
||||
return c.JSON(fiber.Map{
|
||||
"access_token": access,
|
||||
"refresh_token": refresh,
|
||||
})
|
||||
case "grant_token":
|
||||
// Internal Usage
|
||||
access, refresh, err := security.ExchangeToken(data.Code)
|
||||
access, refresh, err = security.ExchangeToken(data.Code)
|
||||
if err != nil {
|
||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||
}
|
||||
|
||||
return c.JSON(fiber.Map{
|
||||
"access_token": access,
|
||||
"refresh_token": refresh,
|
||||
})
|
||||
case "refresh_token":
|
||||
// Refresh Token
|
||||
access, refresh, err := security.RefreshToken(data.RefreshToken)
|
||||
access, refresh, err = security.RefreshToken(data.RefreshToken)
|
||||
if err != nil {
|
||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||
}
|
||||
|
||||
return c.JSON(fiber.Map{
|
||||
"access_token": access,
|
||||
"refresh_token": refresh,
|
||||
})
|
||||
default:
|
||||
return fiber.NewError(fiber.StatusBadRequest, "unsupported exchange token type")
|
||||
}
|
||||
|
||||
return c.JSON(fiber.Map{
|
||||
"id_token": access,
|
||||
"access_token": access,
|
||||
"refresh_token": refresh,
|
||||
"token_type": "Bearer",
|
||||
"expires_in": (30 * time.Minute).Seconds(),
|
||||
})
|
||||
}
|
||||
|
||||
@ -19,7 +19,7 @@ func preConnect(c *fiber.Ctx) error {
|
||||
if err := database.C.Where(&models.ThirdClient{Alias: id}).First(&client).Error; err != nil {
|
||||
return fiber.NewError(fiber.StatusNotFound, err.Error())
|
||||
} else if !client.IsDraft && !lo.Contains(client.Callbacks, strings.Split(redirect, "?")[0]) {
|
||||
return fiber.NewError(fiber.StatusBadRequest, "invalid request url")
|
||||
return fiber.NewError(fiber.StatusBadRequest, "invalid callback url")
|
||||
}
|
||||
|
||||
user := c.Locals("principal").(models.Account)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user