Refactored login page and process

2025-12-20 11:37:01 -07:00 · 2024-04-23 13:17:41 -06:00 · 2024-04-23 13:17:41 -06:00 · 6d2f488a6b
commit 6d2f488a6b
parent 61a35c165d
8 changed files with 179 additions and 160 deletions
--- a/internal/oauth/authenticate.go
+++ b/internal/oauth/authenticate.go
@ -16,12 +16,15 @@ func (client *Client) IsFlowInitiated() bool {
 	return client.FlowId != ""
 }

-func (client *Client) BuildAuthorizationUrl(issuer string, state string) string {
-	return issuer + "?" + "client_id=" + client.Id +
+func (client *Client) BuildAuthorizationUrl(state string) string {
+	url := client.Provider.Endpoints.Authorization + "?client_id=" + client.Id +
 		"&redirect_uri=" + url.QueryEscape(strings.Join(client.RedirectUris, ",")) +
 		"&response_type=code" + // this has to be set to "code"
-		"&state=" + state +
 		"&scope=" + strings.Join(client.Scope, "+")
+	if state != "" {
+		url += "&state=" + state
+	}
+	return url
 }

 func (client *Client) InitiateLoginFlow(loginUrl string) error {
@ -90,7 +93,7 @@ func (client *Client) FetchCSRFToken(flowUrl string) error {
 	return fmt.Errorf("failed to extract CSRF token: not found")
 }

-func (client *Client) FetchTokenFromAuthenticationServer(code string, remoteUrl string, state string) ([]byte, error) {
+func (client *Client) FetchTokenFromAuthenticationServer(code string, state string) ([]byte, error) {
 	body := url.Values{
 		"grant_type":    {"authorization_code"},
 		"client_id":     {client.Id},
@ -104,7 +107,7 @@ func (client *Client) FetchTokenFromAuthenticationServer(code string, remoteUrl
 	if state != "" {
 		body["state"] = []string{state}
 	}
-	res, err := http.PostForm(remoteUrl, body)
+	res, err := http.PostForm(client.Provider.Endpoints.Token, body)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get ID token: %s", err)
 	}
--- a/internal/oauth/client.go
+++ b/internal/oauth/client.go
@ -1,6 +1,7 @@
 package oauth

 import (
+	"davidallendj/opaal/internal/oidc"
 	"encoding/json"
 	"fmt"
 	"net/http"
@ -24,15 +25,15 @@ const (

 type Client struct {
 	http.Client
-	Id                      string   `db:"id" yaml:"id"`
-	Secret                  string   `db:"secret" yaml:"secret"`
-	Name                    string   `db:"name" yaml:"name"`
-	Description             string   `db:"description" yaml:"description"`
-	Issuer                  string   `db:"issuer" yaml:"issuer"`
-	RegistrationAccessToken string   `db:"registration_access_token" yaml:"registration-access-token"`
-	RedirectUris            []string `db:"redirect_uris" yaml:"redirect-uris"`
-	Scope                   []string `db:"scope" yaml:"scope"`
-	Audience                []string `db:"audience" yaml:"audience"`
+	Id                      string                `db:"id" yaml:"id"`
+	Secret                  string                `db:"secret" yaml:"secret"`
+	Name                    string                `db:"name" yaml:"name"`
+	Description             string                `db:"description" yaml:"description"`
+	Provider                oidc.IdentityProvider `db:"issuer" yaml:"provider"`
+	RegistrationAccessToken string                `db:"registration_access_token" yaml:"registration-access-token"`
+	RedirectUris            []string              `db:"redirect_uris" yaml:"redirect-uris"`
+	Scope                   []string              `db:"scope" yaml:"scope"`
+	Audience                []string              `db:"audience" yaml:"audience"`
 	FlowId                  string
 	CsrfToken               string
 }