go-project-template/config/oauth.go

package config

import (
	"context"
	"fmt"
	"net/url"
	"time"

	"github.com/coreos/go-oidc/v3/oidc"
	"golang.org/x/oauth2"
)

type OAuth2 struct {
	ClientID     string
	ClientSecret string
	ProviderURL  string
	Scopes       []string

	provider *oidc.Provider
}

func (o *OAuth2) Load(ctx context.Context) error {
	ctx, cancel := context.WithTimeout(ctx, time.Second*10)
	defer cancel()

	provider, err := oidc.NewProvider(ctx, o.ProviderURL)
	if err != nil {
		return err
	}

	hasOpenIDScope := false
	for _, scope := range o.Scopes {
		if scope == oidc.ScopeOpenID {
			hasOpenIDScope = true
			break
		}
	}
	if !hasOpenIDScope {
		o.Scopes = append(o.Scopes, oidc.ScopeOpenID)
	}

	o.provider = provider
	return nil
}

func (o OAuth2) GetConfig(postAuthPath string) *oauth2.Config {
	params := url.Values{}
	params.Add("dest", postAuthPath)
	return &oauth2.Config{
		ClientID:     o.ClientID,
		ClientSecret: o.ClientSecret,
		RedirectURL:  fmt.Sprintf("%s/auth/finish", C.Web.BaseURL),
		Endpoint:     o.provider.Endpoint(),
		Scopes:       append([]string{oidc.ScopeOpenID}, o.Scopes...),
	}
}

func (o OAuth2) UserInfo(ctx context.Context, tokenSource oauth2.TokenSource) (*oidc.UserInfo, error) {
	return o.provider.UserInfo(ctx, tokenSource)
}
add auth and some other improvements 2024-07-25 05:13:23 +00:00			`package config`

			`import (`
			`"context"`
			`"fmt"`
			`"net/url"`
			`"time"`

			`"github.com/coreos/go-oidc/v3/oidc"`
			`"golang.org/x/oauth2"`
			`)`

			`type OAuth2 struct {`
			`ClientID string`
			`ClientSecret string`
			`ProviderURL string`
			`Scopes []string`

			`provider *oidc.Provider`
			`}`

			`func (o *OAuth2) Load(ctx context.Context) error {`
			`ctx, cancel := context.WithTimeout(ctx, time.Second*10)`
			`defer cancel()`

			`provider, err := oidc.NewProvider(ctx, o.ProviderURL)`
			`if err != nil {`
			`return err`
			`}`

			`hasOpenIDScope := false`
			`for _, scope := range o.Scopes {`
			`if scope == oidc.ScopeOpenID {`
			`hasOpenIDScope = true`
			`break`
			`}`
			`}`
			`if !hasOpenIDScope {`
			`o.Scopes = append(o.Scopes, oidc.ScopeOpenID)`
			`}`

			`o.provider = provider`
			`return nil`
			`}`

			`func (o OAuth2) GetConfig(postAuthPath string) *oauth2.Config {`
			`params := url.Values{}`
			`params.Add("dest", postAuthPath)`
			`return &oauth2.Config{`
			`ClientID: o.ClientID,`
			`ClientSecret: o.ClientSecret,`
			`RedirectURL: fmt.Sprintf("%s/auth/finish", C.Web.BaseURL),`
			`Endpoint: o.provider.Endpoint(),`
			`Scopes: append([]string{oidc.ScopeOpenID}, o.Scopes...),`
			`}`
			`}`

			`func (o OAuth2) UserInfo(ctx context.Context, tokenSource oauth2.TokenSource) (*oidc.UserInfo, error) {`
			`return o.provider.UserInfo(ctx, tokenSource)`
			`}`