Oauth. Car Backups.
This commit is contained in:
112
data/repo_auth.go
Normal file
112
data/repo_auth.go
Normal file
@@ -0,0 +1,112 @@
|
||||
package data
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/bluesky-social/indigo/atproto/auth/oauth"
|
||||
"github.com/spf13/viper"
|
||||
)
|
||||
|
||||
type AuthRepo struct {
|
||||
r *Repo
|
||||
oauthClient *oauth.ClientApp
|
||||
oauthConfig *oauth.ClientConfig
|
||||
store *SqliteStore
|
||||
|
||||
session *oauth.ClientSessionData
|
||||
}
|
||||
|
||||
func NewAuthRepo(r *Repo) (*AuthRepo, error) {
|
||||
a := &AuthRepo{r: r}
|
||||
var err error
|
||||
a.oauthConfig, a.oauthClient, a.store, err = a.buildOAuthClient()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return a, nil
|
||||
}
|
||||
|
||||
// Build the OAuthClient connected to our sqlite db
|
||||
func (r *AuthRepo) buildOAuthClient() (*oauth.ClientConfig, *oauth.ClientApp, *SqliteStore, error) {
|
||||
config := oauth.ClientConfig{
|
||||
ClientID: "https://expds.bullercodeworks.com/oauth-client-metadata.json",
|
||||
Scopes: []string{"atproto", "repo:*"},
|
||||
UserAgent: "expds",
|
||||
}
|
||||
|
||||
store, err := NewSqliteStore(&SqliteStoreConfig{
|
||||
DatabasePath: r.prepareDbPath(),
|
||||
SessionExpiryDuration: time.Hour * 24 * 90,
|
||||
SessionInactivityDuration: time.Hour * 24 * 14,
|
||||
AuthRequestExpiryDuration: time.Minute * 30,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, nil, nil, err
|
||||
}
|
||||
|
||||
oauthClient := oauth.NewClientApp(&config, store)
|
||||
return &config, oauthClient, store, nil
|
||||
}
|
||||
|
||||
func (r *AuthRepo) StartAuthFlow(port int, ctx context.Context, identifier string, callbackRes chan url.Values) (string, error) {
|
||||
r.oauthConfig.CallbackURL = fmt.Sprintf("http://127.0.0.1:%d/callback", port)
|
||||
authUrl, err := r.oauthClient.StartAuthFlow(ctx, identifier)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("error logging in: %w", err)
|
||||
}
|
||||
if !strings.HasPrefix(authUrl, "https://") {
|
||||
return "", fmt.Errorf("non-https authUrl")
|
||||
}
|
||||
exec.Command("xdg-open", authUrl).Run()
|
||||
|
||||
r.session, err = r.oauthClient.ProcessCallback(ctx, <-callbackRes)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return authUrl, nil
|
||||
}
|
||||
|
||||
// Follows XDG conventions and creates the directories if necessary.
|
||||
// By default, on linux, this will be "~/.local/share/go-oauth-cli-app/oauth_sessions.sqlite3"
|
||||
func (r *AuthRepo) prepareDbPath() string {
|
||||
return filepath.Join(viper.GetString(KeyDataDir), "expds.sqlite3")
|
||||
}
|
||||
|
||||
// HTTP Server listening for OAuth Response
|
||||
func (r *AuthRepo) ListenForCallback(ctx context.Context, res chan url.Values) (int, error) {
|
||||
listener, err := net.Listen("tcp", ":0")
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
|
||||
mux := http.NewServeMux()
|
||||
server := &http.Server{
|
||||
Handler: mux,
|
||||
}
|
||||
|
||||
mux.HandleFunc("/callback", func(w http.ResponseWriter, r *http.Request) {
|
||||
res <- r.URL.Query()
|
||||
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
||||
w.WriteHeader(200)
|
||||
w.Write([]byte("<!DOCTYPE html><html><body><h2>expds</h2><p>You can safely close this window and return to your application.</p></body></html>\n"))
|
||||
go server.Shutdown(ctx)
|
||||
})
|
||||
|
||||
go func() {
|
||||
err := server.Serve(listener)
|
||||
if !errors.Is(err, http.ErrServerClosed) {
|
||||
panic(err)
|
||||
}
|
||||
}()
|
||||
|
||||
return listener.Addr().(*net.TCPAddr).Port, nil
|
||||
}
|
||||
Reference in New Issue
Block a user