go/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: go:v0.0.4
Branches Tags
go:main
go:v0.0.6 go:v0.0.5 go:v0.0.4 go:v0.0.3 go:v0.0.2 go:v0.0.1
..
compare: go:v0.0.6
Branches Tags
go:main
go:v0.0.6 go:v0.0.5 go:v0.0.4 go:v0.0.3 go:v0.0.2 go:v0.0.1

3 Commits
v0.0.4 ... v0.0.6

Author SHA1 Message Date
Derek Wright
b457c74d49 fix auth stuff 2025-12-18 14:12:00 -05:00
Derek Wright
9278ddf029 fix auth stuff 2025-12-18 14:06:07 -05:00
Derek Wright
ec095a3955 fix auth stuff 2025-12-18 14:04:26 -05:00
4 changed files with 61 additions and 5 deletions
Expand all files Collapse all files

5
auth/auth0/auth0.go
View File

@@ -2,6 +2,7 @@ package auth0
import ( import (
"context" "context"
"encoding/gob"
"fmt" "fmt"
"net/http" "net/http"
"net/url" "net/url"
@@ -11,6 +12,10 @@ import (
"git.citc.tech/go/web/auth/auth0/authenticator" "git.citc.tech/go/web/auth/auth0/authenticator"
) )
func init() {
gob.Register(SessionUser{})
}
type Logger interface { type Logger interface {
Debug(msg string, args ...any) Debug(msg string, args ...any)
Info(msg string, args ...any) Info(msg string, args ...any)

32
auth/auth0/handlers.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"crypto/rand" "crypto/rand"
"encoding/base64" "encoding/base64"
"encoding/json"
"net/http" "net/http"
"net/url" "net/url"
@@ -92,14 +93,39 @@ func HandleCallback(deps *deps) http.HandlerFunc {
return return
} }
var profile map[string]any var rawClaims map[string]json.RawMessage
if err = idToken.Claims(&profile); err != nil { if err = idToken.Claims(&rawClaims); err != nil {
deps.log.Error("unable to decode ID token claims", "error", err) deps.log.Error("unable to decode ID token claims", "error", err)
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
return return
} }
deps.sessions.Put(r.Context(), "user", profile) var user SessionUser
if sub, ok := rawClaims["sub"]; ok {
json.Unmarshal(sub, &user)
}
if name, ok := rawClaims["name"]; ok {
json.Unmarshal(name, &user.Name)
}
if email, ok := rawClaims["email"]; ok {
json.Unmarshal(email, &user.Email)
}
if picture, ok := rawClaims["picture"]; ok {
json.Unmarshal(picture, &user.Picture)
}
customMap := make(map[string]json.RawMessage)
for k, v := range rawClaims {
if k != "sub" && k != "name" && k != "email" && k != "picture" {
customMap[k] = v
}
}
if len(customMap) > 0 {
user.Custom, _ = json.Marshal(customMap)
}
deps.sessions.Put(r.Context(), "user", user)
deps.sessions.Put(r.Context(), "access_token", token.AccessToken) deps.sessions.Put(r.Context(), "access_token", token.AccessToken)
http.Redirect(w, r, "/", http.StatusFound) http.Redirect(w, r, "/", http.StatusFound)

4
auth/auth0/middleware.go
View File

@@ -33,6 +33,6 @@ func authenticatedMiddleware(deps *deps, next http.Handler) http.Handler {
}) })
} }
func CurrentUser(r *http.Request) any { func CurrentUser(r *http.Request) SessionUser {
return r.Context().Value(userContextKey{}) return r.Context().Value(userContextKey{}).(SessionUser)
} }

25
auth/auth0/session.go Normal file
View File

@@ -0,0 +1,25 @@
package auth0
import "encoding/json"
type SessionUser struct {
Sub string `json:"sub"`
Name string `json:"name"`
Email string `json:"email"`
Picture string `json:"picture"`
Custom json.RawMessage `json:"-"`
}
func (u *SessionUser) CustomClaims() (map[string]any, error) {
if len(u.Custom) == 0 {
return nil, nil
}
var claims map[string]any
if err := json.Unmarshal(u.Custom, &claims); err != nil {
return nil, err
}
return claims, nil
}