From 7cfd2366313f1d3c7df995fd4d8109f8788e7968 Mon Sep 17 00:00:00 2001 From: Darshan Kumar Date: Wed, 28 Dec 2022 04:12:19 +0530 Subject: [PATCH] complete OIDC Login flow --- api/oidc.go | 40 ++++++++++++++++++++++++++++---- pkg/wrapper/kratos/oidc/oidc.go | 18 +++++++++++++- pkg/wrapper/kratos/oidc/types.go | 6 ----- 3 files changed, 53 insertions(+), 11 deletions(-) delete mode 100644 pkg/wrapper/kratos/oidc/types.go diff --git a/api/oidc.go b/api/oidc.go index 41cf29e..85c82df 100644 --- a/api/oidc.go +++ b/api/oidc.go @@ -6,12 +6,19 @@ import ( "github.com/gin-gonic/gin" "github.com/sdslabs/nymeria/log" "github.com/sdslabs/nymeria/pkg/wrapper/kratos/login" - "github.com/sdslabs/nymeria/pkg/wrapper/kratos/registration" "github.com/sdslabs/nymeria/pkg/wrapper/kratos/oidc" + "github.com/sdslabs/nymeria/pkg/wrapper/kratos/registration" ) func HandleOIDCLogin(c *gin.Context) { log.Logger.Debug("Get OIDC Login") + provider := c.Param("provider") + if provider == "" { + c.JSON(http.StatusBadRequest, gin.H{ + "error": "provider not found", + }) + return + } cookie, flowID, csrf_token, err := login.InitializeLoginFlowWrapper() if err != nil { @@ -21,7 +28,32 @@ func HandleOIDCLogin(c *gin.Context) { }) return } - c.SetCookie("googlelogin_flow", cookie, 3600, "/", "localhost", false, true) + c.SetCookie("OIDC_login_flow", cookie, 3600, "/", "localhost", false, true) + //In case we need to separate the flows so setting and getting cookies simultaneously + afterCookie, err := c.Cookie("OIDC_login_flow") + + if err != nil { + log.ErrorLogger("Cookie not found", err) + c.JSON(http.StatusBadRequest, gin.H{ + "error": "csrf cookie not found", + }) + return + } + + session, err := oidc.SubmitOIDCLoginFlowWrapper(provider, afterCookie, flowID, csrf_token) + + if err != nil { + log.ErrorLogger("Kratos post OIDC login flow failed", err) + c.JSON(http.StatusInternalServerError, gin.H{ + "error": "internal server error", + }) + return + } + + c.SetCookie("sdslabs_session", session, 3600, "/", "localhost", false, true) + c.JSON(http.StatusOK, gin.H{ + "status": "user logged in via OIDC", + }) } @@ -58,7 +90,7 @@ func HandleOIDCRegister(c *gin.Context) { session, err := oidc.SubmitOIDCRegistrationFlowWrapper(provider, afterCookie, flowID, csrf_token) if err != nil { - log.ErrorLogger("Kratos post registration flow failed", err) + log.ErrorLogger("Kratos OIDC post registration flow failed", err) c.JSON(http.StatusInternalServerError, gin.H{ "error": "internal server error", }) @@ -66,7 +98,7 @@ func HandleOIDCRegister(c *gin.Context) { } c.SetCookie("sdslabs_session", session, 3600, "/", "localhost", false, true) c.JSON(http.StatusOK, gin.H{ - "status": "created", + "status": "created via OIDC", }) } \ No newline at end of file diff --git a/pkg/wrapper/kratos/oidc/oidc.go b/pkg/wrapper/kratos/oidc/oidc.go index eb606f7..bf79d92 100644 --- a/pkg/wrapper/kratos/oidc/oidc.go +++ b/pkg/wrapper/kratos/oidc/oidc.go @@ -5,7 +5,7 @@ import ( "fmt" "os" - client "github.com/ory/kratos-client-go" + client "github.com/ory/client-go" "github.com/sdslabs/nymeria/config" ) @@ -26,3 +26,19 @@ func SubmitOIDCRegistrationFlowWrapper(provider string, cookie string, flowID st responseCookies := r.Header["Set-Cookie"] return responseCookies[1], nil } + +func SubmitOIDCLoginFlowWrapper(provider string, cookie string, flowID string, csrfToken string) (string, error) { + submitOIDCLoginFlowBody := client.SubmitSelfServiceLoginFlowBody{SubmitSelfServiceLoginFlowWithOidcMethodBody: client.NewSubmitSelfServiceLoginFlowWithOidcMethodBody("oidc", provider)} // SubmitSelfServiceLoginFlowBody | + + submitOIDCLoginFlowBody.SubmitSelfServiceLoginFlowWithOidcMethodBody.SetCsrfToken(csrfToken) + + apiClient := client.NewAPIClient(config.KratosClientConfig) + _, r, err := apiClient.V0alpha2Api.SubmitSelfServiceLoginFlow(context.Background()).Flow(flowID).SubmitSelfServiceLoginFlowBody(submitOIDCLoginFlowBody).XSessionToken("").Cookie(cookie).Execute() + if err != nil { + return "", err + } + + responseCookies := r.Header["Set-Cookie"] + + return responseCookies[1], nil +} diff --git a/pkg/wrapper/kratos/oidc/types.go b/pkg/wrapper/kratos/oidc/types.go deleted file mode 100644 index ed15a2f..0000000 --- a/pkg/wrapper/kratos/oidc/types.go +++ /dev/null @@ -1,6 +0,0 @@ -package oidc - -type SubmitOIDCLoginAPIBody struct { - FlowID string `json:"flowID"` - CsrfToken string `json:"csrf_token"` -}