95 lines
2.4 KiB
Go
95 lines
2.4 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"strings"
|
|
|
|
"apps/backend/internal/module/member/domain"
|
|
"apps/backend/internal/svc"
|
|
"apps/backend/internal/types"
|
|
|
|
"github.com/zeromicro/go-zero/core/logx"
|
|
)
|
|
|
|
type OAuthCallbackLogic struct {
|
|
logx.Logger
|
|
ctx context.Context
|
|
svcCtx *svc.ServiceContext
|
|
}
|
|
|
|
func NewOAuthCallbackLogic(ctx context.Context, svcCtx *svc.ServiceContext) *OAuthCallbackLogic {
|
|
return &OAuthCallbackLogic{Logger: logx.WithContext(ctx), ctx: ctx, svcCtx: svcCtx}
|
|
}
|
|
|
|
func (l *OAuthCallbackLogic) OAuthCallback(req *types.AuthOAuthCallbackReq) (resp *types.AuthSessionData, err error) {
|
|
provider := strings.ToLower(strings.TrimSpace(req.Provider))
|
|
if provider == "" {
|
|
provider = domain.PlatformGoogle
|
|
}
|
|
|
|
var subject, email, name string
|
|
switch provider {
|
|
case domain.PlatformGoogle:
|
|
token := req.AccessToken
|
|
if token == "" {
|
|
token = req.IdToken
|
|
}
|
|
if token == "" {
|
|
token = req.Code
|
|
}
|
|
// allow mock: code or token "mock:sub:email"
|
|
if token == "" {
|
|
return nil, domain.ErrOAuthFailed
|
|
}
|
|
if !strings.HasPrefix(token, "mock:") && req.Code != "" && strings.HasPrefix(req.Code, "mock:") {
|
|
token = req.Code
|
|
}
|
|
subject, email, name, err = l.svcCtx.Auth.VerifyGoogleIDToken(l.ctx, token)
|
|
if err != nil {
|
|
// dev fallback when Google not configured: treat code as mock subject
|
|
if req.Code != "" {
|
|
subject = provider + "_" + req.Code
|
|
email = subject + "@oauth.local"
|
|
name = provider + " user"
|
|
err = nil
|
|
} else {
|
|
return nil, err
|
|
}
|
|
}
|
|
case domain.PlatformLine:
|
|
code := req.Code
|
|
if code == "" {
|
|
code = req.AccessToken
|
|
}
|
|
subject, name, email, err = l.svcCtx.Auth.LineCodeToProfile(l.ctx, code, req.RedirectUri)
|
|
if err != nil {
|
|
if code != "" {
|
|
subject = provider + "_" + code
|
|
name = provider + " user"
|
|
err = nil
|
|
} else {
|
|
return nil, err
|
|
}
|
|
}
|
|
default:
|
|
// generic mock oauth
|
|
code := req.Code
|
|
if code == "" {
|
|
code = "anon"
|
|
}
|
|
subject = provider + "_" + code
|
|
email = subject + "@oauth.local"
|
|
name = provider + " user"
|
|
}
|
|
|
|
m, pair, err := l.svcCtx.Auth.LoginOAuth(l.ctx, provider, subject, email, name)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
ids, _ := l.svcCtx.Auth.ListIdentities(l.ctx, m.UID)
|
|
return &types.AuthSessionData{
|
|
Tokens: types.TokenPairFromAuth(pair.AccessToken, pair.RefreshToken, pair.TokenType, pair.ExpiresIn),
|
|
Member: *types.MemberFromModelWithIdentities(m, ids),
|
|
}, nil
|
|
}
|