thread-master/apps/backend/internal/logic/auth/o_auth_callback_logic.go

95 lines
2.4 KiB
Go

package auth
import (
"context"
"strings"
"apps/backend/internal/module/member/domain"
"apps/backend/internal/svc"
"apps/backend/internal/types"
"github.com/zeromicro/go-zero/core/logx"
)
type OAuthCallbackLogic struct {
logx.Logger
ctx context.Context
svcCtx *svc.ServiceContext
}
func NewOAuthCallbackLogic(ctx context.Context, svcCtx *svc.ServiceContext) *OAuthCallbackLogic {
return &OAuthCallbackLogic{Logger: logx.WithContext(ctx), ctx: ctx, svcCtx: svcCtx}
}
func (l *OAuthCallbackLogic) OAuthCallback(req *types.AuthOAuthCallbackReq) (resp *types.AuthSessionData, err error) {
provider := strings.ToLower(strings.TrimSpace(req.Provider))
if provider == "" {
provider = domain.PlatformGoogle
}
var subject, email, name string
switch provider {
case domain.PlatformGoogle:
token := req.AccessToken
if token == "" {
token = req.IdToken
}
if token == "" {
token = req.Code
}
// allow mock: code or token "mock:sub:email"
if token == "" {
return nil, domain.ErrOAuthFailed
}
if !strings.HasPrefix(token, "mock:") && req.Code != "" && strings.HasPrefix(req.Code, "mock:") {
token = req.Code
}
subject, email, name, err = l.svcCtx.Auth.VerifyGoogleIDToken(l.ctx, token)
if err != nil {
// dev fallback when Google not configured: treat code as mock subject
if req.Code != "" {
subject = provider + "_" + req.Code
email = subject + "@oauth.local"
name = provider + " user"
err = nil
} else {
return nil, err
}
}
case domain.PlatformLine:
code := req.Code
if code == "" {
code = req.AccessToken
}
subject, name, email, err = l.svcCtx.Auth.LineCodeToProfile(l.ctx, code, req.RedirectUri)
if err != nil {
if code != "" {
subject = provider + "_" + code
name = provider + " user"
err = nil
} else {
return nil, err
}
}
default:
// generic mock oauth
code := req.Code
if code == "" {
code = "anon"
}
subject = provider + "_" + code
email = subject + "@oauth.local"
name = provider + " user"
}
m, pair, err := l.svcCtx.Auth.LoginOAuth(l.ctx, provider, subject, email, name)
if err != nil {
return nil, err
}
ids, _ := l.svcCtx.Auth.ListIdentities(l.ctx, m.UID)
return &types.AuthSessionData{
Tokens: types.TokenPairFromAuth(pair.AccessToken, pair.RefreshToken, pair.TokenType, pair.ExpiresIn),
Member: *types.MemberFromModelWithIdentities(m, ids),
}, nil
}