feat: add nonce variable to create auth token

2022-10-23 21:08:08 +05:30
parent 549385e5df
commit 274909b7c9
11 changed files with 46 additions and 55 deletions
--- a/server/resolvers/login.go
+++ b/server/resolvers/login.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 	"time"

+	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"
 	"golang.org/x/crypto/bcrypt"

@@ -140,7 +141,8 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 		}, nil
 	}

-	authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth)
+	nonce := uuid.New().String()
+	authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth, nonce)
 	if err != nil {
 		log.Debug("Failed to create auth token", err)
 		return res, err
--- a/server/resolvers/session.go
+++ b/server/resolvers/session.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"time"

+	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"

 	"github.com/authorizerdev/authorizer/server/constants"
@@ -70,7 +71,8 @@ func SessionResolver(ctx context.Context, params *model.SessionQueryInput) (*mod
 		scope = params.Scope
 	}

-	authToken, err := token.CreateAuthToken(gc, user, claimRoles, scope, claims.LoginMethod)
+	nonce := uuid.New().String()
+	authToken, err := token.CreateAuthToken(gc, user, claimRoles, scope, claims.LoginMethod, nonce)
 	if err != nil {
 		log.Debug("Failed to create auth token: ", err)
 		return res, err
--- a/server/resolvers/signup.go
+++ b/server/resolvers/signup.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 	"time"

+	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"

 	"github.com/authorizerdev/authorizer/server/constants"
@@ -242,7 +243,8 @@ func SignupResolver(ctx context.Context, params model.SignUpInput) (*model.AuthR
 			scope = params.Scope
 		}

-		authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth)
+		nonce := uuid.New().String()
+		authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth, nonce)
 		if err != nil {
 			log.Debug("Failed to create auth token: ", err)
 			return res, err
--- a/server/resolvers/verify_email.go
+++ b/server/resolvers/verify_email.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 	"time"

+	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"

 	"github.com/authorizerdev/authorizer/server/constants"
@@ -84,7 +85,8 @@ func VerifyEmailResolver(ctx context.Context, params model.VerifyEmailInput) (*m

 	roles := strings.Split(user.Roles, ",")
 	scope := []string{"openid", "email", "profile"}
-	authToken, err := token.CreateAuthToken(gc, user, roles, scope, loginMethod)
+	nonce := uuid.New().String()
+	authToken, err := token.CreateAuthToken(gc, user, roles, scope, loginMethod, nonce)
 	if err != nil {
 		log.Debug("Failed to create auth token: ", err)
 		return res, err
--- a/server/resolvers/verify_otp.go
+++ b/server/resolvers/verify_otp.go
@@ -14,6 +14,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/memorystore"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"
 )

@@ -57,7 +58,8 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod

 	roles := strings.Split(user.Roles, ",")
 	scope := []string{"openid", "email", "profile"}
-	authToken, err := token.CreateAuthToken(gc, user, roles, scope, loginMethod)
+	nonce := uuid.New().String()
+	authToken, err := token.CreateAuthToken(gc, user, roles, scope, loginMethod, nonce)
 	if err != nil {
 		log.Debug("Failed to create auth token: ", err)
 		return res, err