diff --git a/.dockerignore b/.dockerignore index 21bc7ad..adc05b2 100644 --- a/.dockerignore +++ b/.dockerignore @@ -3,4 +3,6 @@ server/server .git .gitignore README.md -ROADMAP.md \ No newline at end of file +ROADMAP.md +build +.env \ No newline at end of file diff --git a/.env b/.env deleted file mode 100644 index 1d87537..0000000 --- a/.env +++ /dev/null @@ -1,20 +0,0 @@ -DATABASE_URL=postgres://localhost:5432/lakhansamani -DATABASE_TYPE=postgres -COOKIE_NAME=authorizer -ENV=development -FORGOT_PASSWORD_URI=reset-password -FRONTEND_URL=http://localhost:1234 -GITHUB_CLIENT_ID=Iv1.be6b1b73c67b5493 -GITHUB_CLIENT_SECRET=458c5bdd6614eb1ec917a6a049dfbe625129431c -GOOGLE_CLIENT_ID=678083311263-1n0k7fmbaq4k24pd1jslboj24bjmjub7.apps.googleusercontent.com -GOOGLE_CLIENT_SECRET=oxmxasg70lHWp71xqzEte5wv -JWT_SECRET=randome123 -JWT_TYPE=HS256 -SENDER_EMAIL=abhay.m.samani@gmail.com -SENDER_PASSWORD="bhySmn@q1w2e3#" -AUTHORIZER_URL=http://localhost:8080 -SMTP_HOST=smtp.gmail.com -SMTP_PORT=587 -ADMIN_SECRET=admin -ENV=production -DISABLE_EMAIL_VERICATION=true \ No newline at end of file diff --git a/.gitignore b/.gitignore index 5343744..9b46157 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,6 @@ server/server server/.env data -app/node_modules \ No newline at end of file +app/node_modules +build +.env \ No newline at end of file diff --git a/build/server b/build/server deleted file mode 100755 index a7ecb84..0000000 Binary files a/build/server and /dev/null differ diff --git a/server/handlers/app.go b/server/handlers/app.go index b8e94c3..cc6d6f4 100644 --- a/server/handlers/app.go +++ b/server/handlers/app.go @@ -17,38 +17,58 @@ type State struct { func AppHandler() gin.HandlerFunc { return func(c *gin.Context) { - host := c.Request.Host + host := "http://" + c.Request.Host state := c.Query("state") - if state == "" { - c.JSON(400, gin.H{"error": "invalid state"}) - return - } - - decodedState, err := base64.StdEncoding.DecodeString(state) - if err != nil { - c.JSON(400, gin.H{"error": "[unable to decode state] invalid state"}) - return - } var stateObj State - err = json.Unmarshal(decodedState, &stateObj) - if err != nil { - c.JSON(400, gin.H{"error": "[unable to parse state] invalid state"}) - return + + if state == "" { + cookie, err := utils.GetAuthToken(c) + log.Println(`cookie`, cookie) + if err != nil { + c.JSON(400, gin.H{"error": "invalid state"}) + return + } + + stateObj.AuthorizerURL = host + stateObj.RedirectURL = host + "/app" + + } else { + decodedState, err := base64.StdEncoding.DecodeString(state) + if err != nil { + c.JSON(400, gin.H{"error": "[unable to decode state] invalid state"}) + return + } + + err = json.Unmarshal(decodedState, &stateObj) + if err != nil { + c.JSON(400, gin.H{"error": "[unable to parse state] invalid state"}) + return + } + + // validate redirect url with allowed origins + if !utils.IsValidRedirectURL(stateObj.RedirectURL) { + c.JSON(400, gin.H{"error": "invalid redirect url"}) + return + } + + if stateObj.AuthorizerURL == "" { + c.JSON(400, gin.H{"error": "invalid authorizer url"}) + return + } + + // validate host and domain of authorizer url + if utils.GetDomainName(stateObj.AuthorizerURL) != utils.GetDomainName(host) { + c.JSON(400, gin.H{"error": "invalid host url"}) + return + } } - // validate redirect url with allowed origins - if !utils.IsValidRedirectURL(stateObj.RedirectURL) { - c.JSON(400, gin.H{"error": "invalid redirect url"}) - return - } - - log.Println(stateObj) - log.Println(host, utils.GetDomainName(stateObj.AuthorizerURL), utils.GetDomainName(host)) - // validate host and domain of authorizer url - if utils.GetDomainName(stateObj.AuthorizerURL) != utils.GetDomainName(host) { - c.JSON(400, gin.H{"error": "invalid host url"}) - return - } + log.Println(gin.H{ + "data": map[string]string{ + "authorizerURL": "http://" + stateObj.AuthorizerURL, + "redirectURL": stateObj.RedirectURL, + }, + }) // debug the request state if pusher := c.Writer.Pusher(); pusher != nil { diff --git a/server/utils/cookie.go b/server/utils/cookie.go index 6fe9b9c..31a178b 100644 --- a/server/utils/cookie.go +++ b/server/utils/cookie.go @@ -13,7 +13,7 @@ func SetCookie(gc *gin.Context, token string) { httpOnly := true host := GetHostName(gc.Request.Host) - log.Println("=> host", host) + log.Println("=> cookie host", host) gc.SetSameSite(http.SameSiteNoneMode) gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", host, secure, httpOnly) } diff --git a/server/utils/urls.go b/server/utils/urls.go index e89894d..5ce38c5 100644 --- a/server/utils/urls.go +++ b/server/utils/urls.go @@ -1,14 +1,13 @@ package utils import ( - "log" "net/url" "strings" ) // function to get hostname func GetHostName(auth_url string) string { - u, err := url.Parse("//" + auth_url) + u, err := url.Parse(auth_url) if err != nil { return `localhost` } @@ -20,13 +19,12 @@ func GetHostName(auth_url string) string { // function to get domain name func GetDomainName(auth_url string) string { - u, err := url.Parse("//" + auth_url) + u, err := url.Parse(auth_url) if err != nil { return `localhost` } host := u.Hostname() - log.Println("=> host", host) // code to get root domain in case of sub-domains hostParts := strings.Split(host, ".")