fix: magic link login

fix: add redirect url to logout
fix: refresh token store info
2022-03-08 22:41:33 +05:30 · 2022-03-08 21:32:42 +05:30 · 2022-03-08 21:13:23 +05:30
10 changed files with 32 additions and 20 deletions
--- a/app/package-lock.json
+++ b/app/package-lock.json
@@ -9,7 +9,7 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
-				"@authorizerdev/authorizer-react": "0.9.0-beta.2",
+				"@authorizerdev/authorizer-react": "0.9.0-beta.3",
 				"@types/react": "^17.0.15",
 				"@types/react-dom": "^17.0.9",
 				"esbuild": "^0.12.17",
@@ -35,9 +35,9 @@
 			}
 		},
 		"node_modules/@authorizerdev/authorizer-react": {
-			"version": "0.9.0-beta.2",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.9.0-beta.2.tgz",
-			"integrity": "sha512-clngw7MdFzvnns9rgrg9fHRH4p3K+HGGMju6qhdjDF+4vPruSu6HwBi1hRvVxLi1q7CZ25CEE7CfA7Vfq7H3Bw==",
+			"version": "0.9.0-beta.3",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.9.0-beta.3.tgz",
+			"integrity": "sha512-P93PW6W3Qm9BW3160gn0Ce+64UCFAOpoEOHf5537LgFPE8LpNAIU3EI6EtMNkOJS58pu1h2UkfyRyX/j0Pohjw==",
 			"dependencies": {
 				"@authorizerdev/authorizer-js": "^0.4.0-beta.0",
 				"final-form": "^4.20.2",
@@ -837,9 +837,9 @@
 			}
 		},
 		"@authorizerdev/authorizer-react": {
-			"version": "0.9.0-beta.2",
-			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.9.0-beta.2.tgz",
-			"integrity": "sha512-clngw7MdFzvnns9rgrg9fHRH4p3K+HGGMju6qhdjDF+4vPruSu6HwBi1hRvVxLi1q7CZ25CEE7CfA7Vfq7H3Bw==",
+			"version": "0.9.0-beta.3",
+			"resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.9.0-beta.3.tgz",
+			"integrity": "sha512-P93PW6W3Qm9BW3160gn0Ce+64UCFAOpoEOHf5537LgFPE8LpNAIU3EI6EtMNkOJS58pu1h2UkfyRyX/j0Pohjw==",
 			"requires": {
 				"@authorizerdev/authorizer-js": "^0.4.0-beta.0",
 				"final-form": "^4.20.2",
--- a/app/package.json
+++ b/app/package.json
@@ -11,7 +11,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "0.9.0-beta.2",
+		"@authorizerdev/authorizer-react": "0.9.0-beta.3",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",
--- a/server/handlers/authorize.go
+++ b/server/handlers/authorize.go
@@ -293,7 +293,7 @@ func AuthorizeHandler() gin.HandlerFunc {
 			if authToken.RefreshToken != nil {
 				res["refresh_token"] = authToken.RefreshToken.Token
 				params += "&refresh_token=" + authToken.RefreshToken.Token
-				sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+				sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
 			}

 			if isQuery {
--- a/server/handlers/logout.go
+++ b/server/handlers/logout.go
@@ -2,6 +2,7 @@ package handlers

 import (
 	"net/http"
+	"strings"

 	"github.com/authorizerdev/authorizer/server/cookie"
 	"github.com/authorizerdev/authorizer/server/crypto"
@@ -12,6 +13,7 @@ import (
 // Handler to logout user
 func LogoutHandler() gin.HandlerFunc {
 	return func(gc *gin.Context) {
+		redirectURL := strings.TrimSpace(gc.Query("redirect_uri"))
 		// get fingerprint hash
 		fingerprintHash, err := cookie.GetSession(gc)
 		if err != nil {
@@ -34,8 +36,12 @@ func LogoutHandler() gin.HandlerFunc {
 		sessionstore.RemoveState(fingerPrint)
 		cookie.DeleteSession(gc)

-		gc.JSON(http.StatusOK, gin.H{
-			"message": "Logged out successfully",
-		})
+		if redirectURL != "" {
+			gc.Redirect(http.StatusFound, redirectURL)
+		} else {
+			gc.JSON(http.StatusOK, gin.H{
+				"message": "Logged out successfully",
+			})
+		}
 	}
 }
--- a/server/handlers/oauth_callback.go
+++ b/server/handlers/oauth_callback.go
@@ -159,7 +159,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {

 		if authToken.RefreshToken != nil {
 			params = params + `&refresh_token=` + authToken.RefreshToken.Token
-			sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+			sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
 		}

 		go utils.SaveSessionInDB(c, user.ID)
--- a/server/handlers/token.go
+++ b/server/handlers/token.go
@@ -141,8 +141,14 @@ func TokenHandler() gin.HandlerFunc {
 				})
 			}
 			userID = claims["sub"].(string)
-			roles = claims["roles"].([]string)
-			scope = claims["scope"].([]string)
+			rolesInterface := claims["roles"].([]interface{})
+			scopeInterface := claims["scope"].([]interface{})
+			for _, v := range rolesInterface {
+				roles = append(roles, v.(string))
+			}
+			for _, v := range scopeInterface {
+				scope = append(scope, v.(string))
+			}
 			// remove older refresh token and rotate it for security
 			sessionstore.RemoveState(refreshToken)
 		}
@@ -179,7 +185,7 @@ func TokenHandler() gin.HandlerFunc {

 		if authToken.RefreshToken != nil {
 			res["refresh_token"] = authToken.RefreshToken.Token
-			sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+			sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
 		}

 		gc.JSON(http.StatusOK, res)
--- a/server/handlers/verify_email.go
+++ b/server/handlers/verify_email.go
@@ -91,7 +91,7 @@ func VerifyEmailHandler() gin.HandlerFunc {

 		if authToken.RefreshToken != nil {
 			params = params + `&refresh_token=${refresh_token}`
-			sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+			sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
 		}

 		if redirectURL == "" {
--- a/server/resolvers/login.go
+++ b/server/resolvers/login.go
@@ -84,7 +84,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes

 	if authToken.RefreshToken != nil {
 		res.RefreshToken = &authToken.RefreshToken.Token
-		sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+		sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
 	}

 	go utils.SaveSessionInDB(gc, user.ID)
--- a/server/resolvers/session.go
+++ b/server/resolvers/session.go
@@ -80,7 +80,7 @@ func SessionResolver(ctx context.Context, params *model.SessionQueryInput) (*mod

 	if authToken.RefreshToken != nil {
 		res.RefreshToken = &authToken.RefreshToken.Token
-		sessionstore.SetState(authToken.AccessToken.Token, authToken.FingerPrint+"@"+user.ID)
+		sessionstore.SetState(authToken.RefreshToken.Token, authToken.FingerPrint+"@"+user.ID)
 	}

 	return res, nil
--- a/server/token/verification_token.go
+++ b/server/token/verification_token.go
@@ -18,7 +18,7 @@ func CreateVerificationToken(email, tokenType, hostname, nonceHash, redirectURL
 		"iat":          time.Now().Unix(),
 		"token_type":   tokenType,
 		"nonce":        nonceHash,
-		"redirect_url": redirectURL,
+		"redirect_uri": redirectURL,
 	}

 	return SignJWTToken(claims)
Author	SHA1	Message	Date
Lakhan Samani	5d73df0040	fix: magic link login	2022-03-08 22:41:33 +05:30
Lakhan Samani	60cd317e67	fix: add redirect url to logout	2022-03-08 21:32:42 +05:30
Lakhan Samani	f5bdc8db39	fix: refresh token store info	2022-03-08 21:13:23 +05:30