fix: response

fix: authorize response
fix: reponse
2022-10-18 21:46:37 +05:30 · 2022-10-18 21:29:09 +05:30 · 2022-10-18 21:08:53 +05:30 · 2022-10-16 22:16:37 +05:30
2 changed files with 56 additions and 32 deletions
--- a/server/handlers/authorize.go
+++ b/server/handlers/authorize.go
@@ -68,6 +68,15 @@ func AuthorizeHandler() gin.HandlerFunc {
 			return
 		}

+		log := log.WithFields(log.Fields{
+			"response_mode":  responseMode,
+			"response_type":  responseType,
+			"state":          state,
+			"code_challenge": codeChallenge,
+			"scope":          scope,
+			"redirect_uri":   redirectURI,
+		})
+
 		// used for response mode query or fragment
 		loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI
 		loginURL := "/app?" + loginState
@@ -76,8 +85,11 @@ func AuthorizeHandler() gin.HandlerFunc {
 		}

 		loginError := map[string]interface{}{
-			"error":             "login_required",
-			"error_description": "Login is required",
+			"type": "authorization_response",
+			"response": map[string]string{
+				"error":             "login_required",
+				"error_description": "Login is required",
+			},
 		}

 		sessionToken, err := cookie.GetSession(gc)
@@ -99,8 +111,11 @@ func AuthorizeHandler() gin.HandlerFunc {
 		if err != nil {
 			log.Debug("GetUserByID failed: ", err)
 			handleResponse(gc, responseMode, loginURL, redirectURI, map[string]interface{}{
-				"error":             "signup_required",
-				"error_description": "Sign up required",
+				"type": "authorization_response",
+				"response": map[string]string{
+					"error":             "signup_required",
+					"error_description": "Sign up required",
+				},
 			}, http.StatusOK)
 			return
 		}
@@ -137,29 +152,40 @@ func AuthorizeHandler() gin.HandlerFunc {

 			// in case, response type is code and user is already logged in send the code and state
 			// and cookie session will already be rolled over and set
-			if responseMode == constants.ResponseModeFormPost {
-				gc.HTML(http.StatusOK, authorizeFormPostTemplate, gin.H{
-					"target_origin": redirectURI,
-					"authorization_response": map[string]interface{}{
-						"type": "authorization_response",
-						"response": map[string]string{
-							"code":  code,
-							"state": state,
-						},
-					},
-				})
-			} else {
-				gc.HTML(http.StatusOK, authorizeWebMessageTemplate, gin.H{
-					"target_origin": redirectURI,
-					"authorization_response": map[string]interface{}{
-						"type": "authorization_response",
-						"response": map[string]string{
-							"code":  code,
-							"state": state,
-						},
-					},
-				})
-			}
+			// gc.HTML(http.StatusOK, authorizeWebMessageTemplate, gin.H{
+			// 	"target_origin": redirectURI,
+			// 	"authorization_response": map[string]interface{}{
+			// 		"type": "authorization_response",
+			// 		"response": map[string]string{
+			// 			"code":  code,
+			// 			"state": state,
+			// 		},
+			// 	},
+			// })
+
+			// params := "code=" + code + "&state=" + state
+
+			// if responseMode == constants.ResponseModeQuery {
+			// 	if strings.Contains(redirectURI, "?") {
+			// 		redirectURI = redirectURI + "&" + params
+			// 	} else {
+			// 		redirectURI = redirectURI + "?" + params
+			// 	}
+			// } else if responseMode == constants.ResponseModeFragment {
+			// 	if strings.Contains(redirectURI, "#") {
+			// 		redirectURI = redirectURI + "&" + params
+			// 	} else {
+			// 		redirectURI = redirectURI + "#" + params
+			// 	}
+			// }
+
+			handleResponse(gc, responseMode, loginURL, redirectURI, map[string]interface{}{
+				"type": "authorization_response",
+				"response": map[string]string{
+					"code":  code,
+					"state": state,
+				},
+			}, http.StatusOK)

 			return
 		}
@@ -261,10 +287,8 @@ func validateAuthorizeRequest(responseType, responseMode, clientID, state, codeC

 func handleResponse(gc *gin.Context, responseMode, loginURI, redirectURI string, data map[string]interface{}, httpStatusCode int) {
 	isAuthenticationRequired := false
-	if val, ok := data["error"]; ok {
-		if val == "login_required" || val == "signup_required" {
-			isAuthenticationRequired = true
-		}
+	if _, ok := data["error"]; ok {
+		isAuthenticationRequired = true
 	}

 	switch responseMode {
--- a/server/handlers/openid_config.go
+++ b/server/handlers/openid_config.go
@@ -20,7 +20,7 @@ func OpenIDConfigurationHandler() gin.HandlerFunc {
 			"token_endpoint":                        issuer + "/token",
 			"userinfo_endpoint":                     issuer + "/userinfo",
 			"jwks_uri":                              issuer + "/.well-known/jwks.json",
-			"response_types_supported":              []string{"code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token"},
+			"response_types_supported":              []string{"code", "token", "id_token"},
 			"scopes_supported":                      []string{"openid", "email", "profile", "email_verified", "given_name", "family_name", "nick_name", "picture"},
 			"response_modes_supported":              []string{"query", "fragment", "form_post", "web_message"},
 			"id_token_signing_alg_values_supported": []string{jwtType},
Author	SHA1	Message	Date
Lakhan Samani	cddfe1e088	fix: response	2022-10-18 21:46:37 +05:30
Lakhan Samani	8e655bcb5b	fix: authorize response	2022-10-18 21:29:09 +05:30
Lakhan Samani	9a411e673c	fix: reponse	2022-10-18 21:08:53 +05:30
Lakhan Samani	346c8e5a47	fix: handle response	2022-10-16 22:16:37 +05:30