OpenMediaCenter/apiGo/api/oauth/Oauth.go

package oauth

import (
	"gopkg.in/oauth2.v3/errors"
	"gopkg.in/oauth2.v3/manage"
	"gopkg.in/oauth2.v3/models"
	"gopkg.in/oauth2.v3/server"
	"gopkg.in/oauth2.v3/store"
	"log"
	"net/http"
)

var srv *server.Server

func InitOAuth() {
	manager := manage.NewDefaultManager()
	// token store
	manager.MustTokenStorage(store.NewMemoryTokenStore())

	clientStore := store.NewClientStore()
	// todo we need to check here if a password is enabled in db -- when yes set it here!
	clientStore.Set("openmediacenter", &models.Client{
		ID:     "openmediacenter",
		Secret: "openmediacenter",
		Domain: "http://localhost:8081",
	})

	manager.MapClientStorage(clientStore)
	srv = server.NewServer(server.NewConfig(), manager)
	srv.SetClientInfoHandler(server.ClientFormHandler)
	manager.SetRefreshTokenCfg(manage.DefaultRefreshTokenCfg)

	srv.SetInternalErrorHandler(func(err error) (re *errors.Response) {
		log.Println("Internal Error:", err.Error())
		return
	})

	srv.SetResponseErrorHandler(func(re *errors.Response) {
		log.Println("Response Error:", re.Error.Error())
	})

	http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
		err := srv.HandleAuthorizeRequest(w, r)
		if err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
		}
	})

	http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
		err := srv.HandleTokenRequest(w, r)
		if err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
		}
	})
}

func ValidateToken(f http.HandlerFunc) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		_, err := srv.ValidationBearerToken(r)
		if err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
			return
		}

		f.ServeHTTP(w, r)
	}
}
add secure requests with tokens. generate new token on every new page load 2021-03-09 12:56:53 +00:00			`package oauth`

			`import (`
			`"gopkg.in/oauth2.v3/errors"`
			`"gopkg.in/oauth2.v3/manage"`
			`"gopkg.in/oauth2.v3/models"`
			`"gopkg.in/oauth2.v3/server"`
			`"gopkg.in/oauth2.v3/store"`
			`"log"`
			`"net/http"`
			`)`

			`var srv *server.Server`

			`func InitOAuth() {`
			`manager := manage.NewDefaultManager()`
			`// token store`
			`manager.MustTokenStorage(store.NewMemoryTokenStore())`

			`clientStore := store.NewClientStore()`
			`// todo we need to check here if a password is enabled in db -- when yes set it here!`
			`clientStore.Set("openmediacenter", &models.Client{`
			`ID: "openmediacenter",`
			`Secret: "openmediacenter",`
			`Domain: "http://localhost:8081",`
			`})`

			`manager.MapClientStorage(clientStore)`
			`srv = server.NewServer(server.NewConfig(), manager)`
			`srv.SetClientInfoHandler(server.ClientFormHandler)`
			`manager.SetRefreshTokenCfg(manage.DefaultRefreshTokenCfg)`

			`srv.SetInternalErrorHandler(func(err error) (re *errors.Response) {`
			`log.Println("Internal Error:", err.Error())`
			`return`
			`})`

			`srv.SetResponseErrorHandler(func(re *errors.Response) {`
			`log.Println("Response Error:", re.Error.Error())`
			`})`

			`http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {`
			`err := srv.HandleAuthorizeRequest(w, r)`
			`if err != nil {`
			`http.Error(w, err.Error(), http.StatusBadRequest)`
			`}`
			`})`

			`http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {`
			`err := srv.HandleTokenRequest(w, r)`
			`if err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`}`
			`})`
			`}`

			`func ValidateToken(f http.HandlerFunc) http.HandlerFunc {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`_, err := srv.ValidationBearerToken(r)`
			`if err != nil {`
			`http.Error(w, err.Error(), http.StatusBadRequest)`
			`return`
			`}`

			`f.ServeHTTP(w, r)`
			`}`
			`}`