feat: store tokens in sessio cookie

1 files changed, 8 insertions, 12 deletions

diff --git a/app/controllers/sessions/controller.go b/app/controllers/sessions/controller.go
index 70d5631..d526a86 100644
--- a/app/controllers/sessions/controller.go
+++ b/app/controllers/sessions/controller.go
@@ -1,8 +1,6 @@
 package sessions
 
 import (
-	"encoding/base64"
-	"encoding/json"
 	"net/http"
 
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
@@ -31,23 +29,21 @@ func (c *Controller) New(w http.ResponseWriter, r *http.Request) {
 func (c *Controller) Create(w http.ResponseWriter, r *http.Request) {
 	token, err := c.cfg.Config.Exchange(r.Context(), r.URL.Query().Get("code"))
 	if err != nil {
+		w.WriteHeader(http.StatusBadRequest)
 		return
 	}
 
-	tokens := map[string]interface{}{
-		"access_token":  token.AccessToken,
-		"token_type":    token.TokenType,
-		"refresh_token": token.RefreshToken,
-		"expiry":        token.Expiry,
-		"expires_in":    token.ExpiresIn,
+	tokens := &oidc.Tokens{Token: token}
+	if rawIDToken, ok := token.Extra("id_token").(string); ok {
+		tokens.IDToken = rawIDToken
 	}
 
-	if rawIDToken, ok := token.Extra("id_token").(string); ok {
-		tokens["id_token"] = rawIDToken
+	encoded, err := tokens.ToBase64String()
+	if err != nil {
+		w.WriteHeader(http.StatusBadRequest)
+		return
 	}
 
-	data, err := json.Marshal(tokens)
-	encoded := base64.URLEncoding.EncodeToString(data)
 	http.SetCookie(w, &http.Cookie{Name: "session", Value: encoded})
 	http.Redirect(w, r, "/dashboard", http.StatusFound)
 }