diff options
| author | mo khan <mo@mokhan.ca> | 2022-04-06 14:54:24 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2022-04-06 14:54:24 -0600 |
| commit | af6eba8487d6bd43242e887ef4d27b41cac062d0 (patch) | |
| tree | d9ac427973a53b80a3266d4f4f47a88fbb6e4886 | |
| parent | 1c6107462a31f7dd776cc6e4b4e7d427f4fddf5b (diff) | |
exchange authorization code for tokens
| -rwxr-xr-x | src/oidc/bin/token_request | 10 | ||||
| -rw-r--r-- | src/oidc/main.go | 73 |
2 files changed, 67 insertions, 16 deletions
diff --git a/src/oidc/bin/token_request b/src/oidc/bin/token_request new file mode 100755 index 0000000..48e49e8 --- /dev/null +++ b/src/oidc/bin/token_request @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e +cd "$(dirname "$0")/.." + +curl -s \ + -u "client_id:client_secret" \ + --basic \ + -d "grant_type=authorization_code&code=example&redirect_uri=https://client.example.org/callback" \ + "http://localhost:8282/token" | jq '.' diff --git a/src/oidc/main.go b/src/oidc/main.go index fd80c0d..c996e6a 100644 --- a/src/oidc/main.go +++ b/src/oidc/main.go @@ -6,20 +6,6 @@ import ( "net/http" ) -func main() { - log.Println("Starting server, listening on port 8282.") - - server := &http.Server{ - Addr: ":8282", - Handler: http.HandlerFunc(handler), - ReadTimeout: 0, - WriteTimeout: 0, - IdleTimeout: 0, - } - - log.Fatal(server.ListenAndServe()) -} - type AuthorizationRequest struct { ResponseType string Scope string @@ -28,6 +14,20 @@ type AuthorizationRequest struct { RedirectUri string } +type TokenRequest struct { + GrantType string + Code string + RedirectUri string +} + +type TokenResponse struct { + AccessToken string + TokenType string + RefreshToken string + ExpiresIn int + IdToken string +} + func handler(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/" && r.Method == "GET" { w.WriteHeader(http.StatusOK) @@ -40,9 +40,50 @@ func handler(w http.ResponseWriter, r *http.Request) { State: r.FormValue("state"), RedirectUri: r.FormValue("redirect_uri"), } - http.Redirect(w, r, fmt.Sprintf("%s?code=example&state=%s", ar.RedirectUri, ar.State), 302) + if ar.ResponseType == "code" { + url := fmt.Sprintf("%s?code=example&state=%s", ar.RedirectUri, ar.State) + http.Redirect(w, r, url, 302) + } else { + w.WriteHeader(http.StatusNotFound) + fmt.Fprintf(w, "Not Found\n") + } + } else if r.URL.Path == "/token" && r.Method == "POST" { + tr := &TokenRequest{ + GrantType: r.FormValue("grant_type"), + Code: r.FormValue("code"), + RedirectUri: r.FormValue("redirect_uri"), + } + r := &TokenResponse{ + AccessToken: "stateful_token", + TokenType: "Bearer", + RefreshToken: "another_stateful_token", + ExpiresIn: 3600, + IdToken: "JWT", + } + + if tr.GrantType == "authorization_code" { + w.Header().Set("Content-Type", "application/json") + fmt.Fprintf(w, `{"access_token": "%s","token_type": "%s","refresh_token": "%s","expires_in": %d,"id_token": "%s"}`, r.AccessToken, r.TokenType, r.RefreshToken, r.ExpiresIn, r.IdToken) + } else { + w.WriteHeader(http.StatusNotFound) + fmt.Fprintf(w, "Not Found\n") + } } else { - log.Printf("method: %s path: %s error: unsupported request\n", r.Method, r.URL.Path) w.WriteHeader(http.StatusNotFound) + fmt.Fprintf(w, "Not Found\n") + } +} + +func main() { + log.Println("Starting server, listening on port 8282.") + + server := &http.Server{ + Addr: ":8282", + Handler: http.HandlerFunc(handler), + ReadTimeout: 0, + WriteTimeout: 0, + IdleTimeout: 0, } + + log.Fatal(server.ListenAndServe()) } |