diff options
| -rw-r--r-- | cmd/ui/main.go | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/cmd/ui/main.go b/cmd/ui/main.go index 6319b58..d125d15 100644 --- a/cmd/ui/main.go +++ b/cmd/ui/main.go @@ -40,7 +40,7 @@ func SessionFor(sessions map[string]*x.Session, r *http.Request, w http.Response func main() { sessions := map[string]*x.Session{} - godotenv.Load() + x.Check(godotenv.Load()) provider := x.Must(oidc.NewProvider(context.Background(), "https://"+os.Getenv("AUTH0_DOMAIN")+"/")) cfg := oauth2.Config{ ClientID: os.Getenv("AUTH0_CLIENT_ID"), @@ -48,9 +48,10 @@ func main() { RedirectURL: os.Getenv("AUTH0_CALLBACK_URL"), Endpoint: provider.Endpoint(), Scopes: []string{ - oidc.ScopeOpenID, - oidc.ScopeOfflineAccess, + "email", "profile", + oidc.ScopeOfflineAccess, + oidc.ScopeOpenID, }, } router := http.NewServeMux() @@ -66,7 +67,8 @@ func main() { router.Handle("/login", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { session := SessionFor(sessions, r, w) session.OAuthState = uuid.GenerateUUID() - http.Redirect(w, r, cfg.AuthCodeURL(session.OAuthState), http.StatusTemporaryRedirect) + url := cfg.AuthCodeURL(session.OAuthState, oauth2.SetAuthURLParam("audience", os.Getenv("AUTH0_AUDIENCE"))) + http.Redirect(w, r, url, http.StatusTemporaryRedirect) })) router.Handle("/callback", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { @@ -78,11 +80,7 @@ func main() { } client := &http.Client{Transport: x.LoggingRoundTripper{http.DefaultTransport}} - token := x.Must(cfg.Exchange( - context.WithValue(r.Context(), oauth2.HTTPClient, client), - r.URL.Query().Get("code"), - oauth2.SetAuthURLParam("audience", os.Getenv("AUTH0_AUDIENCE")), - )) + token := x.Must(cfg.Exchange(context.WithValue(r.Context(), oauth2.HTTPClient, client), r.URL.Query().Get("code"))) rawIDToken, ok := token.Extra("id_token").(string) if !ok { |