Skip to content

Commit

Permalink
fix(back): redirect on error after callback
Browse files Browse the repository at this point in the history
  • Loading branch information
@yyewolf
yyewolf committed Sep 20, 2023
1 parent 5fed1c5 commit d85a1d9
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 38 deletions.
61 changes: 33 additions & 28 deletions backend/api/auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,11 @@ type googleUser struct {
Picture string `json:"picture"`
}

func DefaultRedirect(c echo.Context) error {
conf := config.GetConfig()
return c.Redirect(http.StatusPermanentRedirect, conf.ApiConfig.FrontendBasePath+"/borne")
}

// (GET /auth/google/callback)
func (s *Server) Callback(c echo.Context, params autogen.CallbackParams) error {
// Get account from state and delete state
Expand All @@ -162,22 +167,23 @@ func (s *Server) Callback(c echo.Context, params autogen.CallbackParams) error {
}
stateCache.Delete(params.State)

conf := config.GetConfig()

account, err := s.DBackend.GetAccount(c.Request().Context(), accountID.(string))
if err != nil {
if err != mongo.ErrNoDocuments {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}
// Check if account is onBoard
acc, found := onBoardCache.Get(accountID.(string))
if !found {
return ErrorAccNotFound(c)
logrus.Error(err)
return DefaultRedirect(c)
}
account = acc.(*models.Account)
}

conf := config.GetConfig()

// Get token from Google
oauth2Config := oauth2.Config{
ClientID: conf.OauthConfig.GoogleClientID,
Expand All @@ -193,41 +199,41 @@ func (s *Server) Callback(c echo.Context, params autogen.CallbackParams) error {
token, err := oauth2Config.Exchange(c.Request().Context(), params.Code)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

// Get user from Google
client := oauth2Config.Client(c.Request().Context(), token)
resp, err := client.Get("https://www.googleapis.com/oauth2/v2/userinfo")
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}
defer resp.Body.Close()

usr := &googleUser{}
err = json.NewDecoder(resp.Body).Decode(usr)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

adminService, err := admin.NewService(c.Request().Context(), option.WithTokenSource(oauth2Config.TokenSource(c.Request().Context(), token)))
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

t, err := adminService.Users.Get(usr.ID).Projection("custom").CustomFieldMask("Education").ViewType("domain_public").Do()
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}
edc := &education{}
err = json.Unmarshal(t.CustomSchemas["Education"], edc)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

account.FirstName = usr.FirstName
Expand All @@ -242,7 +248,7 @@ func (s *Server) Callback(c echo.Context, params autogen.CallbackParams) error {
err = s.DBackend.CreateAccount(c.Request().Context(), account)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

// Delete ONBOARD cookie
Expand All @@ -251,15 +257,15 @@ func (s *Server) Callback(c echo.Context, params autogen.CallbackParams) error {
err = s.DBackend.UpdateAccount(c.Request().Context(), account)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}
}

BroadcastToRoom(accountID.(string), []byte("connected"))

r, found := redirectCache.Get(params.State)
if !found {
return Error500(c)
return DefaultRedirect(c)
}
redirectCache.Delete(params.State)

Expand All @@ -286,23 +292,23 @@ func (s *Server) CallbackInpromptu(c echo.Context, params autogen.CallbackParams
token, err := oauth2Config.Exchange(c.Request().Context(), params.Code)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

// Get user from Google
client := oauth2Config.Client(c.Request().Context(), token)
resp, err := client.Get("https://www.googleapis.com/oauth2/v2/userinfo")
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}
defer resp.Body.Close()

usr := &googleUser{}
err = json.NewDecoder(resp.Body).Decode(usr)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

account, err := s.DBackend.GetAccountByGoogle(c.Request().Context(), usr.ID)
Expand All @@ -311,25 +317,25 @@ func (s *Server) CallbackInpromptu(c echo.Context, params autogen.CallbackParams
return ErrorAccNotFound(c)
}
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

adminService, err := admin.NewService(c.Request().Context(), option.WithTokenSource(oauth2Config.TokenSource(c.Request().Context(), token)))
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

t, err := adminService.Users.Get(usr.ID).Projection("custom").CustomFieldMask("Education").ViewType("domain_public").Do()
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}
edc := &education{}
err = json.Unmarshal(t.CustomSchemas["Education"], edc)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

account.FirstName = usr.FirstName
Expand All @@ -341,13 +347,12 @@ func (s *Server) CallbackInpromptu(c echo.Context, params autogen.CallbackParams
err = s.DBackend.UpdateAccount(c.Request().Context(), account)
if err != nil {
logrus.Error(err)
return Error500(c)
return DefaultRedirect(c)
}

r, found := redirectCache.Get(params.State)
if !found {
logrus.Error("no redirect found")
return Error500(c)
return c.Redirect(http.StatusPermanentRedirect, conf.ApiConfig.FrontendBasePath+"/borne/connected")
}
redirectCache.Delete(params.State)

Expand Down Expand Up @@ -410,13 +415,13 @@ func (s *Server) ConnectGoogle(c echo.Context, p autogen.ConnectGoogleParams) er
conf := config.GetConfig()

// Get ?r=
redirect := p.R
rel := p.R

// Check if it's a safe redirect (TODO: check if this is correct)
if strings.HasPrefix(redirect, conf.ApiConfig.FrontendBasePath) {
redirectCache.Set(redirect, true, cache.DefaultExpiration)
switch rel {
case "admin":
rel = conf.ApiConfig.FrontendBasePath + "/admin"
}

// Init OAuth2 flow with Google
oauth2Config := oauth2.Config{
ClientID: conf.OauthConfig.GoogleClientID,
Expand All @@ -432,7 +437,7 @@ func (s *Server) ConnectGoogle(c echo.Context, p autogen.ConnectGoogleParams) er
// state is not nonce
state := uuid.NewString()

redirectCache.Set(state, redirect, cache.DefaultExpiration)
redirectCache.Set(state, rel, cache.DefaultExpiration)

hostDomainOption := oauth2.SetAuthURLParam("hd", "telecomnancy.net")
// Redirect to Google
Expand Down
11 changes: 1 addition & 10 deletions frontend/src/routes/auth/+page.svelte
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,5 @@
<script lang="ts">
import { api } from "$lib/config/config";
import { onMount } from "svelte";
let redirectTo: string = "";
onMount(() => {
origin = window.location.origin;
// url encode
redirectTo = encodeURIComponent(origin + "/admin");
});
</script>

<style>
Expand All @@ -30,6 +21,6 @@
<!-- Connect with Google at the middle of the screen -->
<div class="flex flex-col items-center justify-center h-screen">
<div class="flex flex-col items-center justify-center">
<a href={api() + "/auth/google?r="+redirectTo} class="connect-button mt-4">Connection avec Google</a>
<a href={api() + "/auth/google?r=admin"} class="connect-button mt-4">Connection avec Google</a>
</div>
</div>

0 comments on commit d85a1d9

Please sign in to comment.