Ailur-Archives
/
burgerauth
Archived
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Revert "Put the longer codes into different cookies for easier storage" 

This reverts commit 5f8bf52194.
This commit is contained in:
Tracker-Friendly 2024-06-25 01:16:41 +01:00
parent 7dfa018fe6
commit d833d90c59
1 changed files with 4 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
main.go
View File

@ -18,7 +18,6 @@ import (
"fmt" "fmt"
"log" "log"
"math/big" "math/big"
"net/http"
"os" "os"
"regexp" "regexp"
"strconv" "strconv"
@ -928,13 +927,12 @@ func main() {
"session": secretKey, "session": secretKey,
"appId": appId, "appId": appId,
"exchangeKey": exchangeKey, "exchangeKey": exchangeKey,
"oauthToken": oauthToken,
"creator": userId, "creator": userId,
"openid": openIdToken,
"PKCECode": code, "PKCECode": code,
"PKCEMethod": codeMethod, "PKCEMethod": codeMethod,
} }
c.SetSameSite(3)
c.SetCookie("oauthToken", oauthToken, 300, "/", "", true, true)
c.SetCookie("openIdToken", openIdToken, 300, "/", "", true, true)
sessionInfoStr, err := json.Marshal(sessionInfo) sessionInfoStr, err := json.Marshal(sessionInfo)
if err != nil { if err != nil {
@ -1004,36 +1002,12 @@ func main() {
var activeLoginMap map[string]any var activeLoginMap map[string]any
err = json.Unmarshal([]byte(activeLogin.(string)), &activeLoginMap) err = json.Unmarshal([]byte(activeLogin.(string)), &activeLoginMap)
PKCECode, PKCEMethod, loginCode := activeLoginMap["PKCECode"].(string), activeLoginMap["PKCEMethod"].(string), activeLoginMap["exchangeKey"].(string) openid, loginCode, PKCECode, PKCEMethod := activeLoginMap["openid"].(string), activeLoginMap["session"].(string), activeLoginMap["PKCECode"].(string), activeLoginMap["PKCEMethod"].(string)
if loginCode != code { if loginCode != code {
c.JSON(401, gin.H{"error": "Another login attempt is in progress or the login was never started"}) c.JSON(401, gin.H{"error": "Another login attempt is in progress or the login was never started"})
return return
} }
oauthCode, err := c.Cookie("oauthToken")
if err != nil {
if errors.Is(err, http.ErrNoCookie) {
c.JSON(401, gin.H{"error": "The token has expired or was never created"})
return
} else {
log.Println("[ERROR] Unknown in /api/tokenauth oauth cookie at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-TOKENAUTH-OAUTHTOKEN"})
return
}
}
openid, err := c.Cookie("openIdToken")
if err != nil {
if errors.Is(err, http.ErrNoCookie) {
c.JSON(401, gin.H{"error": "The token has expired or was never created"})
return
} else {
log.Println("[ERROR] Unknown in /api/tokenauth openid cookie at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-TOKENAUTH-OAUTHTOKEN"})
return
}
}
if verifyCode { if verifyCode {
if PKCECode == "none" { if PKCECode == "none" {
c.JSON(400, gin.H{"error": "Attempted PKCECode exchange with non-PKCECode authentication"}) c.JSON(400, gin.H{"error": "Attempted PKCECode exchange with non-PKCECode authentication"})
@ -1061,7 +1035,7 @@ func main() {
} }
} }
c.JSON(200, gin.H{"access_token": oauthCode, "token_type": "bearer", "expires_in": 2592000, "id_token": openid}) c.JSON(200, gin.H{"access_token": loginCode, "token_type": "bearer", "expires_in": 2592000, "id_token": openid})
}) })
router.POST("/api/deleteauth", func(c *gin.Context) { router.POST("/api/deleteauth", func(c *gin.Context) {