|
|
|
@ -20,12 +20,14 @@ package handlers
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"html/template"
|
|
|
|
|
"io/fs"
|
|
|
|
|
"net/http"
|
|
|
|
|
"net/url"
|
|
|
|
|
|
|
|
|
|
"github.com/lestrrat-go/jwx/jwk"
|
|
|
|
|
"github.com/nicksnyder/go-i18n/v2/i18n"
|
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
|
|
|
|
|
|
|
|
"code.cacert.org/cacert/oidc-demo-app/ui"
|
|
|
|
|
|
|
|
|
|
"code.cacert.org/cacert/oidc-demo-app/internal/services"
|
|
|
|
|
)
|
|
|
|
@ -33,6 +35,7 @@ import (
|
|
|
|
|
type IndexHandler struct {
|
|
|
|
|
bundle *i18n.Bundle
|
|
|
|
|
indexTemplate *template.Template
|
|
|
|
|
logger *log.Logger
|
|
|
|
|
keySet jwk.Set
|
|
|
|
|
logoutURL string
|
|
|
|
|
messageCatalog *services.MessageCatalog
|
|
|
|
@ -72,10 +75,20 @@ func (h *IndexHandler) ServeHTTP(writer http.ResponseWriter, request *http.Reque
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
idToken string
|
|
|
|
|
ok bool
|
|
|
|
|
accessToken string
|
|
|
|
|
refreshToken string
|
|
|
|
|
idToken string
|
|
|
|
|
ok bool
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if accessToken, ok = session.Values[sessionKeyAccessToken].(string); ok {
|
|
|
|
|
h.logger.WithField("access_token", accessToken).Info("found access token in session")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if refreshToken, ok = session.Values[refreshToken].(string); ok {
|
|
|
|
|
h.logger.WithField("refresh_token", refreshToken).Info("found refresh token in session")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if idToken, ok = session.Values[sessionKeyIDToken].(string); ok {
|
|
|
|
|
logoutURL.RawQuery = url.Values{
|
|
|
|
|
"id_token_hint": []string{idToken},
|
|
|
|
@ -92,6 +105,10 @@ func (h *IndexHandler) ServeHTTP(writer http.ResponseWriter, request *http.Reque
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
expires := oidcToken.Expiration()
|
|
|
|
|
|
|
|
|
|
h.logger.WithField("expires", expires).Info("id token expires at")
|
|
|
|
|
|
|
|
|
|
writer.Header().Add("Content-Type", "text/html")
|
|
|
|
|
|
|
|
|
|
msgLookup := h.messageCatalog.LookupMessage
|
|
|
|
@ -104,6 +121,10 @@ func (h *IndexHandler) ServeHTTP(writer http.ResponseWriter, request *http.Reque
|
|
|
|
|
"IntroductionText": msgLookup("IndexIntroductionText", nil, localizer),
|
|
|
|
|
"LogoutLabel": msgLookup("LogoutLabel", nil, localizer),
|
|
|
|
|
"LogoutURL": logoutURL.String(),
|
|
|
|
|
"AuthenticatedAs": msgLookup("AuthenticatedAs", map[string]interface{}{
|
|
|
|
|
"Name": oidcToken.Name(),
|
|
|
|
|
"Email": oidcToken.Email(),
|
|
|
|
|
}, localizer),
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(writer, err.Error(), http.StatusInternalServerError)
|
|
|
|
@ -113,20 +134,21 @@ func (h *IndexHandler) ServeHTTP(writer http.ResponseWriter, request *http.Reque
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewIndexHandler(
|
|
|
|
|
logger *log.Logger,
|
|
|
|
|
bundle *i18n.Bundle,
|
|
|
|
|
catalog *services.MessageCatalog,
|
|
|
|
|
templateFS fs.FS,
|
|
|
|
|
oidcInfo *services.OIDCInformation,
|
|
|
|
|
publicURL string,
|
|
|
|
|
) (*IndexHandler, error) {
|
|
|
|
|
indexTemplate, err := template.ParseFS(
|
|
|
|
|
templateFS,
|
|
|
|
|
ui.Templates,
|
|
|
|
|
"templates/base.gohtml", "templates/index.gohtml")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("could not parse templates: %w", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return &IndexHandler{
|
|
|
|
|
logger: logger,
|
|
|
|
|
bundle: bundle,
|
|
|
|
|
indexTemplate: indexTemplate,
|
|
|
|
|
keySet: oidcInfo.KeySet,
|
|
|
|
|