DEVELOPMENT ENVIRONMENT

~liljamo/tixe

ref: 6124b16e89cc33cf9e3b2df29c709b1f1465ac53 tixe/auth/auth.go -rw-r--r-- 839 bytes
6124b16eJonni Liljamo fix: abort if not logged in... 1 year, 1 month ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
/*
 * Copyright (C) 2023 Jonni Liljamo <jonni@liljamo.com>
 *
 * This file is licensed under AGPL-3.0-or-later, see NOTICE and LICENSE for
 * more information.
 */
package auth

import (
	"context"
	"errors"

	"github.com/coreos/go-oidc/v3/oidc"
	"golang.org/x/oauth2"
)

type Auth struct {
	*oidc.Provider
	oauth2.Config
}

func NewAuth() (*Auth, error) {
	provider, config, err := NewProviderAndConfig()
	if err != nil {
		return nil, err
	}

	return &Auth{
		Provider: provider,
		Config: config,
	}, nil
}

func (a *Auth) VerifyIDToken(c context.Context, token *oauth2.Token) (*oidc.IDToken, error) {
	idToken, ok := token.Extra("id_token").(string)
	if !ok {
		return nil, errors.New("No id_token field in oauth2 token")
	}

	oidcConfig := &oidc.Config{
		ClientID: a.ClientID,
	}

	return a.Verifier(oidcConfig).Verify(c, idToken)
}