2024-10-25 15:08:56 +01:00
|
|
|
package auth
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/julienschmidt/httprouter"
|
|
|
|
"net/http"
|
|
|
|
"net/url"
|
|
|
|
"strings"
|
|
|
|
)
|
|
|
|
|
|
|
|
type UserHandler func(rw http.ResponseWriter, req *http.Request, params httprouter.Params, auth UserAuth)
|
|
|
|
|
|
|
|
type UserAuth struct {
|
|
|
|
Subject string
|
2024-12-06 18:41:03 +00:00
|
|
|
Factor State
|
2024-10-25 15:08:56 +01:00
|
|
|
UserInfo UserInfoFields
|
|
|
|
}
|
|
|
|
|
|
|
|
func (u UserAuth) IsGuest() bool { return u.Subject == "" }
|
|
|
|
|
|
|
|
func (u UserAuth) NextFlowUrl(origin *url.URL) *url.URL {
|
|
|
|
// prevent redirect loops
|
|
|
|
if origin.Path == "/login" || origin.Path == "/callback" {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
if u.Factor < FactorAuthorized {
|
|
|
|
return PrepareRedirectUrl("/login", origin)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func PrepareRedirectUrl(targetPath string, origin *url.URL) *url.URL {
|
|
|
|
// find start of query parameters in target path
|
|
|
|
n := strings.IndexByte(targetPath, '?')
|
|
|
|
v := url.Values{}
|
|
|
|
|
|
|
|
// parse existing query parameters
|
|
|
|
if n != -1 {
|
|
|
|
q, err := url.ParseQuery(targetPath[n+1:])
|
|
|
|
if err != nil {
|
|
|
|
panic("PrepareRedirectUrl: invalid hardcoded target path query parameters")
|
|
|
|
}
|
|
|
|
v = q
|
|
|
|
targetPath = targetPath[:n]
|
|
|
|
}
|
|
|
|
|
|
|
|
// add path of origin as a new query parameter
|
|
|
|
orig := origin.Path
|
|
|
|
if origin.RawQuery != "" || origin.ForceQuery {
|
|
|
|
orig += "?" + origin.RawQuery
|
|
|
|
}
|
|
|
|
if orig != "" {
|
|
|
|
v.Set("redirect", orig)
|
|
|
|
}
|
|
|
|
return &url.URL{Path: targetPath, RawQuery: v.Encode()}
|
|
|
|
}
|