package route import ( "net/http" "forge.cadoles.com/wpetit/gitea-kan/internal/middleware" "github.com/pkg/errors" "gitlab.com/wpetit/goweb/middleware/container" "gitlab.com/wpetit/goweb/service/session" "golang.org/x/oauth2" ) func handleOAuth2Callback(w http.ResponseWriter, r *http.Request) { ctn := container.Must(r.Context()) sess, err := session.Must(ctn).Get(w, r) if err != nil { panic(errors.Wrap(err, "could not retrieve session")) } expectedState := sess.Get(middleware.SessionOAuth2State) state := r.FormValue("state") if state != expectedState { http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) return } giteaOAuth2Config := middleware.GiteaOAuth2Config(ctn) code := r.FormValue("code") token, err := giteaOAuth2Config.Exchange(oauth2.NoContext, code) if err != nil { panic(errors.Wrap(err, "could not exchange oauth2 token")) } sess.Set(middleware.SessionOAuth2AccessToken, token.AccessToken) sess.Set(middleware.SessionOAuth2State, "") if err := sess.Save(w, r); err != nil { panic(errors.Wrap(err, "could not save session")) } http.Redirect(w, r, "/", http.StatusSeeOther) }