package middleware import ( "net/http" "github.com/pborman/uuid" "forge.cadoles.com/wpetit/gengitkan/internal/config" "github.com/pkg/errors" "gitlab.com/wpetit/goweb/middleware/container" "gitlab.com/wpetit/goweb/service" "gitlab.com/wpetit/goweb/service/session" "golang.org/x/oauth2" ) const ( SessionOAuth2AccessToken = "accessToken" SessionOAuth2State = "oauth2State" ) func Authenticate(next http.Handler) http.Handler { fn := func(w http.ResponseWriter, r *http.Request) { ctn := container.Must(r.Context()) sess, err := session.Must(ctn).Get(w, r) if err != nil { panic(errors.Wrap(err, "could not retrieve session")) } accessToken, ok := sess.Get(SessionOAuth2AccessToken).(string) if !ok || accessToken == "" { state := uuid.New() sess.Set(SessionOAuth2State, state) if err := sess.Save(w, r); err != nil { panic(errors.Wrap(err, "could not save session")) } giteaOAuth2Config := GiteaOAuth2Config(ctn) url := giteaOAuth2Config.AuthCodeURL(state) http.Redirect(w, r, url, http.StatusSeeOther) } next.ServeHTTP(w, r) } return http.HandlerFunc(fn) } func GiteaOAuth2Config(ctn *service.Container) *oauth2.Config { conf := config.Must(ctn) return &oauth2.Config{ RedirectURL: conf.Gitea.RedirectURL, ClientID: conf.Gitea.ClientID, ClientSecret: conf.Gitea.ClientSecret, Scopes: conf.Gitea.Scopes, Endpoint: oauth2.Endpoint{ AuthURL: conf.Gitea.AuthURL, TokenURL: conf.Gitea.TokenURL, AuthStyle: oauth2.AuthStyleInParams, }, } }