package route import ( "net/http" "forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra" "github.com/pkg/errors" "gitlab.com/wpetit/goweb/middleware/container" ) func serveConsentPage(w http.ResponseWriter, r *http.Request) { ctn := container.Must(r.Context()) //tmpl := template.Must(ctn) hydr := hydra.Must(ctn) challenge, err := hydr.ConsentChallenge(r) if err != nil { if err == hydra.ErrChallengeNotFound { http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) return } panic(errors.Wrap(err, "could not retrieve consent challenge")) } res, err := hydr.ConsentRequest(challenge) if err != nil { panic(errors.Wrap(err, "could not retrieve hydra consent response")) } if res.Skip { res, err := hydr.AcceptConsentRequest(challenge, &hydra.AcceptConsentRequest{ GrantScope: res.RequestedScope, GrantAccessTokenAudience: res.RequestedAccessTokenAudience, }) if err != nil { panic(errors.Wrap(err, "could not accept hydra consent request")) } http.Redirect(w, r, res.RedirectTo, http.StatusTemporaryRedirect) return } res2, err := hydr.AcceptConsentRequest(challenge, &hydra.AcceptConsentRequest{ GrantScope: res.RequestedScope, GrantAccessTokenAudience: res.RequestedAccessTokenAudience, }) if err != nil { panic(errors.Wrap(err, "could not accept hydra consent request")) } http.Redirect(w, r, res2.RedirectTo, http.StatusTemporaryRedirect) // spew.Dump(res) // data := extendTemplateData(w, r, template.Data{ // csrf.TemplateTag: csrf.TemplateField(r), // "RequestedScope": res.RequestedScope, // "ConsentChallenge": challenge, // }) // if err := tmpl.RenderPage(w, "consent.html.tmpl", data); err != nil { // panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path)) // } }