52 lines
1.3 KiB
Go
52 lines
1.3 KiB
Go
package route
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
|
|
"github.com/pkg/errors"
|
|
"gitlab.com/wpetit/goweb/middleware/container"
|
|
)
|
|
|
|
func serveConsentPage(w http.ResponseWriter, r *http.Request) {
|
|
ctn := container.Must(r.Context())
|
|
hydr := hydra.Must(ctn)
|
|
|
|
challenge, err := hydr.ConsentChallenge(r)
|
|
if err != nil {
|
|
if err == hydra.ErrChallengeNotFound {
|
|
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
|
|
|
|
return
|
|
}
|
|
|
|
panic(errors.Wrap(err, "could not retrieve consent challenge"))
|
|
}
|
|
|
|
consentRes, err := hydr.ConsentRequest(challenge)
|
|
if err != nil {
|
|
panic(errors.Wrap(err, "could not retrieve hydra consent response"))
|
|
}
|
|
|
|
scopes := []string{"email"}
|
|
scopes = append(scopes, consentRes.RequestedScope...)
|
|
|
|
acceptConsentReq := &hydra.AcceptConsentRequest{
|
|
GrantScope: scopes,
|
|
GrantAccessTokenAudience: consentRes.RequestedAccessTokenAudience,
|
|
Session: hydra.AcceptConsentSession{
|
|
IDToken: map[string]interface{}{
|
|
"email": consentRes.Context["email"],
|
|
"email_verified": true,
|
|
},
|
|
},
|
|
}
|
|
|
|
acceptRes, err := hydr.AcceptConsentRequest(challenge, acceptConsentReq)
|
|
if err != nil {
|
|
panic(errors.Wrap(err, "could not accept hydra consent request"))
|
|
}
|
|
|
|
http.Redirect(w, r, acceptRes.RedirectTo, http.StatusTemporaryRedirect)
|
|
}
|