Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: spotify oauth #18

Merged
merged 14 commits into from
Sep 20, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 2 additions & 7 deletions backend/cmd/server/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import (

"platnm/internal/config"
"platnm/internal/service"
"platnm/internal/storage/postgres"

_ "github.com/lib/pq"
"github.com/sethvargo/go-envconfig"
Expand All @@ -19,13 +18,9 @@ func main() {
log.Fatalln("Error processing .env file: ", err)
}

// Connect to database
conn := postgres.ConnectDatabase(config.DbHost, config.DbUser, config.DbPassword, config.DbName, config.DbPort)
app := service.InitApp(service.Params{Conn: conn})
app := service.InitApp(config)

defer conn.Close()

if err := app.Listen(":8080"); err != nil {
if err := app.Listen(":" + config.Application.Port); err != nil {
log.Fatalf("Failed to start server: %v", err)
}
}
4 changes: 4 additions & 0 deletions backend/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,11 @@ go 1.22.6

require (
github.com/gofiber/fiber/v2 v2.52.5
github.com/gofiber/storage/memory v1.3.4
github.com/jackc/pgx/v5 v5.7.0
github.com/lib/pq v1.10.9
github.com/zmb3/spotify/v2 v2.4.2
golang.org/x/oauth2 v0.23.0
)

require (
Expand All @@ -21,6 +24,7 @@ require (
require (
github.com/andybalholm/brotli v1.0.5 // indirect
github.com/goccy/go-json v0.10.3
github.com/gofiber/storage v1.3.3
github.com/google/uuid v1.5.0 // indirect
github.com/klauspost/compress v1.17.0 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
Expand Down
402 changes: 402 additions & 0 deletions backend/go.sum

Large diffs are not rendered by default.

6 changes: 6 additions & 0 deletions backend/internal/config/application.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
package config

type Application struct {
Port string `env:"PORT, default=8080"` // the port for the server to listen on
LogLevel string `env:"LOG_LEVEL, default=INFO"` // the level of event to log
}
11 changes: 3 additions & 8 deletions backend/internal/config/config.go
Original file line number Diff line number Diff line change
@@ -1,12 +1,7 @@
package config

type Config struct {
DbHost string `env:"DB_HOST, required"` // the database host to connect to
DbPort string `env:"DB_PORT, required"` // the database port to connect to
DbUser string `env:"DB_USER, required"` // the user to connect to the database with
DbPassword string `env:"DB_PASSWORD, required"` // the password to connect to the database with
DbName string `env:"DB_NAME, required"` // the name of the database to connect to

Port string `env:"PORT, default=8080"` // the port for the server to listen on
LogLevel string `env:"LOG_LEVEL, default=INFO"` // the level of event to log
Application Application
DB DB
Spotify Spotify
}
15 changes: 15 additions & 0 deletions backend/internal/config/db.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
package config

import "fmt"

type DB struct {
Host string `env:"DB_HOST, required"` // the database host to connect to
Port string `env:"DB_PORT, required"` // the database port to connect to
User string `env:"DB_USER, required"` // the user to connect to the database with
Password string `env:"DB_PASSWORD, required"` // the password to connect to the database with
Name string `env:"DB_NAME, required"` // the name of the database to connect to
}

func (db *DB) Connection() string {
return fmt.Sprintf("host=%s user=%s password=%s dbname=%s port=%s sslmode=require statement_cache_mode=describe pgbouncer=true", db.Host, db.User, db.Password, db.Name, db.Port)
}
5 changes: 5 additions & 0 deletions backend/internal/config/spotify.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
package config

type Spotify struct {
RedirectURI string `env:"SPOTIFY_REDIRECT_URI, required"`
}
7 changes: 7 additions & 0 deletions backend/internal/constants/auth.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
package constants

import "time"

const (
SessionDuration = 5 * time.Minute
)
6 changes: 6 additions & 0 deletions backend/internal/constants/http.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
package constants

const (
HeaderSession = "X-Session"
HeaderRedirect = "X-Redirect"
)
46 changes: 46 additions & 0 deletions backend/internal/service/handler/oauth/session.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
package oauth

import (
"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2/middleware/session"
)

const valueKey = "value"

type SessionValue struct {
State string
Verifier string
}

type SessionValueStore struct {
*session.Store
}

func NewSessionValueStore(config session.Config) *SessionValueStore {
store := &SessionValueStore{
session.New(config),
}

store.RegisterType(SessionValue{})
return store
}

func (s *SessionValueStore) SessionSetValue(c *fiber.Ctx, value SessionValue) error {
sess, err := s.Get(c)
if err != nil {
return err
}
sess.Set(valueKey, value)
if err := sess.Save(); err != nil {
return err
}
return nil
}

func (s *SessionValueStore) SessionGetValue(c *fiber.Ctx) (SessionValue, error) {
sess, err := s.Get(c)
if err != nil {
return SessionValue{}, err
}
return sess.Get(valueKey).(SessionValue), nil
}
34 changes: 34 additions & 0 deletions backend/internal/service/handler/oauth/spotify/begin.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
package spotify

import (
"net/http"
"platnm/internal/constants"
"platnm/internal/service/handler/oauth"

"github.com/gofiber/fiber/v2"
"golang.org/x/oauth2"
)

func (h *Handler) Begin(c *fiber.Ctx) error {
var (
verifier = oauth2.GenerateVerifier()
challenge = oauth2.S256ChallengeFromVerifier(verifier)
)

state, err := oauth.GenerateState()
if err != nil {
return err
}

url := h.authenticator.AuthURL(state,
oauth2.SetAuthURLParam("code_challenge_method", "S256"),
oauth2.SetAuthURLParam("code_challenge", challenge),
)

if err := h.store.SessionSetValue(c, oauth.SessionValue{State: state, Verifier: verifier}); err != nil {
return err
}

c.Set(constants.HeaderRedirect, url)
return c.SendStatus(http.StatusFound)
}
34 changes: 34 additions & 0 deletions backend/internal/service/handler/oauth/spotify/callback.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
package spotify

import (
"log/slog"
"net/http"
"platnm/internal/constants"

"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2/middleware/adaptor"
"golang.org/x/oauth2"
)

func (h *Handler) Callback(c *fiber.Ctx) error {
v, err := h.store.SessionGetValue(c)
if err != nil {
return err
}

req, err := adaptor.ConvertRequest(c, false)
if err != nil {
return err
}

token, err := h.authenticator.Token(c.Context(), v.State, req, oauth2.SetAuthURLParam("code_verifier", v.Verifier))
if err != nil {
return err
}

slog.Info("Access token:", "token", token.AccessToken)
slog.Info("Refresh token:", "token", token.RefreshToken)

c.Set(constants.HeaderRedirect, "http://127.0.0.1:3000")
return c.SendStatus(http.StatusFound)
}
25 changes: 25 additions & 0 deletions backend/internal/service/handler/oauth/spotify/handler.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
package spotify

import (
"platnm/internal/config"
"platnm/internal/service/handler/oauth"

spotifyauth "github.com/zmb3/spotify/v2/auth"
)

type Handler struct {
store *oauth.SessionValueStore
authenticator *spotifyauth.Authenticator
}

func NewHandler(store *oauth.SessionValueStore, config config.Spotify) *Handler {
authenticator := spotifyauth.New(
spotifyauth.WithRedirectURL(config.RedirectURI),
spotifyauth.WithScopes(spotifyauth.ScopeUserReadPrivate),
)

return &Handler{
store: store,
authenticator: authenticator,
}
}
41 changes: 41 additions & 0 deletions backend/internal/service/handler/oauth/state.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
package oauth

import (
"crypto/rand"
"encoding/base64"
"fmt"
"io"
"sync"
)

const (
stateLen = 64
bufferSize = stateLen
)

func GenerateState() (string, error) {
nonceBytes := getBuffer()
defer putBuffer(nonceBytes)
if _, err := io.ReadFull(rand.Reader, nonceBytes.data); err != nil {
return "", fmt.Errorf("source of randomness unavailable: %v", err.Error())
}
return base64.URLEncoding.EncodeToString(nonceBytes.data), nil
}

type buffer struct {
data []byte
}

var bufferPool = sync.Pool{
New: func() interface{} {
return &buffer{data: make([]byte, bufferSize)}
},
}

func getBuffer() *buffer {
return bufferPool.Get().(*buffer)
}

func putBuffer(buffer *buffer) {
bufferPool.Put(buffer)
}
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package handler
package users

import (
"platnm/internal/storage"
Expand Down
42 changes: 30 additions & 12 deletions backend/internal/service/server.go
Original file line number Diff line number Diff line change
@@ -1,8 +1,13 @@
package service

import (
"net/http"
"platnm/internal/config"
"platnm/internal/constants"
"platnm/internal/errs"
"platnm/internal/service/handler"
"platnm/internal/service/handler/oauth"
"platnm/internal/service/handler/oauth/spotify"
"platnm/internal/service/handler/users"
"platnm/internal/storage/postgres"

go_json "github.com/goccy/go-json"
Expand All @@ -12,32 +17,45 @@ import (
"github.com/gofiber/fiber/v2/middleware/logger"
"github.com/gofiber/fiber/v2/middleware/recover"
"github.com/gofiber/fiber/v2/middleware/requestid"
"github.com/jackc/pgx/v5/pgxpool"
"github.com/gofiber/fiber/v2/middleware/session"
"github.com/gofiber/storage/memory"
)

type Params struct {
Conn *pgxpool.Pool
}

func InitApp(params Params) *fiber.App {
func InitApp(config config.Config) *fiber.App {
app := setupApp()

setupRoutes(app, params.Conn)
setupRoutes(app, config)

return app
}

func setupRoutes(app *fiber.App, conn *pgxpool.Pool) {
func setupRoutes(app *fiber.App, config config.Config) {
app.Get("/health", func(c *fiber.Ctx) error {
return c.SendStatus(fiber.StatusOK)
return c.SendStatus(http.StatusOK)
})

repository := postgres.NewRepository(conn)
userHandler := handler.NewUserHandler(repository.User)
repository := postgres.NewRepository(config.DB)
userHandler := users.NewUserHandler(repository.User)
app.Route("/users", func(r fiber.Router) {
r.Get("/", userHandler.GetUsers)
r.Get("/:id", userHandler.GetUserById)
})

// this store can be passed to other oauth handlers that need to manage state/verifier values
store := oauth.NewSessionValueStore(session.Config{
Storage: memory.New(),
Expiration: constants.SessionDuration,
KeyLookup: "header:" + constants.HeaderSession,
})

// change to /oauth once its changed in spotify dashboard
app.Route("/auth", func(r fiber.Router) {
r.Route("/spotify", func(r fiber.Router) {
h := spotify.NewHandler(store, config.Spotify)
r.Get("/begin", h.Begin)
r.Get("/callback", h.Callback)
})
})
}

func setupApp() *fiber.App {
Expand Down
Loading
Loading