OAuth Integration #891
OAuth Integration #891
Conversation
There was a problem hiding this comment.
nits then LGTM. also, can we test outlook before merging this?
good stuff @alderwhiteford the gopher
| } | ||
|
|
||
| // Extract the user making the call: | ||
| userID := c.Locals("userID").(string) |
There was a problem hiding this comment.
we should use a private type as the key to avoid any potential collisions
There was a problem hiding this comment.
also, isn't this stored in the custom claims as the issuer? it is set here when logging in
| } | ||
|
|
||
| // Create a CSRF Token: | ||
| csrfToken, err := auth.GenerateURLSafeToken(32) |
There was a problem hiding this comment.
let's make this length a constant
| config := client.ResourceClient.GetConfig() | ||
| tokenUrl := fmt.Sprintf("%s/token", config.TokenURL) | ||
|
|
||
| fmt.Println(tokenUrl) |
| if err != nil { | ||
| return nil, err | ||
| } | ||
| req.Header.Set("Content-Type", "application/x-www-form-urlencoded") |
There was a problem hiding this comment.
i can help clean this up with some new helpers in backend/utilities/http.go
| package base | ||
|
|
||
| import ( | ||
| "encoding/json" |
There was a problem hiding this comment.
fast json marshalling/unmarshalling library we are using instead
| "encoding/json" | |
| go_json "github.com/goccy/go-json" |
|
|
||
| func DeleteOAuthToken(db *gorm.DB, userID uuid.UUID, resourceType models.OAuthResource) error { | ||
| if err := db.Where("user_id = ? AND resource_type = ?", userID, resourceType).Delete(&models.UserOAuthTokens{}).Error; err != nil { | ||
| return err |
backend/integrations/oauth/google.go
Outdated
| } | ||
|
|
||
| func (client *GoogleOAuthClient) AuthorizeURL(state string) string { | ||
| return (client.OAuthConfig.BaseURL + "/auth?" + |
There was a problem hiding this comment.
here is an example of using the stdlib's url type to build -> https://noahkreiger.medium.com/golang-building-dynamic-urls-4e93cab86e72
| return client.OAuthConfig | ||
| } | ||
|
|
||
| func (client *GoogleOAuthClient) Revoke(token string) error { |
There was a problem hiding this comment.
again, i can help clean this up with more http utilities
backend/integrations/oauth/google.go
Outdated
| func (client *GoogleOAuthClient) Revoke(token string) error { | ||
| revokeUrl := fmt.Sprintf("%s/revoke?token=%s", client.OAuthConfig.TokenURL, token) | ||
|
|
||
| req, err := http.NewRequest("POST", revokeUrl, strings.NewReader("")) |
There was a problem hiding this comment.
should it be nil instead of strings.NewReader("")?
| OAuthConfig config.OAuthSettings | ||
| } | ||
|
|
||
| func (client *OutlookOAuthClient) AuthorizeURL(state string) string { |
garrettladley
requested review from
a team,
DOOduneye and
garrettladley
and removed request for
a team
There was a problem hiding this comment.
LGTM @alderwhiteford ! 👨🍳 🔥 created the issues you mentioned in the description
Fully functioning for Google. Need to test revocation for Outlook then it will be good to go. Also need to update string concatenation - mentioned by Garrett in last PR review
Next Steps: