Merge pull request #10 from daystram/dev

daystram · Jan 8, 2021 · 02cdf47 · 02cdf47
2 parents d83a754 + 67d9d15
commit 02cdf47
Show file tree

Hide file tree

Showing 8 changed files with 57 additions and 31 deletions.
diff --git a/ratify-be/controllers/oauth/token.go b/ratify-be/controllers/oauth/token.go
@@ -44,7 +44,7 @@ func POSTToken(c *gin.Context) {
 			return
 		}
 		if flow == constants.FlowAuthorizationCode {
-			if tokenRequest.ClientSecret != application.ClientSecret {
+			if err = bcrypt.CompareHashAndPassword([]byte(application.ClientSecret), []byte(tokenRequest.ClientSecret)); err != nil {
 				c.JSON(http.StatusUnauthorized, datatransfers.APIResponse{Error: "invalid client_secret"})
 				return
 			}
@@ -107,10 +107,33 @@ func POSTIntrospect(c *gin.Context) {
 		c.JSON(http.StatusNotFound, datatransfers.APIResponse{Error: "application not found"})
 		return
 	}
-	if err = bcrypt.CompareHashAndPassword([]byte(introspectRequest.ClientSecret), []byte(application.ClientSecret)); err != nil {
+	if err = bcrypt.CompareHashAndPassword([]byte(application.ClientSecret), []byte(introspectRequest.ClientSecret)); err != nil {
 		c.JSON(http.StatusNotFound, datatransfers.APIResponse{Error: "invalid client_secret"})
 		return
 	}
 	c.JSON(http.StatusOK, tokenInfo)
 	return
 }
+
+// @Summary Get user info from access_token
+// @Tags oauth
+// @Security BearerAuth
+// @Success 200 "OK"
+// @Router /oauth/userinfo [GET]
+func GETUserInfo(c *gin.Context) {
+	var err error
+	var user models.User
+	if user, err = handlers.Handler.RetrieveUserBySubject(c.GetString(constants.UserSubjectKey)); err != nil {
+		c.JSON(http.StatusNotFound, datatransfers.APIResponse{Error: "user not found"})
+		return
+	}
+	c.JSON(http.StatusOK, datatransfers.UserInfo{
+		FamilyName:    user.FamilyName,
+		GivenName:     user.GivenName,
+		Subject:       user.Subject,
+		Username:      user.Username,
+		Email:         user.Email,
+		EmailVerified: user.EmailVerified,
+	})
+	return
+}
diff --git a/ratify-be/controllers/v1/user.go b/ratify-be/controllers/v1/user.go
@@ -25,12 +25,13 @@ func GETUser(c *gin.Context) {
 		return
 	}
 	c.JSON(http.StatusOK, datatransfers.APIResponse{Data: datatransfers.UserInfo{
-		FamilyName: user.FamilyName,
-		GivenName:  user.GivenName,
-		Subject:    user.Subject,
-		Username:   user.Username,
-		Email:      user.Email,
-		CreatedAt:  user.CreatedAt,
+		FamilyName:    user.FamilyName,
+		GivenName:     user.GivenName,
+		Subject:       user.Subject,
+		Username:      user.Username,
+		Email:         user.Email,
+		EmailVerified: user.EmailVerified,
+		CreatedAt: user.CreatedAt,
 	}})
 	return
 }

diff --git a/ratify-be/datatransfers/user.go b/ratify-be/datatransfers/user.go
@@ -20,10 +20,11 @@ type UserUpdate struct {
 }
 
 type UserInfo struct {
-	GivenName  string `json:"given_name"`
-	FamilyName string `json:"family_name"`
-	Subject    string `json:"sub"`
-	Username   string `uri:"preferred_username" json:"preferred_username"`
-	Email      string `json:"email"`
-	CreatedAt  int64  `json:"created_at"`
+	GivenName     string `json:"given_name"`
+	FamilyName    string `json:"family_name"`
+	Subject       string `json:"sub"`
+	Username      string `uri:"preferred_username" json:"preferred_username"`
+	Email         string `json:"email"`
+	EmailVerified bool   `json:"email_verified"`
+	CreatedAt     int64  `json:"created_at"`
 }
diff --git a/ratify-be/router/router.go b/ratify-be/router/router.go
@@ -51,6 +51,7 @@ func InitializeRouter() (router *gin.Engine) {
 		oauthV1.POST("/authorize", oauth.POSTAuthorize)
 		oauthV1.POST("/token", oauth.POSTToken)
 		oauthV1.POST("/introspect", oauth.POSTIntrospect)
+		oauthV1.GET("/userinfo", middleware.AuthMiddleware, utils.AuthOnly, oauth.GETUserInfo)
 		oauthV1.POST("/logout", middleware.AuthMiddleware, utils.AuthOnly, oauth.POSTLogout)
 	}
 	return

diff --git a/ratify-fe/src/views/Signup.vue b/ratify-fe/src/views/Signup.vue
@@ -327,10 +327,10 @@ export default Vue.extend({
             api.user
               .signup({
                 /* eslint-disable @typescript-eslint/camelcase */
-                given_name: this.firstname,
-                family_name: this.lastname,
-                preferred_username: this.username,
-                email: this.email,
+                given_name: this.firstname.trim(),
+                family_name: this.lastname.trim(),
+                preferred_username: this.username.trim(),
+                email: this.email.trim(),
                 password: this.password
                 /* eslint-enable @typescript-eslint/camelcase */
               })

diff --git a/ratify-fe/src/views/manage/Profile.vue b/ratify-fe/src/views/manage/Profile.vue
@@ -335,9 +335,9 @@ export default Vue.extend({
             api.user
               .update({
                 /* eslint-disable @typescript-eslint/camelcase */
-                given_name: this.user.givenName,
-                family_name: this.user.familyName,
-                email: this.user.email
+                given_name: this.user.givenName.trim(),
+                family_name: this.user.familyName.trim(),
+                email: this.user.email.trim()
                 /* eslint-enable @typescript-eslint/camelcase */
               })
               .then(() => {

diff --git a/ratify-fe/src/views/manage/application/ApplicationDetail.vue b/ratify-fe/src/views/manage/application/ApplicationDetail.vue
@@ -677,11 +677,11 @@ export default Vue.extend({
             api.application
               .update(this.application.clientId, {
                 /* eslint-disable @typescript-eslint/camelcase */
-                name: this.application.name,
-                description: this.application.description,
-                login_url: this.application.loginURL,
-                callback_url: this.application.callbackURL,
-                logout_url: this.application.logoutURL
+                name: this.application.name.trim(),
+                description: this.application.description.trim(),
+                login_url: this.application.loginURL.trim(),
+                callback_url: this.application.callbackURL.trim(),
+                logout_url: this.application.logoutURL.trim()
                 /* eslint-enable @typescript-eslint/camelcase */
               })
               .then(response => {

diff --git a/ratify-fe/src/views/manage/application/ApplicationList.vue b/ratify-fe/src/views/manage/application/ApplicationList.vue
@@ -365,11 +365,11 @@ export default Vue.extend({
         api.application
           .register({
             /* eslint-disable @typescript-eslint/camelcase */
-            name: this.create.name,
-            description: this.create.description,
-            login_url: this.create.logoutURL,
-            callback_url: this.create.callbackURL,
-            logout_url: this.create.logoutURL
+            name: this.create.name.trim(),
+            description: this.create.description.trim(),
+            login_url: this.create.logoutURL.trim(),
+            callback_url: this.create.callbackURL.trim(),
+            logout_url: this.create.logoutURL.trim()
             /* eslint-enable @typescript-eslint/camelcase */
           })
           .then(response => {