Asai Neko
2c312a545a
All checks were successful
Server Check Build (NixCN CMS) TeamCity build finished
Signed-off-by: Asai Neko <sugar@sne.moe>
71 lines
2.5 KiB
Go
71 lines
2.5 KiB
Go
package auth
|
|
|
|
import (
|
|
"errors"
|
|
"nixcn-cms/internal/exception"
|
|
"nixcn-cms/service/service_auth"
|
|
"nixcn-cms/tracer"
|
|
"nixcn-cms/utils"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// Redirect handles the post-verification callback and redirects the user to the target application.
|
|
//
|
|
// @Summary Handle Auth Callback and Redirect
|
|
// @Description Verifies the temporary email code, ensures the user exists (or creates one), validates the client's redirect URI, and finally performs a 302 redirect with a new authorization code.
|
|
// @Tags Authentication
|
|
// @Accept x-www-form-urlencoded
|
|
// @Produce json
|
|
// @Produce html
|
|
// @Param client_id query string true "Client Identifier"
|
|
// @Param redirect_uri query string true "Target Redirect URI"
|
|
// @Param code query string true "Temporary Verification Code"
|
|
// @Param state query string false "Opaque state used to maintain state between the request and callback"
|
|
// @Success 302 {string} string "Redirect to the provided RedirectUri with a new code"
|
|
// @Failure 400 {object} utils.RespStatus{data=nil} "Invalid Input / Client Not Found / URI Mismatch"
|
|
// @Failure 403 {object} utils.RespStatus{data=nil} "Invalid or Expired Verification Code"
|
|
// @Failure 500 {object} utils.RespStatus{data=nil} "Internal Server Error"
|
|
// @Router /auth/redirect [get]
|
|
func (self *AuthHandler) Redirect(c *gin.Context) {
|
|
ctx, span := tracer.StartSpan(
|
|
c.Request.Context(),
|
|
"api_auth",
|
|
"redirect",
|
|
)
|
|
defer span.End()
|
|
|
|
ctx = exception.ContextWithEndpoint(ctx, exception.EndpointAuthRedirect)
|
|
ctx = exception.ContextWithService(ctx, exception.ServiceEndpoint)
|
|
|
|
data := &service_auth.RedirectData{
|
|
ClientId: c.Query("client_id"),
|
|
RedirectUri: c.Query("redirect_uri"),
|
|
State: c.Query("state"),
|
|
Code: c.Query("code"),
|
|
}
|
|
|
|
if data.ClientId == "" || data.RedirectUri == "" || data.Code == "" {
|
|
errorCode := exception.New(
|
|
exception.WithStatus(exception.StatusUser),
|
|
exception.WithType(exception.TypeCommon),
|
|
exception.WithOriginal(exception.CommonErrorInvalidInput),
|
|
exception.WithError(errors.New("Invalid Input")),
|
|
).Throw(ctx).String()
|
|
utils.HttpResponse(c, 400, errorCode)
|
|
return
|
|
}
|
|
|
|
result := self.svc.Redirect(&service_auth.RedirectPayload{
|
|
Context: ctx,
|
|
Data: data,
|
|
})
|
|
|
|
if result.Common.Exception.Original != exception.CommonSuccess {
|
|
utils.HttpResponse(c, result.Common.HttpCode, result.Common.Exception.String())
|
|
return
|
|
}
|
|
|
|
c.Redirect(302, result.Data)
|
|
}
|