github.com/avenga/couper@v1.12.2/accesscontrol/oauth2.go

github.com/avenga/couper@v1.12.2/accesscontrol/oauth2.go (about)

     1  package accesscontrol
     2  
     3  import (
     4  	"context"
     5  	"net/http"
     6  
     7  	"github.com/avenga/couper/config/request"
     8  	"github.com/avenga/couper/errors"
     9  	"github.com/avenga/couper/oauth2"
    10  )
    11  
    12  var _ AccessControl = &OAuth2Callback{}
    13  
    14  // OAuth2Callback represents the access control for the OAuth2 authorization code flow callback.
    15  type OAuth2Callback struct {
    16  	oauth2Client oauth2.AuthCodeFlowClient
    17  	name         string
    18  }
    19  
    20  // NewOAuth2Callback creates a new access control for the OAuth2 authorization code flow callback.
    21  func NewOAuth2Callback(oauth2Client oauth2.AuthCodeFlowClient, name string) *OAuth2Callback {
    22  	return &OAuth2Callback{
    23  		oauth2Client: oauth2Client,
    24  		name:         name,
    25  	}
    26  }
    27  
    28  // Validate implements the AccessControl interface
    29  func (oa *OAuth2Callback) Validate(req *http.Request) error {
    30  	if req.Method != http.MethodGet {
    31  		return errors.Oauth2.Messagef("wrong method (%s)", req.Method)
    32  	}
    33  
    34  	tokenResponseData, err := oa.oauth2Client.ExchangeCodeAndGetTokenResponse(req, req.URL)
    35  	if err != nil {
    36  		return err
    37  	}
    38  
    39  	ctx := req.Context()
    40  	acMap, ok := ctx.Value(request.AccessControls).(map[string]interface{})
    41  	if !ok {
    42  		acMap = make(map[string]interface{})
    43  	}
    44  	acMap[oa.name] = tokenResponseData
    45  	ctx = context.WithValue(ctx, request.AccessControls, acMap)
    46  	*req = *req.WithContext(ctx)
    47  
    48  	return nil
    49  }