make oauth as a service

2023-09-21 14:21:14 +07:00 · 2023-09-21 14:21:14 +07:00 · dbc741ccf6
commit dbc741ccf6
parent da4110a47b
5 changed files with 160 additions and 97 deletions
--- a/server/server.go
+++ b/server/server.go
@ -7,18 +7,19 @@ import (
 	"io"
 	"log"
 	"net/http"
-	"net/url"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"recipe-manager/config"
 	"recipe-manager/data"
 	"recipe-manager/routers"
+	"recipe-manager/services/oauth"
 	"strings"

 	"github.com/go-chi/chi/v5"
 	"github.com/go-chi/cors"
 	"github.com/spf13/viper"
+	"golang.org/x/oauth2"
 )

 func loadConfig(path string) (*config.ServerConfig, error) {
@ -46,6 +47,7 @@ type Server struct {
 	server *http.Server
 	data   *data.Data
 	cfg    *config.ServerConfig
+	oauth  oauth.OAuthService
 }

 func NewServer() *Server {
@ -60,6 +62,7 @@ func NewServer() *Server {
 		server: &http.Server{Addr: fmt.Sprintf(":%d", serverCfg.ServerPort)},
 		data:   data.NewData(),
 		cfg:    serverCfg,
+		oauth:  oauth.NewOAuthService(serverCfg),
 	}
 }

@ -85,7 +88,7 @@ func (s *Server) createHandler() {

 	// Auth Router
 	r.Group(func(r chi.Router) {
-		ar := routers.NewAuthRouter(s.cfg)
+		ar := routers.NewAuthRouter(s.cfg, s.oauth)
 		ar.Route(r)
 	})

@ -94,31 +97,33 @@ func (s *Server) createHandler() {

 		r.Use(func(next http.Handler) http.Handler {
 			return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				token := &oauth2.Token{}

-				cookie, err := r.Cookie("access_token")
-
-				if err != nil {
-					w.WriteHeader(http.StatusUnauthorized)
-					return
+				if cookie, err := r.Cookie("access_token"); err == nil {
+					token.AccessToken = cookie.Value
 				}

-				// verify token by request to google api
-				res, err := http.Get("https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=" + url.QueryEscape(cookie.Value))
+				user, err := s.oauth.GetUserInfo(r.Context(), token)

 				if err != nil {
-					w.WriteHeader(http.StatusUnauthorized)
-					return
+					// if have refresh token, set refresh token to token
+					if cookie, err := r.Cookie("refresh_token"); err == nil {
+						token.RefreshToken = cookie.Value
+					}
+
+					newToken, err := s.oauth.RefreshToken(r.Context(), token)
+
+					if err != nil {
+						http.Error(w, "Unauthorized", http.StatusUnauthorized)
+						return
+					}
+
+					// set new token to cookie
+					w.Header().Add("set-cookie", fmt.Sprintf("access_token=%s; Path=/; HttpOnly; SameSite=None; Secure; Max-Age=3600", newToken.AccessToken))
 				}

-				defer res.Body.Close()
-
-				log.Println("res: ", res)
-				var tokenInfo map[string]interface{}
-				json.NewDecoder(res.Body).Decode(&tokenInfo)
-
-				context := context.WithValue(r.Context(), "user", tokenInfo)
-				log.Println("decode res: ", tokenInfo["email"])
-				next.ServeHTTP(w, r.WithContext(context))
+				ctx := context.WithValue(r.Context(), "user", user)
+				next.ServeHTTP(w, r.WithContext(ctx))
 			})
 		})