diff options
Diffstat (limited to 'ui/oauth2_callback.go')
| -rw-r--r-- | ui/oauth2_callback.go | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/ui/oauth2_callback.go b/ui/oauth2_callback.go index 0aecd1c..bd7c999 100644 --- a/ui/oauth2_callback.go +++ b/ui/oauth2_callback.go @@ -17,51 +17,50 @@ import ( "miniflux.app/ui/session" ) -// OAuth2Callback receives the authorization code and create a new session. -func (c *Controller) OAuth2Callback(w http.ResponseWriter, r *http.Request) { +func (h *handler) oauth2Callback(w http.ResponseWriter, r *http.Request) { clientIP := request.ClientIP(r) printer := locale.NewPrinter(request.UserLanguage(r)) - sess := session.New(c.store, request.SessionID(r)) + sess := session.New(h.store, request.SessionID(r)) provider := request.RouteStringParam(r, "provider") if provider == "" { logger.Error("[OAuth2] Invalid or missing provider") - html.Redirect(w, r, route.Path(c.router, "login")) + html.Redirect(w, r, route.Path(h.router, "login")) return } code := request.QueryStringParam(r, "code", "") if code == "" { logger.Error("[OAuth2] No code received on callback") - html.Redirect(w, r, route.Path(c.router, "login")) + html.Redirect(w, r, route.Path(h.router, "login")) return } state := request.QueryStringParam(r, "state", "") if state == "" || state != request.OAuth2State(r) { logger.Error(`[OAuth2] Invalid state value: got "%s" instead of "%s"`, state, request.OAuth2State(r)) - html.Redirect(w, r, route.Path(c.router, "login")) + html.Redirect(w, r, route.Path(h.router, "login")) return } - authProvider, err := getOAuth2Manager(c.cfg).Provider(provider) + authProvider, err := getOAuth2Manager(h.cfg).Provider(provider) if err != nil { logger.Error("[OAuth2] %v", err) - html.Redirect(w, r, route.Path(c.router, "login")) + html.Redirect(w, r, route.Path(h.router, "login")) return } profile, err := authProvider.GetProfile(code) if err != nil { logger.Error("[OAuth2] %v", err) - html.Redirect(w, r, route.Path(c.router, "login")) + html.Redirect(w, r, route.Path(h.router, "login")) return } logger.Info("[OAuth2] [ClientIP=%s] Successful auth for %s", clientIP, profile) if request.IsAuthenticated(r) { - user, err := c.store.UserByExtraField(profile.Key, profile.ID) + user, err := h.store.UserByExtraField(profile.Key, profile.ID) if err != nil { html.ServerError(w, r, err) return @@ -70,28 +69,28 @@ func (c *Controller) OAuth2Callback(w http.ResponseWriter, r *http.Request) { if user != nil { logger.Error("[OAuth2] User #%d cannot be associated because %s is already associated", request.UserID(r), user.Username) sess.NewFlashErrorMessage(printer.Printf("error.duplicate_linked_account")) - html.Redirect(w, r, route.Path(c.router, "settings")) + html.Redirect(w, r, route.Path(h.router, "settings")) return } - if err := c.store.UpdateExtraField(request.UserID(r), profile.Key, profile.ID); err != nil { + if err := h.store.UpdateExtraField(request.UserID(r), profile.Key, profile.ID); err != nil { html.ServerError(w, r, err) return } sess.NewFlashMessage(printer.Printf("alert.account_linked")) - html.Redirect(w, r, route.Path(c.router, "settings")) + html.Redirect(w, r, route.Path(h.router, "settings")) return } - user, err := c.store.UserByExtraField(profile.Key, profile.ID) + user, err := h.store.UserByExtraField(profile.Key, profile.ID) if err != nil { html.ServerError(w, r, err) return } if user == nil { - if !c.cfg.IsOAuth2UserCreationAllowed() { + if !h.cfg.IsOAuth2UserCreationAllowed() { html.Forbidden(w, r) return } @@ -101,13 +100,13 @@ func (c *Controller) OAuth2Callback(w http.ResponseWriter, r *http.Request) { user.IsAdmin = false user.Extra[profile.Key] = profile.ID - if err := c.store.CreateUser(user); err != nil { + if err := h.store.CreateUser(user); err != nil { html.ServerError(w, r, err) return } } - sessionToken, _, err := c.store.CreateUserSession(user.Username, r.UserAgent(), clientIP) + sessionToken, _, err := h.store.CreateUserSession(user.Username, r.UserAgent(), clientIP) if err != nil { html.ServerError(w, r, err) return @@ -115,16 +114,16 @@ func (c *Controller) OAuth2Callback(w http.ResponseWriter, r *http.Request) { logger.Info("[OAuth2] [ClientIP=%s] username=%s (%s) just logged in", clientIP, user.Username, profile) - c.store.SetLastLogin(user.ID) + h.store.SetLastLogin(user.ID) sess.SetLanguage(user.Language) sess.SetTheme(user.Theme) http.SetCookie(w, cookie.New( cookie.CookieUserSessionID, sessionToken, - c.cfg.IsHTTPS, - c.cfg.BasePath(), + h.cfg.IsHTTPS, + h.cfg.BasePath(), )) - html.Redirect(w, r, route.Path(c.router, "unread")) + html.Redirect(w, r, route.Path(h.router, "unread")) } |