-
Notifications
You must be signed in to change notification settings - Fork 3
/
server.go
69 lines (59 loc) · 1.67 KB
/
server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package auth
import (
"net/http"
log "git.sr.ht/~mariusor/lw"
vocab "github.com/go-ap/activitypub"
"github.com/openshift/osin"
)
type Account vocab.Actor
func (a *Account) IsLogged() bool {
if a == nil {
return false
}
if a.ID == vocab.PublicNS {
return false
}
return true
}
type Server struct {
*osin.Server
localURLs vocab.IRIs
account Account
cl Client
l log.Logger
}
// ID is the type of authorization that IndieAuth is using
const ID = osin.AuthorizeRequestType("id")
var (
DefaultAuthorizeTypes = osin.AllowedAuthorizeType{osin.CODE, osin.TOKEN, ID}
DefaultAccessTypes = osin.AllowedAccessType{osin.AUTHORIZATION_CODE, osin.REFRESH_TOKEN, osin.PASSWORD /*osin.CLIENT_CREDENTIALS*/}
DefaultConfig = osin.ServerConfig{
AuthorizationExpiration: 86400,
AccessExpiration: 2678400,
TokenType: "Bearer",
AllowedAuthorizeTypes: DefaultAuthorizeTypes,
AllowedAccessTypes: DefaultAccessTypes,
ErrorStatusCode: http.StatusForbidden,
AllowClientSecretInParams: false,
AllowGetAccessRequest: false,
RetainTokenAfterRefresh: true,
RedirectUriSeparator: "\n",
//RequirePKCEForPublicClients: true,
}
)
func NewServer(store osin.Storage, l log.Logger) (*osin.Server, error) {
s := osin.NewServer(&DefaultConfig, store)
logFn := EmptyLogFn
errFn := EmptyLogFn
if l != nil {
logFn = func(ctx log.Ctx, format string, v ...interface{}) {
l.WithContext(ctx).Infof(format, v...)
}
errFn = func(ctx log.Ctx, format string, v ...interface{}) {
l.WithContext(ctx).Infof(format, v...)
}
}
var err error
s.Logger, err = NewLogger(LogFn(logFn), ErrFn(errFn))
return s, err
}