Compare commits
5 Commits
59a6250e2b
...
8bc3a67281
Author | SHA1 | Date |
---|---|---|
Maxim Lebedev | 8bc3a67281 | |
Maxim Lebedev | 803999f201 | |
Maxim Lebedev | fa2216a318 | |
Maxim Lebedev | 5e16137342 | |
Maxim Lebedev | 4232743b00 |
|
@ -3,6 +3,7 @@ package http
|
||||||
import (
|
import (
|
||||||
"crypto/subtle"
|
"crypto/subtle"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/goccy/go-json"
|
"github.com/goccy/go-json"
|
||||||
|
@ -219,7 +220,8 @@ func (h *Handler) handleVerify(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
q := req.RedirectURI.Query()
|
redirect, _ := url.Parse(req.RedirectURI.String())
|
||||||
|
q := redirect.Query()
|
||||||
|
|
||||||
for key, val := range map[string]string{
|
for key, val := range map[string]string{
|
||||||
"code": code,
|
"code": code,
|
||||||
|
@ -229,9 +231,9 @@ func (h *Handler) handleVerify(w http.ResponseWriter, r *http.Request) {
|
||||||
q.Set(key, val)
|
q.Set(key, val)
|
||||||
}
|
}
|
||||||
|
|
||||||
req.RedirectURI.RawQuery = q.Encode()
|
redirect.RawQuery = q.Encode()
|
||||||
|
|
||||||
http.Redirect(w, r, req.RedirectURI.String(), http.StatusFound)
|
http.Redirect(w, r, redirect.String(), http.StatusFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (h *Handler) handleExchange(w http.ResponseWriter, r *http.Request) {
|
func (h *Handler) handleExchange(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"crypto/sha512"
|
"crypto/sha512"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"hash"
|
"hash"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
@ -36,7 +37,7 @@ var (
|
||||||
|
|
||||||
var ErrCodeChallengeMethodUnknown error = NewError(
|
var ErrCodeChallengeMethodUnknown error = NewError(
|
||||||
ErrorCodeInvalidRequest,
|
ErrorCodeInvalidRequest,
|
||||||
"unknown code_challene_method",
|
"unknown code_challenge_method",
|
||||||
"https://indieauth.net/source/#authorization-request",
|
"https://indieauth.net/source/#authorization-request",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -61,27 +62,30 @@ func ParseCodeChallengeMethod(uid string) (CodeChallengeMethod, error) {
|
||||||
|
|
||||||
// UnmarshalForm implements custom unmarshler for form values.
|
// UnmarshalForm implements custom unmarshler for form values.
|
||||||
func (ccm *CodeChallengeMethod) UnmarshalForm(v []byte) error {
|
func (ccm *CodeChallengeMethod) UnmarshalForm(v []byte) error {
|
||||||
method, err := ParseCodeChallengeMethod(string(v))
|
parsed, err := ParseCodeChallengeMethod(string(v))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("CodeChallengeMethod: UnmarshalForm: %w", err)
|
return fmt.Errorf("CodeChallengeMethod: UnmarshalForm: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
*ccm = method
|
*ccm = parsed
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// UnmarshalJSON implements custom unmarshler for JSON.
|
// UnmarshalJSON implements custom unmarshler for JSON.
|
||||||
func (ccm *CodeChallengeMethod) UnmarshalJSON(v []byte) error {
|
func (ccm *CodeChallengeMethod) UnmarshalJSON(v []byte) error {
|
||||||
src, err := strconv.Unquote(string(v))
|
unquoted, err := strconv.Unquote(string(v))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("CodeChallengeMethod: UnmarshalJSON: %w", err)
|
return fmt.Errorf("CodeChallengeMethod: UnmarshalJSON: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if *ccm, err = ParseCodeChallengeMethod(src); err != nil {
|
parsed, err := ParseCodeChallengeMethod(unquoted)
|
||||||
|
if err != nil && !errors.Is(err, ErrCodeChallengeMethodUnknown) {
|
||||||
return fmt.Errorf("CodeChallengeMethod: UnmarshalJSON: %w", err)
|
return fmt.Errorf("CodeChallengeMethod: UnmarshalJSON: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
*ccm = parsed
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,86 @@
|
||||||
|
// This package represent a simple tool for emulate simple localhost user domain
|
||||||
|
// onepage with support localhost IndieAuth instance.
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"flag"
|
||||||
|
"fmt"
|
||||||
|
"log"
|
||||||
|
"net/http"
|
||||||
|
"os"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"source.toby3d.me/toby3d/auth/internal/common"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
template string = `<!DOCKTYPE html>` +
|
||||||
|
`<html>` +
|
||||||
|
`<head>` +
|
||||||
|
`<title>Playground homepage</title>` +
|
||||||
|
`%[1]s` +
|
||||||
|
`</head>` +
|
||||||
|
`<body>` +
|
||||||
|
`<form method="get" action="%[3]s/authorize">` +
|
||||||
|
`<input type="url" name="me" placeholder="http://localhost/">` +
|
||||||
|
`<input type="hidden" name="response_type" value="code">` +
|
||||||
|
`<input type="hidden" name="state" value="hackme">` +
|
||||||
|
`<input type="hidden" name="client_id" value="%[3]s/">` +
|
||||||
|
`<input type="hidden" name="redirect_uri" value="%[3]s/callback">` +
|
||||||
|
`<input type="hidden" name="scope" value="profile email">` +
|
||||||
|
`<button type="submit">Sign In</button>` +
|
||||||
|
`</form>` +
|
||||||
|
`</body>` +
|
||||||
|
`</html>`
|
||||||
|
templateLinksDeprecated string = `<link rel="authorization_endpoint" href="%[1]s/authorize">` +
|
||||||
|
`<link rel="token_endpoint" href="%[1]s/token">`
|
||||||
|
templateLinksModern string = `<link rel="indieauth-metadata" href="%s/metadata">`
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
target *string = flag.String("target", "http://127.0.0.1:3000", "set specific IndieAuth server addr")
|
||||||
|
addr *string = flag.String("addr", ":8080", "set specific port for pseudo homepage")
|
||||||
|
deprecated *bool = flag.Bool("deprecated", false, "enable deprecated handlers and links")
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
flag.Parse()
|
||||||
|
|
||||||
|
log := log.New(os.Stdout, "homepage\t", log.LstdFlags)
|
||||||
|
server := http.Server{
|
||||||
|
Addr: *addr,
|
||||||
|
Handler: NewHandler(*addr, *target, *deprecated),
|
||||||
|
DisableGeneralOptionsHandler: false,
|
||||||
|
TLSConfig: nil,
|
||||||
|
ReadTimeout: 500 * time.Millisecond,
|
||||||
|
ReadHeaderTimeout: 0,
|
||||||
|
WriteTimeout: 500 * time.Millisecond,
|
||||||
|
IdleTimeout: 0,
|
||||||
|
MaxHeaderBytes: 0,
|
||||||
|
TLSNextProto: nil,
|
||||||
|
ConnState: nil,
|
||||||
|
ErrorLog: log,
|
||||||
|
BaseContext: nil,
|
||||||
|
ConnContext: nil,
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Println("started pseudo homepage on", *addr)
|
||||||
|
if err := server.ListenAndServe(); err != nil {
|
||||||
|
log.Fatalln(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewHandler(addr, target string, deprecated bool) http.HandlerFunc {
|
||||||
|
partial := fmt.Sprintf(templateLinksModern, target)
|
||||||
|
|
||||||
|
if deprecated {
|
||||||
|
partial = fmt.Sprintf(templateLinksDeprecated, target)
|
||||||
|
}
|
||||||
|
|
||||||
|
tpl := fmt.Sprintf(template, partial, addr, target)
|
||||||
|
|
||||||
|
return func(w http.ResponseWriter, _ *http.Request) {
|
||||||
|
w.Header().Set(common.HeaderContentType, common.MIMETextHTMLCharsetUTF8)
|
||||||
|
fmt.Fprint(w, tpl)
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue