diff --git a/controller/oauth_controller.go b/controller/oauth_controller.go index 09a62c4..ce43dcc 100644 --- a/controller/oauth_controller.go +++ b/controller/oauth_controller.go @@ -163,6 +163,11 @@ func OauthAuthorize(c *gin.Context) { } else { prompt = "consent" } + reponseType := c.Query("response_type") + if reponseType == "" { + reponseType = "code" + } + // Handle Validate Request if c.Request.Method == "GET" { c.JSON(http.StatusOK, gin.H{ @@ -173,20 +178,24 @@ func OauthAuthorize(c *gin.Context) { }) return } + // Handle Authorize Request - code, err := service.GenerateAuthorizationCode(clientID, GetRequestUserID(c), scope) - if err != nil { - c.JSON(http.StatusInternalServerError, gin.H{"message": err.Error()}) - return - } - go service.CreateLogin(model.UserLogin{ + defer service.CreateLogin(model.UserLogin{ UserID: GetRequestUserID(c), Destination: clientID, Scope: scope, IPAddress: c.ClientIP(), LoginType: "oauth", }) - c.JSON(http.StatusOK, code) + if reponseType == "code" { + code, err := service.GenerateAuthorizationCode(clientID, GetRequestUserID(c), scope) + if err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"message": err.Error()}) + return + } + c.JSON(http.StatusOK, code) + return + } } func OauthExchange(c *gin.Context) { diff --git a/controller/route_controller.go b/controller/route_controller.go index 9a5149c..5514820 100644 --- a/controller/route_controller.go +++ b/controller/route_controller.go @@ -31,8 +31,8 @@ func SetupRouter() *gin.Engine { func InitializeRoutes(router *gin.Engine) { router.GET("/ping", Ping) - router.GET("/jwks.json", GetJWKS) - router.GET("/openid-configuration", GetOpenIDConfig) + router.GET("/config/jwks.json", GetJWKS) + router.GET("/config/openid-configuration", GetOpenIDConfig) router.POST("/auth/register", RegisterAccountPassword) router.POST("/auth/login", LoginAccount) router.POST("/auth/login/discord", LoginDiscord) diff --git a/model/auth.go b/model/auth.go index d1196f6..c85a58e 100644 --- a/model/auth.go +++ b/model/auth.go @@ -16,8 +16,8 @@ type TokenResponse struct { } type AuthClaims struct { - Email string `json:"email"` - Scope string `json:"scope"` + Email string `json:"email,omitempty"` + Scope string `json:"scope,omitempty"` jwt.RegisteredClaims } diff --git a/service/auth_service.go b/service/auth_service.go index fc08203..5f4f7a7 100644 --- a/service/auth_service.go +++ b/service/auth_service.go @@ -14,6 +14,7 @@ import ( "unicode" "github.com/golang-jwt/jwt/v4" + "github.com/google/uuid" "golang.org/x/crypto/bcrypt" ) @@ -133,7 +134,8 @@ func GenerateJWT(userID string, email string, scope string, client_id string) (s Email: email, Scope: scope, RegisteredClaims: jwt.RegisteredClaims{ - ID: userID, + ID: uuid.NewString(), + Subject: userID, Issuer: "https://sso.gauchoracing.com/", Audience: jwt.ClaimStrings{client_id}, IssuedAt: jwt.NewNumericDate(time.Now()), diff --git a/web/netlify.toml b/web/netlify.toml index 3d69fee..4ad6c5b 100644 --- a/web/netlify.toml +++ b/web/netlify.toml @@ -4,6 +4,12 @@ status = 200 force = true +[[redirects]] + from = "/.well-known/*" + to = "https://sentinel-api.gauchoracing.com/config/:splat" + status = 200 + force = true + [[redirects]] from = "/*" to = "/index.html"