liquid_feedback_frontend
diff app/main/oauth2_client/callback.lua @ 1703:5eb8b596f7d4
Added OAuth2 client code
| author | bsw |
|---|---|
| date | Mon Sep 27 10:58:14 2021 +0200 (2021-09-27) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/app/main/oauth2_client/callback.lua Mon Sep 27 10:58:14 2021 +0200 1.3 @@ -0,0 +1,88 @@ 1.4 +local provider = param.get("provider") 1.5 +local provider_config = config.oauth2_providers[provider] 1.6 +if not provider_config then 1.7 + return 1.8 +end 1.9 + 1.10 + 1.11 +local error = param.get("error") 1.12 + 1.13 +if error then 1.14 + ui.heading{ content = "OAuth error" } 1.15 + ui.container{ content = error } 1.16 + return 1.17 +end 1.18 + 1.19 +local state = param.get("state") 1.20 + 1.21 +if state ~= app.session:additional_secret_for("oauth") then 1.22 + ui.heading{ content = "OAuth error" } 1.23 + ui.container{ content = "state invalid" } 1.24 + return 1.25 +end 1.26 + 1.27 +local code = param.get("code") 1.28 + 1.29 +local params = { 1.30 + code = code, 1.31 + client_id = provider_config.client_id, 1.32 + client_secret = provider_config.client_secret, 1.33 + redirect_uri = request.get_absolute_baseurl() .. "oauth2_client/callback.html?provider=" .. provider, 1.34 + grant_type = "authorization_code" 1.35 +} 1.36 + 1.37 +local params_list = {} 1.38 +for key, val in pairs(params) do 1.39 + table.insert(params_list, encode.url_part(key) .. "=" .. encode.url_part(val)) 1.40 +end 1.41 + 1.42 +local r = table.concat(params_list, "&") 1.43 + 1.44 +local output, err, status = extos.pfilter(nil, "curl", "-X", "POST", "-d", r, provider_config.token_url) 1.45 + 1.46 +local result = json.import(output) 1.47 + 1.48 +local url = provider_config.id_url .. "?access_token=" .. encode.url_part(result.access_token) 1.49 + 1.50 +local output, err, status = extos.pfilter(nil, "curl", url) 1.51 + 1.52 +local id_result = json.import(output) 1.53 + 1.54 +local id = id_result[provider_config.id_field] 1.55 +local email = id_result[provider_config.email_field] 1.56 + 1.57 +if id then 1.58 + local member = Member:new_selector() 1.59 + :add_where{ "authority = ?", "oauth2_" .. provider } 1.60 + :add_where{ "authority_uid = ?", id } 1.61 + :optional_object_mode() 1.62 + :exec() 1.63 + 1.64 + if not member then 1.65 + member = Member:new() 1.66 + member.authority = "oauth2_" .. provider 1.67 + member.authority_uid = id 1.68 + member.notify_email = email 1.69 + member.name = "Member " .. id 1.70 + member.identification = "Member " .. id 1.71 + member.activated = "now" 1.72 + member:save() 1.73 + for i, unit_id in ipairs(provider_config.unit_ids) do 1.74 + local privilege = Privilege:new() 1.75 + privilege.member_id = member.id 1.76 + privilege.unit_id = unit_id 1.77 + privilege.initiative_right = true 1.78 + privilege.voting_right = true 1.79 + privilege:save() 1.80 + end 1.81 + end 1.82 + member.last_login = "now" 1.83 + member.last_activity = "now" 1.84 + member.active = true 1.85 + member:save() 1.86 + app.session.member = member 1.87 + app.session:save() 1.88 + request.redirect{ external = request.get_absolute_baseurl() } 1.89 + 1.90 +end 1.91 +