FilesExpand file tree

 multi-graphql

/

oauth.go

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

115 lines (103 loc) · 2.65 KB

 multi-graphql

/

oauth.go

Top

File metadata and controls

• Code
• Blame

115 lines (103 loc) · 2.65 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

package auth

import (

"crypto/rand"

"fmt"

"io"

"io/ioutil"

"net"

"net/http"

"net/url"

"os"

"os/exec"

"runtime"

"strings"

)

func randomString(length int) (string, error) {

b := make([]byte, length/2)

_, err := rand.Read(b)

if err != nil {

return "", err

}

return fmt.Sprintf("%x", b), nil

}

// OAuthFlow represents the setup for authenticating with GitHub

type OAuthFlow struct {

Hostname string

ClientID string

ClientSecret string

WriteSuccessHTML func(io.Writer)

}

// ObtainAccessToken guides the user through the browser OAuth flow on GitHub

// and returns the OAuth access token upon completion.

func (oa *OAuthFlow) ObtainAccessToken() (accessToken string, err error) {

state, _ := randomString(20)

code := ""

listener, err := net.Listen("tcp", "localhost:0")

if err != nil {

return

}

port := listener.Addr().(*net.TCPAddr).Port

q := url.Values{}

q.Set("client_id", oa.ClientID)

q.Set("redirect_uri", fmt.Sprintf("http://localhost:%d", port))

q.Set("scope", "repo")

q.Set("state", state)

startURL := fmt.Sprintf("https://%s/login/oauth/authorize?%s", oa.Hostname, q.Encode())

if err := openInBrowser(startURL); err != nil {

fmt.Fprintf(os.Stderr, "error opening web browser: %s\n", err)

fmt.Fprintf(os.Stderr, "Please open the following URL manually:\n%s\n", startURL)

}

http.Serve(listener, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

defer listener.Close()

rq := r.URL.Query()

if state != rq.Get("state") {

fmt.Fprintf(w, "Error: state mismatch")

return

}

code = rq.Get("code")

w.Header().Add("content-type", "text/html")

if oa.WriteSuccessHTML != nil {

oa.WriteSuccessHTML(w)

} else {

fmt.Fprintf(w, "<p>You have successfully authenticated. You may now close this page.</p>")

}

}))

resp, err := http.PostForm(fmt.Sprintf("https://%s/login/oauth/access_token", oa.Hostname),

url.Values{

"client_id": {oa.ClientID},

"client_secret": {oa.ClientSecret},

"code": {code},

"state": {state},

})

if err != nil {

return

}

defer resp.Body.Close()

body, err := ioutil.ReadAll(resp.Body)

if err != nil {

return

}

tokenValues, err := url.ParseQuery(string(body))

if err != nil {

return

}

accessToken = tokenValues.Get("access_token")

return

}

func openInBrowser(url string) error {

var args []string

switch runtime.GOOS {

case "darwin":

args = []string{"open"}

case "windows":

args = []string{"cmd", "/c", "start"}

r := strings.NewReplacer("&", "^&")

url = r.Replace(url)

default:

args = []string{"xdg-open"}

}

args = append(args, url)

cmd := exec.Command(args[0], args[1:]...)

cmd.Stderr = os.Stderr

return cmd.Run()

}