nicoeri/filebrowser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: redirect to requested URL path after OIDC authenticaton

Browse Source
This commit is contained in:
Marcell FÜLÖP 2023-02-20 09:25:16 +00:00
parent e89d343e23
commit e2ac1ad707
3 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
auth/oidc.go
View File

@ -55,7 +55,6 @@ func (o *OAuthClient) InitClient() {
ctx := context.Background() ctx := context.Background()
provider, err := oidc.NewProvider(ctx, o.Issuer) provider, err := oidc.NewProvider(ctx, o.Issuer)
if err != nil { if err != nil {
fmt.Println(err)
log.Fatal(err) log.Fatal(err)
} }
@ -74,6 +73,7 @@ func (o *OAuthClient) InitAuthFlow(w http.ResponseWriter, r *http.Request) {
o.InitClient() o.InitClient()
state := fmt.Sprintf("%x", rand.Uint32()) state := fmt.Sprintf("%x", rand.Uint32())
nonce := fmt.Sprintf("%x", rand.Uint32()) nonce := fmt.Sprintf("%x", rand.Uint32())
o.OAuth2Config.RedirectURL += "?redirect=" + r.URL.Path
url := o.OAuth2Config.AuthCodeURL(state, oidc.Nonce(nonce)) url := o.OAuth2Config.AuthCodeURL(state, oidc.Nonce(nonce))
log.Println("oidc init flow ", url) log.Println("oidc init flow ", url)
@ -84,7 +84,6 @@ func (o *OAuthClient) InitAuthFlow(w http.ResponseWriter, r *http.Request) {
// HandleAuthCallback manages code exchange and obtains the id token. // HandleAuthCallback manages code exchange and obtains the id token.
func (o *OAuthClient) HandleAuthCallback(r *http.Request, usr users.Store, srv *settings.Server) (*users.User, error) { func (o *OAuthClient) HandleAuthCallback(r *http.Request, usr users.Store, srv *settings.Server) (*users.User, error) {
o.InitClient() o.InitClient()
code := r.URL.Query().Get("code") code := r.URL.Query().Get("code")
stateQuery := r.URL.Query().Get("state") stateQuery := r.URL.Query().Get("state")
stateCookie, err := r.Cookie("state") stateCookie, err := r.Cookie("state")

15
frontend/src/utils/auth.js
View File

@ -1,7 +1,7 @@
import store from "@/store"; import store from "@/store";
import router from "@/router"; import router from "@/router";
import { Base64 } from "js-base64"; import { Base64 } from "js-base64";
import { baseURL } from "@/utils/constants"; import { baseURL, authMethod } from "@/utils/constants";
import cookie from "@/utils/cookie"; import cookie from "@/utils/cookie";
export function parseToken(token) { export function parseToken(token) {
@ -23,7 +23,7 @@ export function parseToken(token) {
export async function validateLogin() { export async function validateLogin() {
let jwt = localStorage.getItem("jwt") let jwt = localStorage.getItem("jwt")
if (!jwt || jwt === "null") { if (authMethod === 'oidc' && (!jwt || jwt === "null")) {
jwt = cookie("auth"); jwt = cookie("auth");
} }
@ -69,6 +69,10 @@ export async function renew(jwt) {
if (res.status === 200) { if (res.status === 200) {
parseToken(body); parseToken(body);
} else { } else {
if (authMethod === 'oidc') {
clearLoginState();
document.location.replace(document.location.pathname);
}
throw new Error(body); throw new Error(body);
} }
} }
@ -90,10 +94,13 @@ export async function signup(username, password) {
} }
export function logout() { export function logout() {
document.cookie = "auth=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/"; clearLoginState();
router.push({ path: "/login" });
}
function clearLoginState() {
document.cookie = "auth=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/";
store.commit("setJWT", ""); store.commit("setJWT", "");
store.commit("setUser", null); store.commit("setUser", null);
localStorage.setItem("jwt", null); localStorage.setItem("jwt", null);
router.push({ path: "/login" });
} }

6
http/auth.go
View File

@ -223,8 +223,12 @@ func setTokenCookie(w http.ResponseWriter, r *http.Request, d *data, user *users
return http.StatusInternalServerError, err return http.StatusInternalServerError, err
} }
redirect := "/files"
if r.URL.Query().Has("redirect") {
redirect = r.URL.Query().Get("redirect")
}
w.Header().Set("Set-Cookie", "auth="+signed+"; path=/") w.Header().Set("Set-Cookie", "auth="+signed+"; path=/")
http.Redirect(w, r, "/files", http.StatusMovedPermanently) http.Redirect(w, r, redirect, http.StatusMovedPermanently)
return 0, nil return 0, nil
} }