diff --git a/README.md b/README.md index 5f78fa3..1133d5a 100644 --- a/README.md +++ b/README.md @@ -61,4 +61,22 @@ If default Swagger page is displayed instead of tyour api, change url in swagger │ 8. API call with Bearer token │ │───────────────────────────────────────────────────────────►│ │ │ - │ ◄──────────────────────────────────────────────────────────│ \ No newline at end of file + │ ◄──────────────────────────────────────────────────────────│ + + Browser + ↓ +Hydra /oauth2/auth + ↓ +Redirect → /login?login_challenge=abc123 + ↓ +Frontend Login Page + ↓ +POST username/password/login_challenge + ↓ +TON backend + ↓ +Hydra Admin API (accept login) + ↓ +Hydra retourne redirect_to + ↓ +Frontend redirige diff --git a/controllers/oauth2.go b/controllers/oauth2.go index 4b5eaba..b53535b 100644 --- a/controllers/oauth2.go +++ b/controllers/oauth2.go @@ -139,9 +139,11 @@ func (o *OAuthController) Refresh() { o.Data["json"] = err o.Ctx.ResponseWriter.WriteHeader(401) } else { + newToken.ExpiresIn = 3600 o.Data["json"] = newToken } } else { + token.ExpiresIn = 3600 o.Data["json"] = token } o.ServeJSON() diff --git a/go.mod b/go.mod index 6a7c0ae..d6219c3 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module oc-auth go 1.24.6 require ( - cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1 + cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13 github.com/beego/beego/v2 v2.3.1 github.com/smartystreets/goconvey v1.7.2 go.uber.org/zap v1.27.0 diff --git a/go.sum b/go.sum index 73da0ee..7eea0a3 100644 --- a/go.sum +++ b/go.sum @@ -2,6 +2,8 @@ cloud.o-forge.io/core/oc-lib v0.0.0-20260204083845-d9f646aac28b h1:/TkmuO5ERpHJC cloud.o-forge.io/core/oc-lib v0.0.0-20260204083845-d9f646aac28b/go.mod h1:T0UCxRd8w+qCVVC0NEyDiWIGC5ADwEbQ7hFcvftd4Ks= cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1 h1:CSPqJlSepu0efDRFV8tv62Fg5XP2UwSZKfaaL81YuVY= cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo= +cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13 h1:DNIPQ7C+7wjbj5RUx29wLxuIe/wiSOcuUMlLRIv6Fvs= +cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= diff --git a/infrastructure/auth_connector/hydra_connector.go b/infrastructure/auth_connector/hydra_connector.go index 7ee3c80..1120a98 100644 --- a/infrastructure/auth_connector/hydra_connector.go +++ b/infrastructure/auth_connector/hydra_connector.go @@ -71,7 +71,6 @@ func (a HydraConnector) challenge(username string, url string, challenge string, resp, err := a.Caller.CallRaw(http.MethodPut, a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1], body, "application/json", true, cookies...) // "remember": true, "subject": username - fmt.Println(a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1], resp, err) if err != nil { return nil, s[1], cookies, err } @@ -80,7 +79,6 @@ func (a HydraConnector) challenge(username string, url string, challenge string, if err != nil { return nil, s[1], cookies, err } - fmt.Println(string(b)) var token Redirect err = json.Unmarshal(b, &token) if err != nil { @@ -260,6 +258,11 @@ func (a HydraConnector) Introspect(token string, cookie ...*http.Cookie) (bool, return false, err } introspect.AccessToken = token + + // temporary TODO : real oauth2 + introspect.Active = true + introspect.ExpiresIn = 3600 + return introspect.Active, nil }