Bypass mode

README.md

@@ -61,4 +61,22 @@ If default Swagger page is displayed instead of tyour api, change url in swagger
      │ 8. API call with Bearer token                              │
      │───────────────────────────────────────────────────────────►│
      │                                                           │
-     │ ◄──────────────────────────────────────────────────────────│
+     │ ◄──────────────────────────────────────────────────────────│
+
+     Browser
+   ↓
+Hydra /oauth2/auth
+   ↓
+Redirect → /login?login_challenge=abc123
+   ↓
+Frontend Login Page
+   ↓
+POST username/password/login_challenge
+   ↓
+TON backend
+   ↓
+Hydra Admin API (accept login)
+   ↓
+Hydra retourne redirect_to
+   ↓
+Frontend redirige

controllers/oauth2.go

@@ -139,9 +139,11 @@ func (o *OAuthController) Refresh() {
 			o.Data["json"] = err
 			o.Ctx.ResponseWriter.WriteHeader(401)
 		} else {
+			newToken.ExpiresIn = 3600
 			o.Data["json"] = newToken
 		}
 	} else {
+		token.ExpiresIn = 3600
 		o.Data["json"] = token
 	}
 	o.ServeJSON()

go.mod

@@ -3,7 +3,7 @@ module oc-auth
 go 1.24.6
 
 require (
-	cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1
+	cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13
 	github.com/beego/beego/v2 v2.3.1
 	github.com/smartystreets/goconvey v1.7.2
 	go.uber.org/zap v1.27.0

go.sum

@@ -2,6 +2,8 @@ cloud.o-forge.io/core/oc-lib v0.0.0-20260204083845-d9f646aac28b h1:/TkmuO5ERpHJC
 cloud.o-forge.io/core/oc-lib v0.0.0-20260204083845-d9f646aac28b/go.mod h1:T0UCxRd8w+qCVVC0NEyDiWIGC5ADwEbQ7hFcvftd4Ks=
 cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1 h1:CSPqJlSepu0efDRFV8tv62Fg5XP2UwSZKfaaL81YuVY=
 cloud.o-forge.io/core/oc-lib v0.0.0-20260210081202-3bcf0da56aa1/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo=
+cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13 h1:DNIPQ7C+7wjbj5RUx29wLxuIe/wiSOcuUMlLRIv6Fvs=
+cloud.o-forge.io/core/oc-lib v0.0.0-20260212123952-403913d8cf13/go.mod h1:jmyBwmsac/4V7XPL347qawF60JsBCDmNAMfn/ySXKYo=
 github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
 github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=

infrastructure/auth_connector/hydra_connector.go

@@ -71,7 +71,6 @@ func (a HydraConnector) challenge(username string, url string, challenge string,
 	resp, err := a.Caller.CallRaw(http.MethodPut,
 		a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1],
 		body, "application/json", true, cookies...) // "remember": true, "subject": username
-	fmt.Println(a.getPath(true, true), "/auth/requests/"+challenge+"/accept?"+challenge+"_challenge="+s[1], resp, err)
 	if err != nil {
 		return nil, s[1], cookies, err
 	}
@@ -80,7 +79,6 @@ func (a HydraConnector) challenge(username string, url string, challenge string,
 	if err != nil {
 		return nil, s[1], cookies, err
 	}
-	fmt.Println(string(b))
 	var token Redirect
 	err = json.Unmarshal(b, &token)
 	if err != nil {
@@ -260,6 +258,11 @@ func (a HydraConnector) Introspect(token string, cookie ...*http.Cookie) (bool,
 		return false, err
 	}
 	introspect.AccessToken = token
+
+	// temporary TODO : real oauth2
+	introspect.Active = true
+	introspect.ExpiresIn = 3600
+
 	return introspect.Active, nil
 }