bluepython508/sso-bsn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
e57fdfcb3fc038a10667e1eb35a691d652c34c5c
sso-bsn/lib/sso_bsn_web/controllers/oauth/authorize_controller.ex
bluepython508 e57fdfcb3f WIP: oauth/oidc
2023-11-07 20:28:46 +00:00

91 lines
2.1 KiB
Elixir
Raw Blame History

defmodule SsoBsnWeb.Oauth.AuthorizeController do
@behaviour Boruta.Oauth.AuthorizeApplication
use SsoBsnWeb, :controller
alias Boruta.Oauth.AuthorizeResponse
alias Boruta.Oauth.Error
alias Boruta.Oauth.ResourceOwner
alias SsoBsnWeb.OauthView
def oauth_module, do: Application.get_env(:sso_bsn, :oauth_module, Boruta.Oauth)
def authorize(%Plug.Conn{} = conn, _params) do
current_user = conn.assigns[:current_user]
conn = store_user_return_to(conn)
authorize_response(
conn,
current_user
)
end
defp authorize_response(conn, %_{} = current_user) do
conn
|> oauth_module().authorize(
%ResourceOwner{sub: to_string(current_user.id), username: current_user.email},
__MODULE__
)
end
defp authorize_response(conn, _params) do
redirect_to_login(conn)
end
@impl Boruta.Oauth.AuthorizeApplication
def authorize_success(
conn,
%AuthorizeResponse{} = response
) do
redirect(conn, external: AuthorizeResponse.redirect_to_url(response))
end
@impl Boruta.Oauth.AuthorizeApplication
def authorize_error(
%Plug.Conn{} = conn,
%Error{status: :unauthorized}
) do
redirect_to_login(conn)
end
def authorize_error(
conn,
%Error{format: format} = error
)
when not is_nil(format) do
conn
|> redirect(external: Error.redirect_to_url(error))
end
def authorize_error(
conn,
%Error{status: status, error: error, error_description: error_description}
) do
conn
|> put_status(status)
|> put_view(OauthView)
|> render("error.html", error: error, error_description: error_description)
end
@impl Boruta.Oauth.AuthorizeApplication
def preauthorize_success(_conn, _response), do: :ok
@impl Boruta.Oauth.AuthorizeApplication
def preauthorize_error(_conn, _response), do: :ok
defp store_user_return_to(conn) do
conn
|> put_session(
:user_return_to,
current_path(conn)
)
end
defp redirect_to_login(_conn) do
raise """
Here occurs the login process. After login, user may be redirected to
get_session(conn, :user_return_to)
"""
end
end
Reference in New Issue View Git Blame Copy Permalink