Source file src/edge-infra.dev/pkg/edge/iam/oauth2/oauth2_userinfo.go

Documentation: edge-infra.dev/pkg/edge/iam/oauth2

     1  package oauth2
     2  
     3  import (
     4  	"errors"
     5  	"net/http"
     6  
     7  	"github.com/gin-gonic/gin"
     8  	"github.com/ory/fosite"
     9  
    10  	"edge-infra.dev/pkg/edge/iam/apperror"
    11  	"edge-infra.dev/pkg/edge/iam/config"
    12  )
    13  
    14  func (oauth2 *OAuth2) userInfo(ctx *gin.Context) error {
    15  	userinfo := NewUserInfo(config.GetJWTStrategy(), oauth2.ProfileStorage)
    16  	tokenFromRequest := fosite.AccessTokenFromRequest(ctx.Request)
    17  	if len(tokenFromRequest) == 0 {
    18  		ctx.Header("WWW-Authenticate", `Bearer realm="userinfo"`)
    19  		return apperror.NewStatusError(errors.New("missing authorization"), http.StatusUnauthorized)
    20  	}
    21  	err := userinfo.ValidateAccessToken(ctx, tokenFromRequest)
    22  	if err != nil {
    23  		ctx.Header("WWW-Authenticate", `Bearer realm="userinfo" error="invalid_token"`)
    24  		return apperror.NewStatusError(err, http.StatusUnauthorized)
    25  	}
    26  	sub, err := userinfo.GetSubject(ctx, tokenFromRequest)
    27  	if err != nil || len(sub) == 0 {
    28  		ctx.Header("WWW-Authenticate", `Bearer realm="userinfo" error="invalid_token"`)
    29  		return apperror.NewStatusError(err, http.StatusUnauthorized)
    30  	}
    31  	idClaims, err := userinfo.GetIdentityClaims(ctx, sub)
    32  	if err != nil {
    33  		ctx.Header("WWW-Authenticate", `Bearer realm="userinfo" error="server_error"`)
    34  		return apperror.NewStatusError(err, http.StatusInternalServerError)
    35  	}
    36  	ctx.JSON(http.StatusOK, idClaims)
    37  	return nil
    38  }
    39  

View as plain text