fix: token + redirect

lakhansamani · lakhansamani · commit 99b846811a5e · 2022-03-16T21:44:57.000+05:30
diff --git a/.gitignore b/.gitignore
@@ -11,4 +11,6 @@ data.db
 .DS_Store
 .env.local
 *.tar.gz
-.vscode/
+.vscode/
+.yalc
+yalc.lock
diff --git a/app/package-lock.json b/app/package-lock.json
diff --git a/app/package.json b/app/package.json
@@ -11,7 +11,7 @@
 	"author": "Lakhan Samani",
 	"license": "ISC",
 	"dependencies": {
-		"@authorizerdev/authorizer-react": "latest",
+		"@authorizerdev/authorizer-react": "0.10.0",
 		"@types/react": "^17.0.15",
 		"@types/react-dom": "^17.0.9",
 		"esbuild": "^0.12.17",
diff --git a/server/db/models/user.go b/server/db/models/user.go
@@ -32,6 +32,9 @@ type User struct {
 func (user *User) AsAPIUser() *model.User {
 	isEmailVerified := user.EmailVerifiedAt != nil
 	isPhoneVerified := user.PhoneNumberVerifiedAt != nil
+	email := user.Email
+	createdAt := user.CreatedAt
+	updatedAt := user.UpdatedAt
 	return &model.User{
 		ID:                  user.ID,
 		Email:               user.Email,
@@ -41,14 +44,14 @@ func (user *User) AsAPIUser() *model.User {
 		FamilyName:          user.FamilyName,
 		MiddleName:          user.MiddleName,
 		Nickname:            user.Nickname,
-		PreferredUsername:   &user.Email,
+		PreferredUsername:   &email,
 		Gender:              user.Gender,
 		Birthdate:           user.Birthdate,
 		PhoneNumber:         user.PhoneNumber,
 		PhoneNumberVerified: &isPhoneVerified,
 		Picture:             user.Picture,
 		Roles:               strings.Split(user.Roles, ","),
-		CreatedAt:           &user.CreatedAt,
-		UpdatedAt:           &user.UpdatedAt,
+		CreatedAt:           &createdAt,
+		UpdatedAt:           &updatedAt,
 	}
 }
diff --git a/server/db/models/verification_requests.go b/server/db/models/verification_requests.go
@@ -17,15 +17,23 @@ type VerificationRequest struct {
 }
 
 func (v *VerificationRequest) AsAPIVerificationRequest() *model.VerificationRequest {
+	token := v.Token
+	createdAt := v.CreatedAt
+	updatedAt := v.UpdatedAt
+	email := v.Email
+	nonce := v.Nonce
+	redirectURI := v.RedirectURI
+	expires := v.ExpiresAt
+	identifier := v.Identifier
 	return &model.VerificationRequest{
 		ID:          v.ID,
-		Token:       &v.Token,
-		Identifier:  &v.Identifier,
-		Expires:     &v.ExpiresAt,
-		CreatedAt:   &v.CreatedAt,
-		UpdatedAt:   &v.UpdatedAt,
-		Email:       &v.Email,
-		Nonce:       &v.Nonce,
-		RedirectURI: &v.RedirectURI,
+		Token:       &token,
+		Identifier:  &identifier,
+		Expires:     &expires,
+		CreatedAt:   &createdAt,
+		UpdatedAt:   &updatedAt,
+		Email:       &email,
+		Nonce:       &nonce,
+		RedirectURI: &redirectURI,
 	}
 }
diff --git a/server/graph/generated/generated.go b/server/graph/generated/generated.go
diff --git a/server/graph/model/models_gen.go b/server/graph/model/models_gen.go
diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls
@@ -182,6 +182,7 @@ input SignUpInput {
 	confirm_password: String!
 	roles: [String!]
 	scope: [String!]
+	redirect_uri: String
 }
 
 input LoginInput {
diff --git a/server/handlers/authorize.go b/server/handlers/authorize.go
@@ -1,6 +1,7 @@
 package handlers
 
 import (
+	"fmt"
 	"net/http"
 	"strconv"
 	"strings"
@@ -50,6 +51,8 @@ func AuthorizeHandler() gin.HandlerFunc {
 			gc.JSON(400, gin.H{"error": "invalid response mode"})
 		}
 
+		fmt.Println("=> redirect URI:", redirectURI)
+		fmt.Println("=> state:", state)
 		if redirectURI == "" {
 			redirectURI = "/app"
 		}
diff --git a/server/handlers/oauth_login.go b/server/handlers/oauth_login.go
@@ -16,7 +16,11 @@ import (
 func OAuthLoginHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		hostname := utils.GetHost(c)
+		// deprecating redirectURL instead use redirect_uri
 		redirectURI := strings.TrimSpace(c.Query("redirectURL"))
+		if redirectURI == "" {
+			redirectURI = strings.TrimSpace(c.Query("redirect_uri"))
+		}
 		roles := strings.TrimSpace(c.Query("roles"))
 		state := strings.TrimSpace(c.Query("state"))
 		scopeString := strings.TrimSpace(c.Query("scope"))
diff --git a/server/handlers/token.go b/server/handlers/token.go
@@ -110,8 +110,6 @@ func TokenHandler() gin.HandlerFunc {
 				return
 			}
 
-			// rollover the session for security
-			sessionstore.RemoveState(sessionDataSplit[1])
 			// validate session
 			claims, err := token.ValidateBrowserSession(gc, sessionDataSplit[1])
 			if err != nil {
@@ -121,6 +119,8 @@ func TokenHandler() gin.HandlerFunc {
 				})
 				return
 			}
+			// rollover the session for security
+			sessionstore.RemoveState(sessionDataSplit[1])
 			userID = claims.Subject
 			roles = claims.Roles
 			scope = claims.Scope
diff --git a/server/resolvers/update_user.go b/server/resolvers/update_user.go
@@ -154,15 +154,17 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod
 		return res, err
 	}
 
+	createdAt := user.CreatedAt
+	updatedAt := user.UpdatedAt
 	res = &model.User{
 		ID:         params.ID,
 		Email:      user.Email,
 		Picture:    user.Picture,
 		GivenName:  user.GivenName,
 		FamilyName: user.FamilyName,
 		Roles:      strings.Split(user.Roles, ","),
-		CreatedAt:  &user.CreatedAt,
-		UpdatedAt:  &user.UpdatedAt,
+		CreatedAt:  &createdAt,
+		UpdatedAt:  &updatedAt,
 	}
 	return res, nil
 }

Original file line number	Diff line number	Diff line change
`@@ -182,6 +182,7 @@ input SignUpInput {`
`182`	`182`	`confirm_password: String!`
`183`	`183`	`roles: [String!]`
`184`	`184`	`scope: [String!]`
	`185`	`+ redirect_uri: String`
`185`	`186`	`}`
`186`	`187`
`187`	`188`	`input LoginInput {`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`package handlers`
`2`	`2`
`3`	`3`	`import (`
	`4`	`+ "fmt"`
`4`	`5`	`"net/http"`
`5`	`6`	`"strconv"`
`6`	`7`	`"strings"`
`@@ -50,6 +51,8 @@ func AuthorizeHandler() gin.HandlerFunc {`
`50`	`51`	`gc.JSON(400, gin.H{"error": "invalid response mode"})`
`51`	`52`	`}`
`52`	`53`
	`54`	`+ fmt.Println("=> redirect URI:", redirectURI)`
	`55`	`+ fmt.Println("=> state:", state)`
`53`	`56`	`if redirectURI == "" {`
`54`	`57`	`redirectURI = "/app"`
`55`	`58`	`}`