Skip to content

Commit ab18fa5

Browse files
lakhansamanilakhansamani
committed
fix: use raw base64 url decoding
1 parent 484d0c0 commit ab18fa5

File tree

1 file changed

+11
-4
lines changed

1 file changed

+11
-4
lines changed

server/handlers/oauth_callback.go

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package handlers
22

33
import (
44
"context"
5+
"encoding/base64"
56
"encoding/json"
67
"fmt"
78
"io/ioutil"
@@ -17,7 +18,6 @@ import (
1718

1819
"github.com/authorizerdev/authorizer/server/constants"
1920
"github.com/authorizerdev/authorizer/server/cookie"
20-
"github.com/authorizerdev/authorizer/server/crypto"
2121
"github.com/authorizerdev/authorizer/server/db"
2222
"github.com/authorizerdev/authorizer/server/db/models"
2323
"github.com/authorizerdev/authorizer/server/memorystore"
@@ -456,12 +456,15 @@ func processLinkedInUserInfo(code string) (models.User, error) {
456456

457457
func processAppleUserInfo(code string) (models.User, error) {
458458
user := models.User{}
459+
fmt.Println("=> code:", code)
459460
oauth2Token, err := oauth.OAuthProviders.AppleConfig.Exchange(oauth2.NoContext, code)
460461
if err != nil {
461462
log.Debug("Failed to exchange code for token: ", err)
462463
return user, fmt.Errorf("invalid apple exchange code: %s", err.Error())
463464
}
464465

466+
fmt.Println("=> oauth2Token:", oauth2Token)
467+
465468
// Extract the ID Token from OAuth2 token.
466469
rawIDToken, ok := oauth2Token.Extra("id_token").(string)
467470
if !ok {
@@ -471,19 +474,23 @@ func processAppleUserInfo(code string) (models.User, error) {
471474

472475
tokenSplit := strings.Split(rawIDToken, ".")
473476
claimsData := tokenSplit[1]
474-
decodedClaimsData, err := crypto.DecryptB64(claimsData)
477+
decodedClaimsData, err := base64.RawURLEncoding.DecodeString(claimsData)
475478
if err != nil {
476-
log.Debug("Failed to decrypt claims data: ", err)
479+
log.Debugf("Failed to decrypt claims %s: %s", claimsData, err.Error())
477480
return user, fmt.Errorf("failed to decrypt claims data: %s", err.Error())
478481
}
479482

483+
fmt.Println("=> decodedClaimsData:", string(decodedClaimsData))
484+
480485
claims := make(map[string]interface{})
481-
err = json.Unmarshal([]byte(decodedClaimsData), &claims)
486+
err = json.Unmarshal(decodedClaimsData, &claims)
482487
if err != nil {
483488
log.Debug("Failed to unmarshal claims data: ", err)
484489
return user, fmt.Errorf("failed to unmarshal claims data: %s", err.Error())
485490
}
486491

492+
fmt.Println("=> claims:", claims)
493+
487494
if val, ok := claims["email"]; !ok {
488495
log.Debug("Failed to extract email from claims.")
489496
return user, fmt.Errorf("unable to extract email, please check the scopes enabled for your app. It needs `email`, `name` scopes")

0 commit comments

Comments
 (0)