go-discogs/oauth_endpoints.go at main · stmcallister/go-discogs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package discogs

import (
	"context"
	"encoding/json"
	"fmt"
	"io"
	"net/http"
	"net/url"
	"strings"
)

// RequestToken starts the OAuth 1.0a flow.
func (c *Client) RequestToken(ctx context.Context, callbackURL string) (token string, secret string, err error) {
	req, err := http.NewRequestWithContext(ctx, http.MethodPost, c.baseURL+"/oauth/request_token", nil)
	if err != nil {
		return "", "", err
	}
	if c.userAgent != "" {
		req.Header.Set("User-Agent", c.userAgent)
	}
	req.Header.Set("Authorization", oauth1AuthorizationHeader(http.MethodPost, req.URL.String(), c.consumerKey, c.consumerSecret, "", "", map[string]string{
		"oauth_callback": callbackURL,
	}))

	res, err := c.HTTPClient.Do(req)
	if err != nil {
		return "", "", err
	}
	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)
	if res.StatusCode < 200 || res.StatusCode >= 300 {
		return "", "", fmt.Errorf("status %d: %s", res.StatusCode, strings.TrimSpace(string(body)))
	}
	vals, err := url.ParseQuery(string(body))
	if err != nil {
		return "", "", err
	}
	token = vals.Get("oauth_token")
	secret = vals.Get("oauth_token_secret")
	if token == "" || secret == "" {
		return "", "", fmt.Errorf("unexpected response: %s", strings.TrimSpace(string(body)))
	}
	return token, secret, nil
}

// AccessToken completes the OAuth 1.0a flow.
func (c *Client) AccessToken(ctx context.Context, requestToken, requestSecret, verifier string) (token string, secret string, err error) {
	req, err := http.NewRequestWithContext(ctx, http.MethodPost, c.baseURL+"/oauth/access_token", nil)
	if err != nil {
		return "", "", err
	}
	if c.userAgent != "" {
		req.Header.Set("User-Agent", c.userAgent)
	}
	req.Header.Set("Authorization", oauth1AuthorizationHeader(http.MethodPost, req.URL.String(), c.consumerKey, c.consumerSecret, requestToken, requestSecret, map[string]string{
		"oauth_token":    requestToken,
		"oauth_verifier": verifier,
	}))

	res, err := c.HTTPClient.Do(req)
	if err != nil {
		return "", "", err
	}
	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)
	if res.StatusCode < 200 || res.StatusCode >= 300 {
		return "", "", fmt.Errorf("status %d: %s", res.StatusCode, strings.TrimSpace(string(body)))
	}
	vals, err := url.ParseQuery(string(body))
	if err != nil {
		return "", "", err
	}
	token = vals.Get("oauth_token")
	secret = vals.Get("oauth_token_secret")
	if token == "" || secret == "" {
		return "", "", fmt.Errorf("unexpected response: %s", strings.TrimSpace(string(body)))
	}
	return token, secret, nil
}

type Identity struct {
	ID       int64  `json:"id"`
	Username string `json:"username"`
}

// Identity fetches the authenticated user's identity.
func (c *Client) Identity(ctx context.Context) (*Identity, error) {
	req, err := http.NewRequestWithContext(ctx, http.MethodGet, c.baseURL+"/oauth/identity", nil)
	if err != nil {
		return nil, err
	}
	if c.userAgent != "" {
		req.Header.Set("User-Agent", c.userAgent)
	}
	req.Header.Set("Accept", "application/json; charset=utf-8")
	req.Header.Set("Authorization", oauth1AuthorizationHeader(http.MethodGet, req.URL.String(), c.consumerKey, c.consumerSecret, c.oauthToken, c.oauthTokenSecret, nil))

	res, err := c.HTTPClient.Do(req)
	if err != nil {
		return nil, err
	}
	defer res.Body.Close()
	if res.StatusCode < 200 || res.StatusCode >= 300 {
		b, _ := io.ReadAll(res.Body)
		return nil, fmt.Errorf("status %d: %s", res.StatusCode, strings.TrimSpace(string(b)))
	}
	var out Identity
	if err := json.NewDecoder(res.Body).Decode(&out); err != nil {
		return nil, err
	}
	return &out, nil
}