2020-04-16 23:49:35 +01:00
|
|
|
package authentication
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2020-04-24 09:01:53 +01:00
|
|
|
|
2020-04-16 23:49:35 +01:00
|
|
|
"github.com/Nerzal/gocloak/v5"
|
|
|
|
)
|
|
|
|
|
2020-04-24 09:01:53 +01:00
|
|
|
// AuthConfig contains the configuration for the IdP.
|
2020-04-16 23:49:35 +01:00
|
|
|
var AuthConfig map[string]string
|
|
|
|
|
2020-04-24 09:01:53 +01:00
|
|
|
// HasAuth checks the passed token against the IdP, and returns true
|
|
|
|
// if the IdP can return the user's info, false if not.
|
2020-04-16 23:49:35 +01:00
|
|
|
func HasAuth(accessToken string) (success bool) {
|
|
|
|
client := gocloak.NewClient(AuthConfig["provider_url"])
|
|
|
|
_, err := client.GetUserInfo(accessToken, AuthConfig["realm"])
|
|
|
|
if err != nil {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2020-04-24 09:01:53 +01:00
|
|
|
// GetLoginLink generates a redirect link to the IdP login page.
|
2020-04-16 23:49:35 +01:00
|
|
|
func GetLoginLink() (url string) {
|
|
|
|
baseString := "%v/auth/realms/%v/protocol/openid-connect/auth?client_id=account&response_mode=fragment&response_type=token&login=true&redirect_uri=%v/api/auth/callback"
|
2020-04-24 09:01:53 +01:00
|
|
|
authURL := fmt.Sprintf(baseString, AuthConfig["provider_url"], AuthConfig["realm"], AuthConfig["redirect_base_url"])
|
|
|
|
return authURL
|
|
|
|
}
|