CreateAuthToken creates a new auth token when userlogs in
(gc *gin.Context, cfg *AuthTokenConfig)
| 119 | |
| 120 | // CreateAuthToken creates a new auth token when userlogs in |
| 121 | func (p *provider) CreateAuthToken(gc *gin.Context, cfg *AuthTokenConfig) (*AuthToken, error) { |
| 122 | _, fingerPrintHash, sessionTokenExpiresAt, err := p.CreateSessionToken(cfg) |
| 123 | if err != nil { |
| 124 | return nil, err |
| 125 | } |
| 126 | accessToken, accessTokenExpiresAt, err := p.CreateAccessToken(cfg) |
| 127 | if err != nil { |
| 128 | return nil, err |
| 129 | } |
| 130 | |
| 131 | atHash := sha256.New() |
| 132 | atHash.Write([]byte(accessToken)) |
| 133 | atHashBytes := atHash.Sum(nil) |
| 134 | // hashedToken := string(bs) |
| 135 | atHashDigest := atHashBytes[0 : len(atHashBytes)/2] |
| 136 | atHashString := base64.RawURLEncoding.EncodeToString(atHashDigest) |
| 137 | cfg.AtHash = atHashString |
| 138 | codeHashString := "" |
| 139 | if cfg.Code != "" { |
| 140 | codeHash := sha256.New() |
| 141 | codeHash.Write([]byte(cfg.Code)) |
| 142 | codeHashBytes := codeHash.Sum(nil) |
| 143 | codeHashDigest := codeHashBytes[0 : len(codeHashBytes)/2] |
| 144 | codeHashString = base64.RawURLEncoding.EncodeToString(codeHashDigest) |
| 145 | } |
| 146 | cfg.CodeHash = codeHashString |
| 147 | idToken, idTokenExpiresAt, err := p.CreateIDToken(cfg) |
| 148 | if err != nil { |
| 149 | return nil, err |
| 150 | } |
| 151 | |
| 152 | res := &AuthToken{ |
| 153 | FingerPrint: cfg.Nonce, |
| 154 | FingerPrintHash: fingerPrintHash, |
| 155 | SessionTokenExpiresAt: sessionTokenExpiresAt, |
| 156 | AccessToken: &JWTToken{Token: accessToken, ExpiresAt: accessTokenExpiresAt}, |
| 157 | IDToken: &JWTToken{Token: idToken, ExpiresAt: idTokenExpiresAt}, |
| 158 | } |
| 159 | if utils.StringSliceContains(cfg.Scope, "offline_access") { |
| 160 | refreshToken, refreshTokenExpiresAt, err := p.CreateRefreshToken(cfg) |
| 161 | if err != nil { |
| 162 | return nil, err |
| 163 | } |
| 164 | |
| 165 | res.RefreshToken = &JWTToken{Token: refreshToken, ExpiresAt: refreshTokenExpiresAt} |
| 166 | } |
| 167 | |
| 168 | return res, nil |
| 169 | } |
| 170 | |
| 171 | // CreateSessionToken creates a new session token |
| 172 | func (p *provider) CreateSessionToken(cfg *AuthTokenConfig) (*SessionData, string, int64, error) { |
nothing calls this directly
no test coverage detected