| 977 | } |
| 978 | |
| 979 | func (p *OAuthProxy) redeemCode(req *http.Request, codeVerifier string) (*sessionsapi.SessionState, error) { |
| 980 | code := req.Form.Get("code") |
| 981 | if code == "" { |
| 982 | return nil, providers.ErrMissingCode |
| 983 | } |
| 984 | |
| 985 | redirectURI := p.getOAuthRedirectURI(req) |
| 986 | s, err := p.provider.Redeem(req.Context(), redirectURI, code, codeVerifier) |
| 987 | if err != nil { |
| 988 | return nil, err |
| 989 | } |
| 990 | |
| 991 | // Force setting these in case the Provider didn't |
| 992 | if s.CreatedAt == nil { |
| 993 | s.CreatedAtNow() |
| 994 | } |
| 995 | if s.ExpiresOn == nil { |
| 996 | s.ExpiresIn(p.CookieOptions.Expire) |
| 997 | } |
| 998 | |
| 999 | return s, nil |
| 1000 | } |
| 1001 | |
| 1002 | func (p *OAuthProxy) enrichSessionState(ctx context.Context, s *sessionsapi.SessionState) error { |
| 1003 | var err error |