MCPcopy Index your code
hub / github.com/rilldata/rill / authHandler

Method authHandler

cli/pkg/local/server.go:811–843  ·  view source on GitHub ↗

authHandler starts the OAuth2 PKCE flow to authenticate the user and get a rill access token.

(httpPort int, secure bool)

Source from the content-addressed store, hash-verified

809
810// authHandler starts the OAuth2 PKCE flow to authenticate the user and get a rill access token.
811func (s *Server) authHandler(httpPort int, secure bool) http.Handler {
812 scheme := "http"
813 if secure {
814 scheme = "https"
815 }
816 redirectURL := fmt.Sprintf("%s://localhost:%d/auth/callback", scheme, httpPort)
817
818 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
819 // generate random state
820 b := make([]byte, 32)
821 _, err := rand.Read(b)
822 if err != nil {
823 http.Error(w, fmt.Sprintf("failed to generate state: %s", err), http.StatusInternalServerError)
824 return
825 }
826 state := base64.URLEncoding.EncodeToString(b)
827
828 // check the request for redirect query param, we will use this to redirect back to this after auth
829 origin := r.URL.Query().Get("redirect")
830 if origin == "" {
831 origin = "/"
832 }
833
834 authenticator, err := pkce.NewAuthenticator(s.app.ch.AdminURL(), redirectURL, database.AuthClientIDRillWebLocal, origin)
835 if err != nil {
836 http.Error(w, fmt.Sprintf("failed to generate pkce authenticator: %s", err), http.StatusInternalServerError)
837 return
838 }
839 s.app.pkceAuthenticators[state] = authenticator
840 authURL := authenticator.GetAuthURL(state)
841 http.Redirect(w, r, authURL, http.StatusFound)
842 })
843}
844
845// authCallbackHandler handles the OAuth2 PKCE callback to exchange the authorization code for a rill access token.
846func (s *Server) authCallbackHandler() http.Handler {

Callers 1

RegisterHandlersMethod · 0.95

Calls 6

GetAuthURLMethod · 0.95
NewAuthenticatorFunction · 0.92
AdminURLMethod · 0.80
GetMethod · 0.65
QueryMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected