(w http.ResponseWriter, r *http.Request)
| 158 | } |
| 159 | |
| 160 | func (a *API) internalExternalProviderCallback(w http.ResponseWriter, r *http.Request) error { |
| 161 | ctx := r.Context() |
| 162 | db := a.db.WithContext(ctx) |
| 163 | |
| 164 | var grantParams models.GrantParams |
| 165 | grantParams.FillGrantParams(r) |
| 166 | |
| 167 | providerType, emailOptional := getExternalProviderType(ctx) |
| 168 | data, err := a.handleOAuthCallback(r) |
| 169 | if err != nil { |
| 170 | return err |
| 171 | } |
| 172 | |
| 173 | userData := data.userData |
| 174 | |
| 175 | if len(userData.Emails) == 0 && !emailOptional { |
| 176 | return apierrors.NewInternalServerError("Error getting user email from external provider") |
| 177 | } |
| 178 | |
| 179 | userData.Metadata.EmailVerified = false |
| 180 | for _, email := range userData.Emails { |
| 181 | if email.Primary { |
| 182 | userData.Metadata.Email = email.Email |
| 183 | userData.Metadata.EmailVerified = email.Verified |
| 184 | break |
| 185 | } else { |
| 186 | userData.Metadata.Email = email.Email |
| 187 | userData.Metadata.EmailVerified = email.Verified |
| 188 | } |
| 189 | } |
| 190 | providerAccessToken := data.token |
| 191 | providerRefreshToken := data.refreshToken |
| 192 | |
| 193 | flowState := getFlowState(ctx) |
| 194 | |
| 195 | targetUser := getTargetUser(ctx) |
| 196 | inviteToken := getInviteToken(ctx) |
| 197 | if targetUser == nil && inviteToken == "" { |
| 198 | if err := a.triggerBeforeUserCreatedExternal( |
| 199 | r, db, userData, providerType); err != nil { |
| 200 | return err |
| 201 | } |
| 202 | } |
| 203 | |
| 204 | var createdUser bool |
| 205 | var user *models.User |
| 206 | var token *AccessTokenResponse |
| 207 | err = db.Transaction(func(tx *storage.Connection) error { |
| 208 | var terr error |
| 209 | if targetUser != nil { |
| 210 | if user, terr = a.linkIdentityToUser(r, ctx, tx, userData, providerType); terr != nil { |
| 211 | return terr |
| 212 | } |
| 213 | } else if inviteToken != "" { |
| 214 | if user, terr = a.processInvite(r, tx, userData, inviteToken, providerType); terr != nil { |
| 215 | return terr |
| 216 | } |
| 217 | } else { |
nothing calls this directly
no test coverage detected