diff --git a/.gitignore b/.gitignore index d979474..927a4df 100644 --- a/.gitignore +++ b/.gitignore @@ -11,4 +11,6 @@ data.db .DS_Store .env.local *.tar.gz -.vscode/ \ No newline at end of file +.vscode/ +.yalc +yalc.lock \ No newline at end of file diff --git a/app/package-lock.json b/app/package-lock.json index 08d19ca..35e752a 100644 --- a/app/package-lock.json +++ b/app/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "ISC", "dependencies": { - "@authorizerdev/authorizer-react": "latest", + "@authorizerdev/authorizer-react": "0.10.0", "@types/react": "^17.0.15", "@types/react-dom": "^17.0.9", "esbuild": "^0.12.17", @@ -24,9 +24,9 @@ } }, "node_modules/@authorizerdev/authorizer-js": { - "version": "0.4.0-beta.3", - "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.4.0-beta.3.tgz", - "integrity": "sha512-OGZc6I6cnpi/WkSotkjVIc3LEzl8pFeiohr8+Db9xWd75/oTfOZqWRuIHTnTc1FC+6Sv2EjTJ9Aa6lrloWG+NQ==", + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.5.0.tgz", + "integrity": "sha512-O7T275ry4fJznQObnjYHPXvOtTtbv91NNFPh/x1jGs5iOC8MWvpnd7lbLvcnKbs0vPnZmFTzEUx8kCW2Z0o9Hg==", "dependencies": { "node-fetch": "^2.6.1" }, @@ -35,11 +35,11 @@ } }, "node_modules/@authorizerdev/authorizer-react": { - "version": "0.9.0-beta.7", - "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.9.0-beta.7.tgz", - "integrity": "sha512-hCGsVionKMZNk+uD0CLtMIkUzhQqpHbVntko3rY+O7ouOrTrikY/WQVPbo1bqX1cu/6/cHE4RVU3cZ7V5xnxVg==", + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.10.0.tgz", + "integrity": "sha512-0z/i+ystihxRbqERi984EGV5S9VK95uA2GwjtUfl8pEx7PwrmQYq+iis39kn/fSHDGVkekIHFkm071QDbn4XkQ==", "dependencies": { - "@authorizerdev/authorizer-js": "^0.4.0-beta.3", + "@authorizerdev/authorizer-js": "^0.5.0", "final-form": "^4.20.2", "react-final-form": "^6.5.3", "styled-components": "^5.3.0" @@ -829,19 +829,19 @@ }, "dependencies": { "@authorizerdev/authorizer-js": { - "version": "0.4.0-beta.3", - "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.4.0-beta.3.tgz", - "integrity": "sha512-OGZc6I6cnpi/WkSotkjVIc3LEzl8pFeiohr8+Db9xWd75/oTfOZqWRuIHTnTc1FC+6Sv2EjTJ9Aa6lrloWG+NQ==", + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-js/-/authorizer-js-0.5.0.tgz", + "integrity": "sha512-O7T275ry4fJznQObnjYHPXvOtTtbv91NNFPh/x1jGs5iOC8MWvpnd7lbLvcnKbs0vPnZmFTzEUx8kCW2Z0o9Hg==", "requires": { "node-fetch": "^2.6.1" } }, "@authorizerdev/authorizer-react": { - "version": "0.9.0-beta.7", - "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.9.0-beta.7.tgz", - "integrity": "sha512-hCGsVionKMZNk+uD0CLtMIkUzhQqpHbVntko3rY+O7ouOrTrikY/WQVPbo1bqX1cu/6/cHE4RVU3cZ7V5xnxVg==", + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/@authorizerdev/authorizer-react/-/authorizer-react-0.10.0.tgz", + "integrity": "sha512-0z/i+ystihxRbqERi984EGV5S9VK95uA2GwjtUfl8pEx7PwrmQYq+iis39kn/fSHDGVkekIHFkm071QDbn4XkQ==", "requires": { - "@authorizerdev/authorizer-js": "^0.4.0-beta.3", + "@authorizerdev/authorizer-js": "^0.5.0", "final-form": "^4.20.2", "react-final-form": "^6.5.3", "styled-components": "^5.3.0" diff --git a/app/package.json b/app/package.json index cd974d6..68ff7c2 100644 --- a/app/package.json +++ b/app/package.json @@ -11,7 +11,7 @@ "author": "Lakhan Samani", "license": "ISC", "dependencies": { - "@authorizerdev/authorizer-react": "latest", + "@authorizerdev/authorizer-react": "0.10.0", "@types/react": "^17.0.15", "@types/react-dom": "^17.0.9", "esbuild": "^0.12.17", diff --git a/server/db/models/user.go b/server/db/models/user.go index aa51771..b4e9dfd 100644 --- a/server/db/models/user.go +++ b/server/db/models/user.go @@ -32,6 +32,9 @@ type User struct { func (user *User) AsAPIUser() *model.User { isEmailVerified := user.EmailVerifiedAt != nil isPhoneVerified := user.PhoneNumberVerifiedAt != nil + email := user.Email + createdAt := user.CreatedAt + updatedAt := user.UpdatedAt return &model.User{ ID: user.ID, Email: user.Email, @@ -41,14 +44,14 @@ func (user *User) AsAPIUser() *model.User { FamilyName: user.FamilyName, MiddleName: user.MiddleName, Nickname: user.Nickname, - PreferredUsername: &user.Email, + PreferredUsername: &email, Gender: user.Gender, Birthdate: user.Birthdate, PhoneNumber: user.PhoneNumber, PhoneNumberVerified: &isPhoneVerified, Picture: user.Picture, Roles: strings.Split(user.Roles, ","), - CreatedAt: &user.CreatedAt, - UpdatedAt: &user.UpdatedAt, + CreatedAt: &createdAt, + UpdatedAt: &updatedAt, } } diff --git a/server/db/models/verification_requests.go b/server/db/models/verification_requests.go index 7d94c6a..a1b30ad 100644 --- a/server/db/models/verification_requests.go +++ b/server/db/models/verification_requests.go @@ -17,15 +17,23 @@ type VerificationRequest struct { } func (v *VerificationRequest) AsAPIVerificationRequest() *model.VerificationRequest { + token := v.Token + createdAt := v.CreatedAt + updatedAt := v.UpdatedAt + email := v.Email + nonce := v.Nonce + redirectURI := v.RedirectURI + expires := v.ExpiresAt + identifier := v.Identifier return &model.VerificationRequest{ ID: v.ID, - Token: &v.Token, - Identifier: &v.Identifier, - Expires: &v.ExpiresAt, - CreatedAt: &v.CreatedAt, - UpdatedAt: &v.UpdatedAt, - Email: &v.Email, - Nonce: &v.Nonce, - RedirectURI: &v.RedirectURI, + Token: &token, + Identifier: &identifier, + Expires: &expires, + CreatedAt: &createdAt, + UpdatedAt: &updatedAt, + Email: &email, + Nonce: &nonce, + RedirectURI: &redirectURI, } } diff --git a/server/graph/generated/generated.go b/server/graph/generated/generated.go index 43d5c21..92150c2 100644 --- a/server/graph/generated/generated.go +++ b/server/graph/generated/generated.go @@ -1358,6 +1358,7 @@ input SignUpInput { confirm_password: String! roles: [String!] scope: [String!] + redirect_uri: String } input LoginInput { @@ -7415,6 +7416,14 @@ func (ec *executionContext) unmarshalInputSignUpInput(ctx context.Context, obj i if err != nil { return it, err } + case "redirect_uri": + var err error + + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("redirect_uri")) + it.RedirectURI, err = ec.unmarshalOString2áš–string(ctx, v) + if err != nil { + return it, err + } } } diff --git a/server/graph/model/models_gen.go b/server/graph/model/models_gen.go index 88be349..9c02828 100644 --- a/server/graph/model/models_gen.go +++ b/server/graph/model/models_gen.go @@ -159,6 +159,7 @@ type SignUpInput struct { ConfirmPassword string `json:"confirm_password"` Roles []string `json:"roles"` Scope []string `json:"scope"` + RedirectURI *string `json:"redirect_uri"` } type UpdateEnvInput struct { diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls index fcd2db0..fdea73d 100644 --- a/server/graph/schema.graphqls +++ b/server/graph/schema.graphqls @@ -182,6 +182,7 @@ input SignUpInput { confirm_password: String! roles: [String!] scope: [String!] + redirect_uri: String } input LoginInput { diff --git a/server/handlers/authorize.go b/server/handlers/authorize.go index 53c94ee..cfb913f 100644 --- a/server/handlers/authorize.go +++ b/server/handlers/authorize.go @@ -1,6 +1,7 @@ package handlers import ( + "fmt" "net/http" "strconv" "strings" @@ -50,6 +51,8 @@ func AuthorizeHandler() gin.HandlerFunc { gc.JSON(400, gin.H{"error": "invalid response mode"}) } + fmt.Println("=> redirect URI:", redirectURI) + fmt.Println("=> state:", state) if redirectURI == "" { redirectURI = "/app" } diff --git a/server/handlers/oauth_login.go b/server/handlers/oauth_login.go index 87eff74..a2ce229 100644 --- a/server/handlers/oauth_login.go +++ b/server/handlers/oauth_login.go @@ -16,7 +16,11 @@ import ( func OAuthLoginHandler() gin.HandlerFunc { return func(c *gin.Context) { hostname := utils.GetHost(c) + // deprecating redirectURL instead use redirect_uri redirectURI := strings.TrimSpace(c.Query("redirectURL")) + if redirectURI == "" { + redirectURI = strings.TrimSpace(c.Query("redirect_uri")) + } roles := strings.TrimSpace(c.Query("roles")) state := strings.TrimSpace(c.Query("state")) scopeString := strings.TrimSpace(c.Query("scope")) diff --git a/server/handlers/token.go b/server/handlers/token.go index 45c66e7..13abbb9 100644 --- a/server/handlers/token.go +++ b/server/handlers/token.go @@ -110,8 +110,6 @@ func TokenHandler() gin.HandlerFunc { return } - // rollover the session for security - sessionstore.RemoveState(sessionDataSplit[1]) // validate session claims, err := token.ValidateBrowserSession(gc, sessionDataSplit[1]) if err != nil { @@ -121,6 +119,8 @@ func TokenHandler() gin.HandlerFunc { }) return } + // rollover the session for security + sessionstore.RemoveState(sessionDataSplit[1]) userID = claims.Subject roles = claims.Roles scope = claims.Scope diff --git a/server/resolvers/update_user.go b/server/resolvers/update_user.go index 16871cf..a759399 100644 --- a/server/resolvers/update_user.go +++ b/server/resolvers/update_user.go @@ -154,6 +154,8 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod return res, err } + createdAt := user.CreatedAt + updatedAt := user.UpdatedAt res = &model.User{ ID: params.ID, Email: user.Email, @@ -161,8 +163,8 @@ func UpdateUserResolver(ctx context.Context, params model.UpdateUserInput) (*mod GivenName: user.GivenName, FamilyName: user.FamilyName, Roles: strings.Split(user.Roles, ","), - CreatedAt: &user.CreatedAt, - UpdatedAt: &user.UpdatedAt, + CreatedAt: &createdAt, + UpdatedAt: &updatedAt, } return res, nil }