fix: update scope for apple login

fix: add post method support for oauth callback
2022-06-14 13:11:39 +05:30 · 2022-06-14 12:35:23 +05:30 · 2022-06-14 12:17:43 +05:30 · 2022-06-14 12:06:46 +05:30
4 changed files with 23 additions and 7 deletions
--- a/server/handlers/oauth_callback.go
+++ b/server/handlers/oauth_callback.go
@@ -482,15 +482,29 @@ func processAppleUserInfo(code string) (models.User, error) {
 	}
 	fmt.Println("=> decoded claims data", decodedClaimsData)

-	claims := map[string]string{}
+	claims := make(map[string]interface{})
 	err = json.Unmarshal([]byte(decodedClaimsData), &claims)
 	if err != nil {
 		log.Debug("Failed to unmarshal claims data: ", err)
 		return user, fmt.Errorf("failed to unmarshal claims data: %s", err.Error())
 	}
-	fmt.Println("=> claims map:", claims)
-	email := claims["email"]
-	user.Email = email
+
+	fmt.Println("=> claims", claims)
+
+	if val, ok := claims["email"]; !ok {
+		log.Debug("Failed to extract email from claims")
+		return user, fmt.Errorf("unable to extract email")
+	} else {
+		user.Email = val.(string)
+	}
+
+	if val, ok := claims["name"]; ok {
+		nameData := val.(map[string]interface{})
+		givenName := nameData["firstName"].(string)
+		familyName := nameData["lastName"].(string)
+		user.GivenName = &givenName
+		user.FamilyName = &familyName
+	}

 	return user, err
 }
--- a/server/handlers/oauth_login.go
+++ b/server/handlers/oauth_login.go
@@ -6,6 +6,7 @@ import (

 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
+	"golang.org/x/oauth2"

 	"github.com/authorizerdev/authorizer/server/constants"
 	"github.com/authorizerdev/authorizer/server/memorystore"
@@ -170,7 +171,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 			c.Redirect(http.StatusTemporaryRedirect, url)
 		case constants.SignupMethodApple:
 			if oauth.OAuthProviders.AppleConfig == nil {
-				log.Debug("Linkedin OAuth provider is not configured")
+				log.Debug("Apple OAuth provider is not configured")
 				isProviderConfigured = false
 				break
 			}
@@ -183,7 +184,7 @@ func OAuthLoginHandler() gin.HandlerFunc {
 				return
 			}
 			oauth.OAuthProviders.AppleConfig.RedirectURL = hostname + "/oauth_callback/" + constants.SignupMethodApple
-			url := oauth.OAuthProviders.AppleConfig.AuthCodeURL(oauthStateString)
+			url := oauth.OAuthProviders.AppleConfig.AuthCodeURL(oauthStateString, oauth2.SetAuthURLParam("response_mode", "form_post"))
 			c.Redirect(http.StatusTemporaryRedirect, url)
 		default:
 			log.Debug("Invalid oauth provider: ", provider)
--- a/server/oauth/oauth.go
+++ b/server/oauth/oauth.go
@@ -130,7 +130,7 @@ func InitOAuth() error {
 				AuthURL:  "https://appleid.apple.com/auth/authorize",
 				TokenURL: "https://appleid.apple.com/auth/token",
 			},
-			Scopes: []string{"email"},
+			Scopes: []string{"openid", "name", "email"},
 		}
 	}

--- a/server/routes/routes.go
+++ b/server/routes/routes.go
@@ -23,6 +23,7 @@ func InitRouter(log *logrus.Logger) *gin.Engine {
 	router.GET("/playground", handlers.PlaygroundHandler())
 	router.GET("/oauth_login/:oauth_provider", handlers.OAuthLoginHandler())
 	router.GET("/oauth_callback/:oauth_provider", handlers.OAuthCallbackHandler())
+	router.POST("/oauth_callback/:oauth_provider", handlers.OAuthCallbackHandler())
 	router.GET("/verify_email", handlers.VerifyEmailHandler())
 	// OPEN ID routes
 	router.GET("/.well-known/openid-configuration", handlers.OpenIDConfigurationHandler())
Author	SHA1	Message	Date
Lakhan Samani	fadd9f6168	fix: update scope for apple login	2022-06-14 13:11:39 +05:30
Lakhan Samani	395e2e2a85	fix: update scope for apple login	2022-06-14 12:35:23 +05:30
Lakhan Samani	6335084835	fix: add post method support for oauth callback	2022-06-14 12:17:43 +05:30
Lakhan Samani	eab336cd3d	fix: apple login params	2022-06-14 12:06:46 +05:30