fix: add comment for scope

fix: remove debug logs
fix: redirect
2022-06-14 15:47:08 +05:30 · 2022-06-14 15:45:06 +05:30 · 2022-06-14 15:43:23 +05:30 · 2022-06-14 15:05:56 +05:30
3 changed files with 13 additions and 15 deletions
--- a/server/handlers/oauth_callback.go
+++ b/server/handlers/oauth_callback.go
@@ -225,7 +225,7 @@ func OAuthCallbackHandler() gin.HandlerFunc {
 			redirectURL = redirectURL + "?" + strings.TrimPrefix(params, "&")
 		}

-		c.Redirect(http.StatusTemporaryRedirect, redirectURL)
+		c.Redirect(http.StatusFound, redirectURL)
 	}
 }

@@ -462,8 +462,6 @@ func processAppleUserInfo(code string) (models.User, error) {
 		return user, fmt.Errorf("invalid apple exchange code: %s", err.Error())
 	}

-	fmt.Println("=> token", oauth2Token.AccessToken)
-
 	// Extract the ID Token from OAuth2 token.
 	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
 	if !ok {
@@ -471,8 +469,6 @@ func processAppleUserInfo(code string) (models.User, error) {
 		return user, fmt.Errorf("unable to extract id_token")
 	}

-	fmt.Println("=> rawIDToken", rawIDToken)
-
 	tokenSplit := strings.Split(rawIDToken, ".")
 	claimsData := tokenSplit[1]
 	decodedClaimsData, err := crypto.DecryptB64(claimsData)
@@ -480,7 +476,6 @@ func processAppleUserInfo(code string) (models.User, error) {
 		log.Debug("Failed to decrypt claims data: ", err)
 		return user, fmt.Errorf("failed to decrypt claims data: %s", err.Error())
 	}
-	fmt.Println("=> decoded claims data", decodedClaimsData)

 	claims := make(map[string]interface{})
 	err = json.Unmarshal([]byte(decodedClaimsData), &claims)
@@ -489,8 +484,6 @@ func processAppleUserInfo(code string) (models.User, error) {
 		return user, fmt.Errorf("failed to unmarshal claims data: %s", err.Error())
 	}

-	fmt.Println("=> claims", claims)
-
 	if val, ok := claims["email"]; !ok {
 		log.Debug("Failed to extract email from claims.")
 		return user, fmt.Errorf("unable to extract email, please check the scopes enabled for your app. It needs `email`, `name` scopes")
@@ -500,11 +493,16 @@ func processAppleUserInfo(code string) (models.User, error) {

 	if val, ok := claims["name"]; ok {
 		nameData := val.(map[string]interface{})
-		givenName := nameData["firstName"].(string)
-		familyName := nameData["lastName"].(string)
+		if nameVal, ok := nameData["firstName"]; ok {
+			givenName := nameVal.(string)
 			user.GivenName = &givenName
+		}
+
+		if nameVal, ok := nameData["lastName"]; ok {
+			familyName := nameVal.(string)
 			user.FamilyName = &familyName
 		}
+	}

 	return user, err
 }
--- a/server/handlers/oauth_login.go
+++ b/server/handlers/oauth_login.go
@@ -184,8 +184,9 @@ func OAuthLoginHandler() gin.HandlerFunc {
 				return
 			}
 			oauth.OAuthProviders.AppleConfig.RedirectURL = hostname + "/oauth_callback/" + constants.SignupMethodApple
-			// Scope from the root config was not passed for apple login
-			url := oauth.OAuthProviders.AppleConfig.AuthCodeURL(oauthStateString, oauth2.SetAuthURLParam("response_mode", "form_post"), oauth2.SetAuthURLParam("scope", "name%20email"))
+			// there is scope encoding issue with oauth2 and how apple expects, hence added scope manually
+			// check: https://github.com/golang/oauth2/issues/449
+			url := oauth.OAuthProviders.AppleConfig.AuthCodeURL(oauthStateString, oauth2.SetAuthURLParam("response_mode", "form_post")) + "&scope=name email"
 			c.Redirect(http.StatusTemporaryRedirect, url)
 		default:
 			log.Debug("Invalid oauth provider: ", provider)
--- a/server/oauth/oauth.go
+++ b/server/oauth/oauth.go
@@ -130,7 +130,6 @@ func InitOAuth() error {
 				AuthURL:  "https://appleid.apple.com/auth/authorize",
 				TokenURL: "https://appleid.apple.com/auth/token",
 			},
-			Scopes: []string{"name%20email"},
 		}
 	}
Author	SHA1	Message	Date
Lakhan Samani	be59c3615f	fix: add comment for scope	2022-06-14 15:47:08 +05:30
Lakhan Samani	db351f7771	fix: remove debug logs	2022-06-14 15:45:06 +05:30
Lakhan Samani	91c29c4092	fix: redirect	2022-06-14 15:43:23 +05:30
Lakhan Samani	415b97535e	fix: update scope param	2022-06-14 15:05:56 +05:30