From a752b364fb0e2948332be0fca1b7cd98cc09efca Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Fri, 16 Aug 2024 08:00:00 +0800 Subject: [PATCH] Further cleanup --- main.go | 57 +++++++++++++++++++++------------------------------------ oidc.go | 22 ++++++++++++++++++++++ 2 files changed, 43 insertions(+), 36 deletions(-) rewrite main.go (67%) diff --git a/main.go b/main.go dissimilarity index 67% index e1543c5..e5ad98f 100644 --- a/main.go +++ b/main.go @@ -1,36 +1,21 @@ -package main - -import ( - "fmt" -) - -func main() { - fbfp_get_config("fbfp.scfg") - - fmt.Println(config) - - openid_configuration_response := get_openid_config(config.Openid.Endpoint) - - /* - * TODO: Check what this is supposed to do at all - */ - state := random(20) - - /* - * TODO: Handle nonces and anti-replay. Incremental nonces would be - * nice on memory and speed (depending on how maps are implemented in - * Go, hopefully it's some sort of btree), but that requires either - * hacky atomics or having a multiple goroutines to handle - * authentication, neither of which are desirable. - */ - nonce := random(20) - - fmt.Println(fmt.Sprintf( - "%s?client_id=%s&response_type=id_token&redirect_uri=%s&response_mode=form_post&scope=openid&state=%s&nonce=%s", - *(openid_configuration_response.AuthorizationEndpoint), - config.Openid.Client, - config.Openid.RedirectUri, - state, - nonce, - )) -} +package main + +import ( + "fmt" +) + +func main() { + fbfp_get_config("fbfp.scfg") + + fmt.Println(config) + + openid_configuration_response := get_openid_config(config.Openid.Endpoint) + + openid_authorization_url := generate_authorization_url( + *(openid_configuration_response.AuthorizationEndpoint), + config.Openid.Client, + config.Openid.RedirectUri, + ) + + fmt.Println(openid_authorization_url) +} diff --git a/oidc.go b/oidc.go index 559fcd6..b8c3a7f 100644 --- a/oidc.go +++ b/oidc.go @@ -39,3 +39,25 @@ func get_openid_config(endpoint string) openid_configuration_response_t { e(err) return o } + +func generate_authorization_url( + authorization_endpoint string, + client_id string, + redirect_uri string, +) string { + /* + * TODO: Handle nonces and anti-replay. Incremental nonces would be + * nice on memory and speed (depending on how maps are implemented in + * Go, hopefully it's some sort of btree), but that requires either + * hacky atomics or having a multiple goroutines to handle + * authentication, neither of which are desirable. + */ + nonce := random(30) + return fmt.Sprintf( + "%s?client_id=%s&response_type=id_token&redirect_uri=%s&response_mode=form_post&scope=openid&nonce=%s", + authorization_endpoint, + config.Openid.Client, + config.Openid.RedirectUri, + nonce, + ) +} -- 2.11.4.GIT