forked from openshift/osin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuserinfo.go
56 lines (50 loc) · 1.37 KB
/
userinfo.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
package osin
import (
"errors"
"net/http"
"strings"
)
type Claims map[string]interface{}
// func (c *Claims) Set(key string, value string) {
// }
// Return sets of claim by scope name
type ClaimManager interface {
// if parameter empty, return the default claim
GetClaims(scope string, user interface{}) Claims
AvailableScope() []string
}
func (s *Server) HandleUserInfoRequest(w *Response, r *http.Request) {
// Only support POST and GET request
if r.Method != "GET" && r.Method != "POST" && r.Method != "OPTIONS" {
w.SetError(E_INVALID_REQUEST, "")
w.InternalError = errors.New("Request must be GET or POST")
return
}
// Get bearer access token
bearerAuth := CheckBearerAuth(r)
if bearerAuth == nil {
// Invalid token error
w.SetError(E_INVALID_TOKEN, "Invalid Token")
return
}
acessData, err := w.Storage.LoadAccess(bearerAuth.Code)
if err != nil {
w.SetError(E_SERVER_ERROR, "")
w.InternalError = err
return
}
if acessData.IsExpired() {
w.SetError(E_INVALID_TOKEN, "The Access Token expired")
return
}
var userId = acessData.UserData.(string)
acessData.UserData, _ = s.UserStorage.GetUser(userId)
w.Output["sub"] = acessData.UserData.(User).GetSub()
scopes := strings.Split(acessData.Scope, " ")
for _, scope := range scopes {
claims := s.ClaimManager.GetClaims(scope, acessData.UserData)
for k, v := range claims {
w.Output[k] = v
}
}
}