Merge pull request #438 from bobbyrullo/nicer_example

examples/app: Show refresh token as well
This commit is contained in:
bobbyrullo 2016-05-06 13:14:50 -07:00
commit 594c54553f

View file

@ -14,10 +14,13 @@ import (
"os" "os"
"time" "time"
"github.com/coreos/go-oidc/jose"
"github.com/coreos/go-oidc/oauth2"
"github.com/coreos/go-oidc/oidc"
pflag "github.com/coreos/dex/pkg/flag" pflag "github.com/coreos/dex/pkg/flag"
phttp "github.com/coreos/dex/pkg/http" phttp "github.com/coreos/dex/pkg/http"
"github.com/coreos/dex/pkg/log" "github.com/coreos/dex/pkg/log"
"github.com/coreos/go-oidc/oidc"
) )
func main() { func main() {
@ -104,6 +107,7 @@ func main() {
ProviderConfig: cfg, ProviderConfig: cfg,
Credentials: cc, Credentials: cc,
RedirectURL: *redirectURL, RedirectURL: *redirectURL,
Scope: append(oidc.DefaultScope, "offline_access"),
} }
client, err := oidc.NewClient(ccfg) client, err := oidc.NewClient(ccfg)
@ -229,21 +233,51 @@ func handleCallbackFunc(c *oidc.Client) http.HandlerFunc {
return return
} }
tok, err := c.ExchangeAuthCode(code) tokens, err := exchangeAuthCode(c, code)
if err != nil { if err != nil {
phttp.WriteError(w, http.StatusBadRequest, fmt.Sprintf("unable to verify auth code with issuer: %v", err)) phttp.WriteError(w, http.StatusBadRequest,
fmt.Sprintf("unable to verify auth code with issuer: %v", err))
return
}
tok, err := jose.ParseJWT(tokens.IDToken)
if err != nil {
phttp.WriteError(w, http.StatusBadRequest,
fmt.Sprintf("unable to parse JWT: %v", err))
return return
} }
claims, err := tok.Claims() claims, err := tok.Claims()
if err != nil { if err != nil {
phttp.WriteError(w, http.StatusBadRequest, fmt.Sprintf("unable to construct claims: %v", err)) phttp.WriteError(w, http.StatusBadRequest,
fmt.Sprintf("unable to construct claims: %v", err))
return return
} }
s := fmt.Sprintf(`<html><body><p>Token: %v</p><p>Claims: %v </p> s := fmt.Sprintf(`
<html>
<body>
<p> Token: %v</p>
<p> Claims: %v </p>
<a href="/resend?jwt=%s">Resend Verification Email</a> <a href="/resend?jwt=%s">Resend Verification Email</a>
</body></html>`, tok.Encode(), claims, tok.Encode()) <p> Refresh Token: %v </p>
</body>
</html>`, tok.Encode(), claims, tok.Encode(), tokens.RefreshToken)
w.Write([]byte(s)) w.Write([]byte(s))
} }
} }
func exchangeAuthCode(c *oidc.Client, code string) (oauth2.TokenResponse, error) {
oac, err := c.OAuthClient()
if err != nil {
return oauth2.TokenResponse{}, err
}
t, err := oac.RequestToken(oauth2.GrantTypeAuthCode, code)
if err != nil {
return oauth2.TokenResponse{}, err
}
return t, nil
}