forked from mystiq/dex
examples/app: Show refresh token as well
This commit is contained in:
parent
ea4c04fde8
commit
e2c428fc5a
1 changed files with 40 additions and 6 deletions
|
@ -14,10 +14,13 @@ import (
|
|||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/coreos/go-oidc/jose"
|
||||
"github.com/coreos/go-oidc/oauth2"
|
||||
"github.com/coreos/go-oidc/oidc"
|
||||
|
||||
pflag "github.com/coreos/dex/pkg/flag"
|
||||
phttp "github.com/coreos/dex/pkg/http"
|
||||
"github.com/coreos/dex/pkg/log"
|
||||
"github.com/coreos/go-oidc/oidc"
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
@ -104,6 +107,7 @@ func main() {
|
|||
ProviderConfig: cfg,
|
||||
Credentials: cc,
|
||||
RedirectURL: *redirectURL,
|
||||
Scope: append(oidc.DefaultScope, "offline_access"),
|
||||
}
|
||||
|
||||
client, err := oidc.NewClient(ccfg)
|
||||
|
@ -229,21 +233,51 @@ func handleCallbackFunc(c *oidc.Client) http.HandlerFunc {
|
|||
return
|
||||
}
|
||||
|
||||
tok, err := c.ExchangeAuthCode(code)
|
||||
tokens, err := exchangeAuthCode(c, code)
|
||||
if err != nil {
|
||||
phttp.WriteError(w, http.StatusBadRequest, fmt.Sprintf("unable to verify auth code with issuer: %v", err))
|
||||
phttp.WriteError(w, http.StatusBadRequest,
|
||||
fmt.Sprintf("unable to verify auth code with issuer: %v", err))
|
||||
return
|
||||
}
|
||||
|
||||
tok, err := jose.ParseJWT(tokens.IDToken)
|
||||
if err != nil {
|
||||
phttp.WriteError(w, http.StatusBadRequest,
|
||||
fmt.Sprintf("unable to parse JWT: %v", err))
|
||||
return
|
||||
}
|
||||
|
||||
claims, err := tok.Claims()
|
||||
if err != nil {
|
||||
phttp.WriteError(w, http.StatusBadRequest, fmt.Sprintf("unable to construct claims: %v", err))
|
||||
phttp.WriteError(w, http.StatusBadRequest,
|
||||
fmt.Sprintf("unable to construct claims: %v", err))
|
||||
return
|
||||
}
|
||||
|
||||
s := fmt.Sprintf(`<html><body><p>Token: %v</p><p>Claims: %v </p>
|
||||
s := fmt.Sprintf(`
|
||||
<html>
|
||||
<body>
|
||||
<p> Token: %v</p>
|
||||
<p> Claims: %v </p>
|
||||
<a href="/resend?jwt=%s">Resend Verification Email</a>
|
||||
</body></html>`, tok.Encode(), claims, tok.Encode())
|
||||
<p> Refresh Token: %v </p>
|
||||
</body>
|
||||
</html>`, tok.Encode(), claims, tok.Encode(), tokens.RefreshToken)
|
||||
w.Write([]byte(s))
|
||||
}
|
||||
}
|
||||
|
||||
func exchangeAuthCode(c *oidc.Client, code string) (oauth2.TokenResponse, error) {
|
||||
oac, err := c.OAuthClient()
|
||||
if err != nil {
|
||||
return oauth2.TokenResponse{}, err
|
||||
}
|
||||
|
||||
t, err := oac.RequestToken(oauth2.GrantTypeAuthCode, code)
|
||||
if err != nil {
|
||||
return oauth2.TokenResponse{}, err
|
||||
}
|
||||
|
||||
return t, nil
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue