summaryrefslogtreecommitdiff
path: root/lib/lsg_web/controllers/open_id_controller.ex
diff options
context:
space:
mode:
Diffstat (limited to 'lib/lsg_web/controllers/open_id_controller.ex')
-rw-r--r--lib/lsg_web/controllers/open_id_controller.ex64
1 files changed, 0 insertions, 64 deletions
diff --git a/lib/lsg_web/controllers/open_id_controller.ex b/lib/lsg_web/controllers/open_id_controller.ex
deleted file mode 100644
index d3fef5d..0000000
--- a/lib/lsg_web/controllers/open_id_controller.ex
+++ /dev/null
@@ -1,64 +0,0 @@
-defmodule NolaWeb.OpenIdController do
- use NolaWeb, :controller
- plug NolaWeb.ContextPlug, restrict: :public
- require Logger
-
- def login(conn, _) do
- url = OAuth2.Client.authorize_url!(new_client(), scope: "openid", state: Base.url_encode64(:crypto.strong_rand_bytes(32), padding: false))
- redirect(conn, external: url)
- end
-
- def callback(conn, %{"error" => error_code, "error_description" => error}) do
- Logger.warn("OpenId error: #{error_code} #{error}")
- render(conn, "error.html", error: error)
- end
-
- def callback(conn, %{"code" => code, "state" => state}) do
- with \
- client = %{token: %OAuth2.AccessToken{access_token: json}} = OAuth2.Client.get_token!(new_client(), state: state, code: code),
- {:ok, %{"access_token" => token}} <- Jason.decode(json),
- client = %OAuth2.Client{client | token: %OAuth2.AccessToken{access_token: token}},
- {:ok, %OAuth2.Response{body: body}} <- OAuth2.Client.get(client, "/userinfo"),
- {:ok, %{"sub" => id, "preferred_username" => username}} <- Jason.decode(body)
- do
- if account = conn.assigns.account do
- if !IRC.Account.get_meta(account, "identity-id") do # XXX: And oidc id not linked yet
- IRC.Account.put_meta(account, "identity-id", id)
- end
- IRC.Account.put_meta(account, "identity-username", username)
- conn
- else
- conn
- end
-
- conn
- |> put_session(:oidc_id, id)
- |> put_flash(:info, "Logged in!")
- |> redirect(to: Routes.path(conn, "/"))
- else
- {:error, %OAuth2.Response{status_code: 401}} ->
- Logger.error("OpenID: Unauthorized token")
- render(conn, "error.html", error: "The token is invalid.")
- {:error, %OAuth2.Error{reason: reason}} ->
- Logger.error("Error: #{inspect reason}")
- render(conn, "error.html", error: reason)
- end
- end
-
- def callback(conn, _params) do
- render(conn, "error.html", error: "Unspecified error.")
- end
-
- defp new_client() do
- config = Application.get_env(:nola, :oidc)
- OAuth2.Client.new([
- strategy: OAuth2.Strategy.AuthCode,
- client_id: config[:client_id],
- client_secret: config[:client_secret],
- site: config[:base_url],
- authorize_url: config[:authorize_url],
- token_url: config[:token_url],
- redirect_uri: Routes.open_id_url(NolaWeb.Endpoint, :callback)
- ])
- end
-end
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-30 16:34:18 +0000