From b57c2511e9c2597a37e643fe9ece3b985d7cd5a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Benouarets?= Date: Tue, 27 Jan 2026 16:37:19 +0100 Subject: [PATCH] feat(auth): Add /token endpoint to request a access token --- app/controllers/token.go | 2 +- app/middlewares/auth.go | 4 +++- app/services/authorize.go | 4 ++++ app/services/userinfo.go | 1 + 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/app/controllers/token.go b/app/controllers/token.go index 059443e..31d854f 100644 --- a/app/controllers/token.go +++ b/app/controllers/token.go @@ -29,7 +29,7 @@ func TokenController(c *fiber.Ctx) error { return utils.NewHTTPResponse(fiber.StatusBadRequest, &fiber.Map{"error": err.Error()}, "", nil, nil).Send(c) } - masterlog.Debug("Token request validated", map[string]interface{}{"path": c.Path()}) + masterlog.Debug("Token request validated", map[string]interface{}{"path": c.Path(), "body": request}) response := services.Token(request.ClientID, request.GrantType, request.Code, request.RedirectURI, request.ClientSecret) masterlog.Debug("Token response sent", map[string]interface{}{"path": c.Path()}) diff --git a/app/middlewares/auth.go b/app/middlewares/auth.go index 453880e..44ab4dd 100644 --- a/app/middlewares/auth.go +++ b/app/middlewares/auth.go @@ -14,10 +14,12 @@ import ( func AuthMiddleware() fiber.Handler { return func(c *fiber.Ctx) error { - if slices.Contains(config.CONFIG.UnprotectedEndpoints, c.Path()) { + tokenEndpoint := "/token" + if slices.Contains(config.CONFIG.UnprotectedEndpoints, c.Path()) || c.Path() == tokenEndpoint { masterlog.Debug("Unprotected endpoint", map[string]interface{}{"path": c.Path()}) return c.Next() } + authHeader := c.Get("Authorization") if authHeader == "" { masterlog.Debug("No token provided", map[string]interface{}{"path": c.Path(), "authorization": c.Get("Authorization")}) diff --git a/app/services/authorize.go b/app/services/authorize.go index cf18651..64ded00 100644 --- a/app/services/authorize.go +++ b/app/services/authorize.go @@ -45,6 +45,10 @@ func Authorize(userID, clientID, redirectURI, responseType, scope, state string) authorizationCodeString := fmt.Sprintf("%s:%s", authorizationID.String(), authorizationCode) authorizationCodeBase64 := base64.StdEncoding.EncodeToString([]byte(authorizationCodeString)) + masterlog.Debug("Authorization created successfully", map[string]interface{}{"authorization_id": authorizationID.String(), "authorization_code": authorizationCode, "client_id": clientID}) + masterlog.Debug("Authorization code base64", map[string]interface{}{"authorization_code_base64": authorizationCodeBase64}) + masterlog.Debug("State", map[string]interface{}{"state": state}) + response := AuthorizeResponse{ Code: authorizationCodeBase64, State: state, diff --git a/app/services/userinfo.go b/app/services/userinfo.go index e69de29..5e568ea 100644 --- a/app/services/userinfo.go +++ b/app/services/userinfo.go @@ -0,0 +1 @@ +package services