From 1eb567cd6d193704fe5d392bfe540f17aa4d5231 Mon Sep 17 00:00:00 2001
From: Ivan Reshetnikov <admin@comfycamp.space>
Date: Tue, 10 Sep 2024 01:40:05 +0500
Subject: [PATCH] feat(oauth): login confirmation page

---
 .../controllers/oauth_controller.ex           | 44 +++++++++++++++++++
 lib/comfycamp_web/controllers/oauth_html.ex   | 16 +++++++
 lib/comfycamp_web/router.ex                   |  4 +-
 3 files changed, 63 insertions(+), 1 deletion(-)
 create mode 100644 lib/comfycamp_web/controllers/oauth_controller.ex
 create mode 100644 lib/comfycamp_web/controllers/oauth_html.ex

diff --git a/lib/comfycamp_web/controllers/oauth_controller.ex b/lib/comfycamp_web/controllers/oauth_controller.ex
new file mode 100644
index 0000000..d64eeba
--- /dev/null
+++ b/lib/comfycamp_web/controllers/oauth_controller.ex
@@ -0,0 +1,44 @@
+defmodule ComfycampWeb.OauthController do
+  use ComfycampWeb, :controller
+
+  alias Comfycamp.SSO
+  alias Comfycamp.SSO.OIDCApp
+
+  def confirm(conn, %{"client_id" => client_id, "response_type" => "code"} = params) do
+    app = %OIDCApp{enabled: true} = SSO.get_oidc_app!(client_id)
+
+    render(conn, :confirm,
+      page_title: "Подтвердите вход",
+      app_name: app.name,
+      params: URI.encode_query(params)
+    )
+  end
+
+  def generate_code(conn, %{"client_id" => client_id, "redirect_uri" => redirect_uri} = params) do
+    %OIDCApp{enabled: true} = SSO.get_oidc_app!(client_id)
+
+    uri = build_redirect_uri(redirect_uri, "test_code", params["state"])
+    redirect(conn, external: uri)
+  end
+
+  defp build_redirect_uri(redirect_uri, code, state) do
+    parsed_uri = URI.parse(redirect_uri)
+
+    query =
+      build_query_params(code, state)
+      |> URI.encode_query()
+
+    %{parsed_uri | query: query}
+    |> URI.to_string()
+  end
+
+  defp build_query_params(code, state) do
+    params = %{"code" => code}
+
+    if state do
+      Map.put(params, "state", state)
+    else
+      params
+    end
+  end
+end
diff --git a/lib/comfycamp_web/controllers/oauth_html.ex b/lib/comfycamp_web/controllers/oauth_html.ex
new file mode 100644
index 0000000..1836192
--- /dev/null
+++ b/lib/comfycamp_web/controllers/oauth_html.ex
@@ -0,0 +1,16 @@
+defmodule ComfycampWeb.OauthHTML do
+  use ComfycampWeb, :html
+
+  def confirm(assigns) do
+    ~H"""
+    <h1>Подтвердите вход</h1>
+    <p>Приложению "<%= @app_name %>" будут доступны:</p>
+    <ul>
+      <li>Логин</li>
+      <li>Email</li>
+    </ul>
+
+    <.link href={"/oauth/generate_code?#{@params}"} method="POST">Разрешить доступ</.link>
+    """
+  end
+end
diff --git a/lib/comfycamp_web/router.ex b/lib/comfycamp_web/router.ex
index f71aba5..83e9cd2 100644
--- a/lib/comfycamp_web/router.ex
+++ b/lib/comfycamp_web/router.ex
@@ -28,7 +28,6 @@ defmodule ComfycampWeb.Router do
     get "/cinema", CinemaController, :index
   end
 
-  # Other scopes may use custom stacks.
   # scope "/api", ComfycampWeb do
   #   pipe_through :api
   # end
@@ -69,6 +68,9 @@ defmodule ComfycampWeb.Router do
   scope "/", ComfycampWeb do
     pipe_through [:browser, :require_authenticated_user]
 
+    get "/oauth", OauthController, :confirm
+    post "/oauth/generate_code", OauthController, :generate_code
+
     live_session :require_authenticated_user,
       on_mount: [{ComfycampWeb.UserAuth, :ensure_authenticated}] do
       live "/users/settings", UserSettingsLive, :edit