Add support for Authorization header during code exchange

This commit is contained in:
Ivan R. 2024-10-17 00:12:16 +05:00
parent c9668ff1ef
commit fbb33369a8
Signed by: lumin
GPG key ID: E0937DC7CD6D3817

View file

@ -77,12 +77,9 @@ defmodule ComfycampWeb.OauthController do
end
end
def token(conn, %{
"code" => code_value,
"redirect_uri" => redirect_uri,
"client_id" => client_id,
"client_secret" => client_secret
}) do
def token(conn, params = %{"code" => code_value, "redirect_uri" => redirect_uri}) do
{:ok, client_id, client_secret} = get_client_info(conn, params)
# Check that code is still valid and redirect uri has not been altered.
%OIDCCode{redirect_uri: ^redirect_uri} = code = SSO.get_oidc_code!(code_value)
@ -112,6 +109,25 @@ defmodule ComfycampWeb.OauthController do
render(conn, :openid_discovery)
end
@doc """
Extract client id and client secret from request parameters or headers.
Returns {:ok, "client_id", "client_secret"} on success.
"""
def get_client_info(_conn, %{"client_id" => client_id, "client_secret" => client_secret}) do
{:ok, client_id, client_secret}
end
def get_client_info(conn, _params) do
with [header] <- Plug.Conn.get_req_header(conn, "authorization"),
"Basic " <> b64 <- header,
{:ok, keys} <- Base.decode64(b64),
[client_id, client_secret] <- String.split(keys, ":") do
{:ok, client_id, client_secret}
else
_ -> {:error, "Invalid Authorization header"}
end
end
defp build_redirect_uri(redirect_uri, code, state) do
parsed_uri = URI.parse(redirect_uri)