miniflux/internal/oauth2/authorization.go

// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
// SPDX-License-Identifier: Apache-2.0

package oauth2 // import "miniflux.app/v2/internal/oauth2"

import (
	"crypto/sha256"
	"encoding/base64"
	"io"

	"golang.org/x/oauth2"

	"miniflux.app/v2/internal/crypto"
)

type Authorization struct {
	url          string
	state        string
	codeVerifier string
}

func (u *Authorization) RedirectURL() string {
	return u.url
}

func (u *Authorization) State() string {
	return u.state
}

func (u *Authorization) CodeVerifier() string {
	return u.codeVerifier
}

func GenerateAuthorization(config *oauth2.Config) *Authorization {
	codeVerifier := crypto.GenerateRandomStringHex(32)

	sha2 := sha256.New()
	io.WriteString(sha2, codeVerifier)
	codeChallenge := base64.RawURLEncoding.EncodeToString(sha2.Sum(nil))

	state := crypto.GenerateRandomStringHex(24)

	authUrl := config.AuthCodeURL(
		state,
		oauth2.SetAuthURLParam("code_challenge_method", "S256"),
		oauth2.SetAuthURLParam("code_challenge", codeChallenge),
	)

	return &Authorization{
		url:          authUrl,
		state:        state,
		codeVerifier: codeVerifier,
	}
}
Add OAuth2 PKCE support 2023-09-03 06:35:10 +02:00			`// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.`
			`// SPDX-License-Identifier: Apache-2.0`

			`package oauth2 // import "miniflux.app/v2/internal/oauth2"`

			`import (`
			`"crypto/sha256"`
			`"encoding/base64"`
			`"io"`

			`"golang.org/x/oauth2"`

			`"miniflux.app/v2/internal/crypto"`
			`)`

			`type Authorization struct {`
			`url string`
			`state string`
			`codeVerifier string`
			`}`

			`func (u *Authorization) RedirectURL() string {`
			`return u.url`
			`}`

			`func (u *Authorization) State() string {`
			`return u.state`
			`}`

			`func (u *Authorization) CodeVerifier() string {`
			`return u.codeVerifier`
			`}`

			`func GenerateAuthorization(config oauth2.Config) Authorization {`
			`codeVerifier := crypto.GenerateRandomStringHex(32)`

			`sha2 := sha256.New()`
			`io.WriteString(sha2, codeVerifier)`
			`codeChallenge := base64.RawURLEncoding.EncodeToString(sha2.Sum(nil))`

			`state := crypto.GenerateRandomStringHex(24)`

			`authUrl := config.AuthCodeURL(`
			`state,`
			`oauth2.SetAuthURLParam("code_challenge_method", "S256"),`
			`oauth2.SetAuthURLParam("code_challenge", codeChallenge),`
			`)`

			`return &Authorization{`
			`url: authUrl,`
			`state: state,`
			`codeVerifier: codeVerifier,`
			`}`
			`}`