refactor(server): extract func oAuthCodeToUser

2025-12-17 18:31:27 +00:00 · 2023-01-26 04:34:25 +08:00
parent f7b6ff92bf
commit 28e126f2e4
2 changed files with 17 additions and 11 deletions
--- a/internal/app/traefik-github-oauth-server/middleware.go
+++ b/internal/app/traefik-github-oauth-server/middleware.go
@@ -8,6 +8,7 @@ import (
 	"github.com/muxiu1997/traefik-github-oauth-plugin/internal/pkg/constant"
 )

+// NewApiSecretKeyMiddleware returns a middleware that checks the api secret key.
 func NewApiSecretKeyMiddleware(apiSecretKey string) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		if len(apiSecretKey) == 0 {
@@ -18,5 +19,6 @@ func NewApiSecretKeyMiddleware(apiSecretKey string) gin.HandlerFunc {
 		if reqSecretKey != fmt.Sprintf("%s %s", constant.AUTHORIZATION_PREFIX_TOKEN, apiSecretKey) {
 			c.AbortWithStatus(http.StatusUnauthorized)
 		}
+		c.Next()
 	}
 }
--- a/internal/app/traefik-github-oauth-server/router/oauth.go
+++ b/internal/app/traefik-github-oauth-server/router/oauth.go
@@ -21,7 +21,6 @@ func generateOAuthPageURL(app *server.App) gin.HandlerFunc {
 		body := model.RequestGenerateOAuthPageURL{}
 		err := c.BindJSON(&body)
 		if err != nil {
-			c.String(http.StatusBadRequest, err.Error())
 			return
 		}

@@ -56,7 +55,6 @@ func redirect(app *server.App) gin.HandlerFunc {
 		query := model.RequestRedirect{}
 		err := c.BindQuery(&query)
 		if err != nil {
-			c.String(http.StatusBadRequest, err.Error())
 			return
 		}
 		authRequestCache, found := app.AuthRequestManager.Get(query.RID)
@@ -66,14 +64,7 @@ func redirect(app *server.App) gin.HandlerFunc {
 		}
 		authRequest := authRequestCache.(*model.AuthRequest)

-		token, err := app.GitHubOAuthConfig.Exchange(context.Background(), query.Code)
-		if err != nil {
-			c.String(http.StatusInternalServerError, err.Error())
-			return
-		}
-		gitHubApiHttpClient := app.GitHubOAuthConfig.Client(c.Request.Context(), token)
-		gitHubApiClient := github.NewClient(gitHubApiHttpClient)
-		user, _, err := gitHubApiClient.Users.Get(c.Request.Context(), "")
+		user, err := oAuthCodeToUser(c.Request.Context(), app.GitHubOAuthConfig, query.Code)
 		if err != nil {
 			c.String(http.StatusInternalServerError, err.Error())
 			return
@@ -95,7 +86,6 @@ func getAuthResult(app *server.App) gin.HandlerFunc {
 		query := model.RequestGetAuthResult{}
 		err := c.BindQuery(&query)
 		if err != nil {
-			c.String(http.StatusBadRequest, err.Error())
 			return
 		}
 		authRequestCache, found := app.AuthRequestManager.Get(query.RID)
@@ -117,6 +107,20 @@ func getAuthResult(app *server.App) gin.HandlerFunc {
 	}
 }

+func oAuthCodeToUser(ctx context.Context, oAuthConfig *oauth2.Config, code string) (*github.User, error) {
+	token, err := oAuthConfig.Exchange(ctx, code)
+	if err != nil {
+		return nil, err
+	}
+	gitHubApiHttpClient := oAuthConfig.Client(ctx, token)
+	gitHubApiClient := github.NewClient(gitHubApiHttpClient)
+	user, _, err := gitHubApiClient.Users.Get(ctx, "")
+	if err != nil {
+		return nil, err
+	}
+	return user, nil
+}
+
 func buildRedirectURI(apiBaseUrl, rid string) (string, error) {
 	redirectURI, err := url.Parse(apiBaseUrl)
 	if err != nil {