diff --git a/go.mod b/go.mod index 8856a34..59666b2 100644 --- a/go.mod +++ b/go.mod @@ -13,6 +13,8 @@ require ( github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect github.com/golang-jwt/jwt/v5 v5.2.0 // indirect github.com/golang/protobuf v1.5.3 // indirect + github.com/gorilla/securecookie v1.1.2 // indirect + github.com/gorilla/sessions v1.2.2 // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect golang.org/x/crypto v0.21.0 // indirect diff --git a/go.sum b/go.sum index f4010dd..151ff02 100644 --- a/go.sum +++ b/go.sum @@ -30,6 +30,10 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= +github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA= +github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= +github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY= +github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= diff --git a/pkg/spamasaurusrex/main.go b/pkg/spamasaurusrex/main.go index b79f3a4..3aaee48 100644 --- a/pkg/spamasaurusrex/main.go +++ b/pkg/spamasaurusrex/main.go @@ -12,7 +12,9 @@ import ( _ "github.com/breml/rootcerts" "github.com/davecgh/go-spew/spew" + "github.com/gorilla/mux" + "github.com/gorilla/sessions" "golang.org/x/oauth2" "golang.org/x/oauth2/microsoft" @@ -26,9 +28,16 @@ var config = oauth2.Config{ Scopes: []string{"User.Read", "Profile"}, } +var sessionStore = sessions.NewCookieStore([]byte("xDDBjhYwyndZty3exGNq2ahE8wHRCR4DfdCJCSoWXAYncfWw2UQDH63QcJ9CkrGx")) + func rootHandler(w http.ResponseWriter, r *http.Request) { - url := config.AuthCodeURL("state", oauth2.AccessTypeOffline) - http.Redirect(w, r, url, http.StatusFound) + session, _ := sessionStore.Get(r, "spamasaurusRex") + if token, ok := session.Values["token"]; ok { + w.Write([]byte(spew.Sdump(token))) + } else { + url := config.AuthCodeURL("state", oauth2.AccessTypeOffline) + http.Redirect(w, r, url, http.StatusFound) + } } func callbackHandler(w http.ResponseWriter, r *http.Request) { @@ -42,12 +51,15 @@ func callbackHandler(w http.ResponseWriter, r *http.Request) { return } - // Use the token to make MS Graph queries - // Example: Fetch user profile information - // ... - w.Write([]byte(spew.Sdump(token))) + // Store the token in the session + session, _ := sessionStore.Get(r, "spamasaurusRex") + session.Values["token"] = token + session.Save(r, w) fmt.Fprintln(w, "Authentication successful!") + + url := "https://alias.spamasaurus.com" + http.Redirect(w, r, url, http.StatusAccepted) } func healthHandler(w http.ResponseWriter, r *http.Request) {