chore(release): 1.0.17 [skip ci]

## [1.0.17](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.16...v1.0.17) (2024-03-10) ### Bug Fixes * Remove superfluous response write ([c293406](c29340669c))
Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex
2024-03-10 11:19:45 +00:00 · 2024-03-10 22:16:56 +11:00 · 2024-03-10 22:16:52 +11:00 · 2024-03-10 11:06:31 +00:00 · 2024-03-10 22:03:38 +11:00 · 2024-03-10 22:03:36 +11:00
4 changed files with 76 additions and 13 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,45 @@
+## [1.0.17](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.16...v1.0.17) (2024-03-10)
+
+
+### Bug Fixes
+
+* Remove superfluous response write ([c293406](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/c29340669ce60e19aca391ac19da3b9d275f1687))
+
+## [1.0.16](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.15...v1.0.16) (2024-03-10)
+
+
+### Bug Fixes
+
+* Change oath scopes & direct debugging to console. ([1d026d3](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/1d026d3ec450c94f3e0401d35f858db1627f6ef7))
+
+## [1.0.15](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.14...v1.0.15) (2024-03-10)
+
+
+### Bug Fixes
+
+* Check for existing session w/ token ([ef817dc](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/ef817dc650f36d170bc254158e4a9c789cee6693))
+
+## [1.0.14](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.13...v1.0.14) (2024-03-10)
+
+
+### Bug Fixes
+
+* Add more extensive oauth scope ([9a6e8e2](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/9a6e8e25f29d38dd3e66530d37445a5d5902db56))
+
+## [1.0.13](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.12...v1.0.13) (2024-03-10)
+
+
+### Bug Fixes
+
+* Replace clientSecret value ([446999a](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/446999ac69b38271c15a907beaad5f25b3363d5f))
+
+## [1.0.12](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.11...v1.0.12) (2024-03-10)
+
+
+### Bug Fixes
+
+* Add callback debugging ([774e302](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/commit/774e302ce749f004e97650d05694162780e009d8))
+
 ## [1.0.11](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.10...v1.0.11) (2024-03-10)


--- a/go.mod
+++ b/go.mod
@ -5,6 +5,7 @@ go 1.19
 require (
 	github.com/breml/rootcerts v0.2.16
 	github.com/gorilla/mux v1.8.1
+	github.com/gorilla/sessions v1.2.2
 	github.com/microsoftgraph/msgraph-sdk-go v1.34.0
 	golang.org/x/oauth2 v0.18.0
 )
@ -13,6 +14,7 @@ require (
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	golang.org/x/crypto v0.21.0 // indirect
@ -26,7 +28,7 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect
 	github.com/cjlapao/common-go v0.0.39 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/davecgh/go-spew v1.1.1
 	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/google/uuid v1.6.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -26,10 +26,15 @@ github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg
 github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
 github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
+github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
+github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
+github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
+github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
--- a/pkg/spamasaurusrex/main.go
+++ b/pkg/spamasaurusrex/main.go
@ -2,7 +2,6 @@ package main

 import (
 	"context"
-	"fmt"
 	"log"
 	"net/http"
 	"os"
@ -12,7 +11,9 @@ import (

 	_ "github.com/breml/rootcerts"
 	"github.com/davecgh/go-spew/spew"
+
 	"github.com/gorilla/mux"
+	"github.com/gorilla/sessions"

 	"golang.org/x/oauth2"
 	"golang.org/x/oauth2/microsoft"
@ -20,32 +21,45 @@ import (

 var config = oauth2.Config{
 	ClientID:     "dccb4b93-3f75-4775-a94a-da39216d7daf",
-	ClientSecret: "tiL8Q~qahoaZUck4ZG4sc5w.V_I.1c60bwkW6aYJ",
+	ClientSecret: "XN98Q~Wrp1RfakkihA1BaTKfokOSX9fuB01unanr",
 	Endpoint:     microsoft.AzureADEndpoint("ceeae22e-f163-4ac9-b7c2-45972d3aed4f"),
 	RedirectURL:  "https://alias.spamasaurus.com/callback",
-	Scopes:       []string{"User.Read"},
+	Scopes:       []string{"email", "openid", "profile", "user.read"},
 }

+var sessionStore = sessions.NewCookieStore([]byte("xDDBjhYwyndZty3exGNq2ahE8wHRCR4DfdCJCSoWXAYncfWw2UQDH63QcJ9CkrGx"))
+
 func rootHandler(w http.ResponseWriter, r *http.Request) {
+	session, _ := sessionStore.Get(r, "spamasaurusRex")
+	if token, ok := session.Values["token"]; ok {
+		log.Println(spew.Sdump(token))
+		w.Write([]byte("Token retrieved from session"))
+	} else {
 		url := config.AuthCodeURL("state", oauth2.AccessTypeOffline)
 		http.Redirect(w, r, url, http.StatusFound)
+	}
 }

 func callbackHandler(w http.ResponseWriter, r *http.Request) {
 	// Handle the callback after successful authentication
-	code := r.URL.Query().Get("code")
-	token, err := config.Exchange(r.Context(), code)
+	token, err := config.Exchange(r.Context(), r.URL.Query().Get("code"))
 	if err != nil {
+		if retrieveErr, ok := err.(*oauth2.RetrieveError); ok {
+			log.Println(retrieveErr.ErrorDescription + " (" + retrieveErr.ErrorCode + ")")
+		}
 		http.Error(w, "Error exchanging code for token", http.StatusInternalServerError)
 		return
 	}

-	// Use the token to make MS Graph queries
-	// Example: Fetch user profile information
-	// ...
-	w.Write([]byte(spew.Sdump(token)))
+	// Store the token in the session
+	session, _ := sessionStore.Get(r, "spamasaurusRex")
+	session.Values["token"] = token
+	session.Save(r, w)

-	fmt.Fprintln(w, "Authentication successful!")
+	// w.Write([]byte("Authentication successful!"))
+
+	url := "https://alias.spamasaurus.com"
+	http.Redirect(w, r, url, http.StatusAccepted)
 }

 func healthHandler(w http.ResponseWriter, r *http.Request) {
Author	SHA1	Message	Date
semantic-release-bot	7864ed98e6	chore(release): 1.0.17 [skip ci] ## [1.0.17](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.16...v1.0.17) (2024-03-10) ### Bug Fixes * Remove superfluous response write ([`c293406`](`c29340669c`))	2024-03-10 11:19:45 +00:00
djpbessems	57d7e0cc69	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 31s Details Container & Helm chart / Helm chart (push) Successful in 16s Details Container & Helm chart / Container image (push) Successful in 1m41s Details Container & Helm chart / Semantic Release (push) Successful in 34s Details	2024-03-10 22:16:56 +11:00
djpbessems	c29340669c	fix: Remove superfluous response write	2024-03-10 22:16:52 +11:00
semantic-release-bot	ae06c8fd14	chore(release): 1.0.16 [skip ci] ## [1.0.16](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.15...v1.0.16) (2024-03-10) ### Bug Fixes * Change oath scopes & direct debugging to console. ([`1d026d3`](`1d026d3ec4`))	2024-03-10 11:06:31 +00:00
djpbessems	407895337b	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 31s Details Container & Helm chart / Helm chart (push) Successful in 18s Details Container & Helm chart / Container image (push) Successful in 1m48s Details Container & Helm chart / Semantic Release (push) Successful in 30s Details	2024-03-10 22:03:38 +11:00
djpbessems	1d026d3ec4	fix: Change oath scopes & direct debugging to console.	2024-03-10 22:03:36 +11:00
semantic-release-bot	f4161b47d7	chore(release): 1.0.15 [skip ci] ## [1.0.15](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.14...v1.0.15) (2024-03-10) ### Bug Fixes * Check for existing session w/ token ([`ef817dc`](`ef817dc650`))	2024-03-10 06:37:07 +00:00
djpbessems	b7e8d6ad5a	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 33s Details Container & Helm chart / Helm chart (push) Successful in 17s Details Container & Helm chart / Container image (push) Successful in 1m34s Details Container & Helm chart / Semantic Release (push) Successful in 34s Details	2024-03-10 17:34:22 +11:00
djpbessems	ef817dc650	fix: Check for existing session w/ token	2024-03-10 17:34:20 +11:00
semantic-release-bot	c33b246cf2	chore(release): 1.0.14 [skip ci] ## [1.0.14](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.13...v1.0.14) (2024-03-10) ### Bug Fixes * Add more extensive oauth scope ([`9a6e8e2`](`9a6e8e25f2`))	2024-03-10 06:08:38 +00:00
djpbessems	6d5b17515a	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 32s Details Container & Helm chart / Helm chart (push) Successful in 17s Details Container & Helm chart / Container image (push) Successful in 1m41s Details Container & Helm chart / Semantic Release (push) Successful in 33s Details	2024-03-10 17:05:49 +11:00
djpbessems	9a6e8e25f2	fix: Add more extensive oauth scope	2024-03-10 17:05:47 +11:00
semantic-release-bot	9126817665	chore(release): 1.0.13 [skip ci] ## [1.0.13](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.12...v1.0.13) (2024-03-10) ### Bug Fixes * Replace clientSecret value ([`446999a`](`446999ac69`))	2024-03-10 05:49:55 +00:00
djpbessems	dccca37237	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 34s Details Container & Helm chart / Helm chart (push) Successful in 17s Details Container & Helm chart / Container image (push) Successful in 1m43s Details Container & Helm chart / Semantic Release (push) Successful in 32s Details	2024-03-10 16:47:01 +11:00
djpbessems	446999ac69	fix: Replace clientSecret value	2024-03-10 16:46:59 +11:00
semantic-release-bot	b1f6a4666c	chore(release): 1.0.12 [skip ci] ## [1.0.12](http://gitea.gitea.svc.cluster.local:3000/djpbessems/ContainerImage.SpamasaurusRex/compare/v1.0.11...v1.0.12) (2024-03-10) ### Bug Fixes * Add callback debugging ([`774e302`](`774e302ce7`))	2024-03-10 05:40:08 +00:00
djpbessems	fdf1501152	Merge branch 'main' of https://code.spamasaurus.com/djpbessems/ContainerImage.SpamasaurusRex All checks were successful Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 31s Details Container & Helm chart / Helm chart (push) Successful in 16s Details Container & Helm chart / Container image (push) Successful in 1m40s Details Container & Helm chart / Semantic Release (push) Successful in 32s Details	2024-03-10 16:37:19 +11:00
djpbessems	774e302ce7	fix: Add callback debugging	2024-03-10 16:37:17 +11:00