fixed invalid JSON

added more oAuth stuff

README.md

@@ -39,14 +39,14 @@ The configuration is a yaml based file of key value pairs. It is located in the
 ```json
 {
     "General": {
-        "DBPath": "main.db", // Location of the bolt DB database
+        "DBPath": "main.db",
-        "ListenAddr": ":8080", // Listen address of the http server (IP:Port)
+        "ListenAddr": ":8080",
-        "ShortedIDLength": 4 // Length of the random generated ID
+        "ShortedIDLength": 4
     },
     "OAuth": {
         "Google": {
-          "ClientID": "", // Google client ID
+          "ClientID": "",
-          "ClientSecret": "" // Google client secret
+          "ClientSecret": ""
         }
     }
 }
@@ -137,6 +137,8 @@ Next changes sorted by priority
 - [ ] Add Deletion functionality (depends on the authorization)
 - [ ] Refactore Unit Tests
 - [ ] Performance optimization
+- [ ] Update configuration
+- [ ] Increase code coverage
 - [ ] Add ability to track the visitors (Referrer, maybe also live)
 - [ ] Create Makefile for building everything
 - [ ] Test docker-compose installation

handlers/auth.go

@@ -68,20 +68,13 @@ func (h *Handler) handleGoogleCheck(c *gin.Context) {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
-	// to the callback, providing flexibility.
+	token, err := jwt.ParseWithClaims(data.Token, &jwtClaims{}, func(token *jwt.Token) (interface{}, error) {
-	token, err := jwt.Parse(data.Token, func(token *jwt.Token) (interface{}, error) {
-		// Don't forget to validate the alg is what you expect:
-		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
-			return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
-		}
-
 		return h.config.Secret, nil
 	})
-	if claims, ok := token.Claims.(jwtClaims); ok && token.Valid {
+	if claims, ok := token.Claims.(*jwtClaims); ok && token.Valid {
-		fmt.Println(claims.OAuthID, claims.OAuthProvider)
 		c.JSON(http.StatusOK, claims)
 	} else {
-		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 	}
 }
 
@@ -89,7 +82,7 @@ func (h *Handler) handleGoogleCallback(c *gin.Context) {
 	session := sessions.Default(c)
 	retrievedState := session.Get("state")
 	if retrievedState != c.Query("state") {
-		c.JSON(http.StatusUnauthorized, gin.H{"error": fmt.Errorf("Invalid session state: %s", retrievedState)})
+		c.JSON(http.StatusUnauthorized, gin.H{"error": fmt.Sprintf("Invalid session state: %s", retrievedState)})
 		return
 	}
 

handlers/handlers_test.go

@@ -245,8 +245,10 @@ func getBackend() (func(), error) {
 	if err != nil {
 		return nil, errors.Wrap(err, "could not create store")
 	}
-	handler := New(config.Handlers{
+	handler, err := New(config.Handlers{
 		ListenAddr: ":8080",
+		Secret:     []byte(""),
+		BaseURL:    "http://127.0.0.1",
 	}, *store)
 	if err != nil {
 		return nil, errors.Wrap(err, "could not create handler")

static/src/App/App.js

@@ -28,6 +28,17 @@ class ContainerExampleContainer extends Component {
   onAuthCallback = data => {
     window.removeEventListener('onAuthCallback', this.onAuthCallback);
     var token = data.detail.token;
+    fetch("/api/v1/check", {
+      method: "POST",
+      body: JSON.stringify({
+        Token: token
+      }),
+      headers: {
+        'Accept': 'application/json',
+        'Content-Type': 'application/json'
+      }
+    }).then(res => res.text())
+      .then(d => console.log(d))
   }
 
   onAuthClick = () => {
@@ -37,7 +48,7 @@ class ContainerExampleContainer extends Component {
       wHeight = 500;
     var wLeft = (window.screen.width / 2) - (wwidth / 2);
     var wTop = (window.screen.height / 2) - (wHeight / 2);
-    window.open("/api/v1/login", "", `width=${wwidth}, height=${wHeight}, top=${wTop}, left=${wLeft}, menubar=0, toolbar=0`)
+    window.open("/api/v1/login", "", `width=${wwidth}, height=${wHeight}, top=${wTop}, left=${wLeft}`)
   }
 
   render() {