this repo has no description
oauth client: surface error messages from callback URL
+34
+34
atproto/auth/oauth/oauth.go
+34
atproto/auth/oauth/oauth.go
···
21
21
22
22
var jwtExpirationDuration = 30 * time.Second
23
23
24
+
// Returned by [ClientApp.ProcessCallback] if the AS signals an error in the redirect URL parameters, per rfc6749 section 4.1.2.1
25
+
//
26
+
// NOTE: This is untrusted data and should not be e.g. rendered to HTML without appropriate escaping
27
+
type CallbackError struct {
28
+
code string
29
+
description string
30
+
uri *syntax.URI
31
+
}
32
+
33
+
func (e *CallbackError) Error() string {
34
+
res := "callbackError: " + e.code
35
+
if e.description != "" {
36
+
res += ": " + e.description
37
+
}
38
+
if e.uri != nil {
39
+
res += " (" + e.uri.String() + ")"
40
+
}
41
+
return res
42
+
}
43
+
24
44
// Service-level client. Used to establish and refrsh OAuth sessions, but is not itself account or session specific, and can not be used directly to make API calls on behalf of a user.
25
45
type ClientApp struct {
26
46
Client *http.Client
···
579
599
580
600
// High-level helper for completing auth flow: verifies callback query parameters against persisted auth request info, makes initial token request to the auth server, validates account identifier, and persists session data.
581
601
func (app *ClientApp) ProcessCallback(ctx context.Context, params url.Values) (*ClientSessionData, error) {
602
+
603
+
errorCode := params.Get("error")
604
+
if errorCode != "" {
605
+
var errorUri *syntax.URI
606
+
parsedUri, err := syntax.ParseURI(params.Get("error_uri"))
607
+
if err == nil {
608
+
errorUri = &parsedUri
609
+
}
610
+
return nil, &CallbackError{
611
+
code: errorCode,
612
+
description: params.Get("error_description"),
613
+
uri: errorUri,
614
+
}
615
+
}
582
616
583
617
state := params.Get("state")
584
618
authserverURL := params.Get("iss")