Add auth with goth

internal/auth/auth.go

@@ -0,0 +1,40 @@
+package auth
+import (
+  "log"
+  "os"
+  //"github.com/gorilla/sessions"
+  "github.com/joho/godotenv"
+  "github.com/markbates/goth"
+  //"github.com/markbates/goth/gothic"
+  "github.com/markbates/goth/providers/openidConnect"
+)
+
+const (
+  key = "iebdyjckwoevhdixnwgwunrvxuqobetgy"
+  MaxAge = 86400 * 30
+  IsProd = false
+)
+
+func NewAuth() {
+  err := godotenv.Load()
+  if err != nil {log.Fatal("Error loading .env file")}
+  
+  oidcId := os.Getenv("OIDC_ID")
+  oidcSec := os.Getenv("OIDC_SECRET")
+  oidcDiscUrl := os.Getenv("OIDC_DISC_URL")
+  oidcRedirectUrl := "http://localhost:3003/auth/openid-connect/callback"
+/*
+  store := sessions.NewCookieStore([]byte(key))
+  store.MaxAge(MaxAge)
+  store.Options.Path = "/"
+  store.Options.HttpOnly = true
+  store.Options.Secure = IsProd
+
+  gothic.Store = store
+*/
+  openidConnect, err := openidConnect.New(oidcId, oidcSec, oidcRedirectUrl, oidcDiscUrl)
+	if openidConnect == nil || err != nil {
+    log.Fatal("Error setting up oidc")
+	}
+  goth.UseProviders(openidConnect)
+}

internal/server/routes.go

@@ -3,17 +3,30 @@ package server
 import (
 	"encoding/json"
 	"log"
+  "fmt"
+  "context"
 	"net/http"
+  "html/template"
 
 	"github.com/go-chi/chi/v5"
 	"github.com/go-chi/chi/v5/middleware"
+  
+  "github.com/markbates/goth/gothic"
 )
 
 func (s *Server) RegisterRoutes() http.Handler {
 	r := chi.NewRouter()
 	r.Use(middleware.Logger)
 
-	r.Get("/", s.HelloWorldHandler)
+	r.Get("/hello", s.HelloWorldHandler)
+
+	r.Get("/auth/{provider}/callback", s.getAuthCallbackFunc)
+	r.Get("/logout/{provider}", s.getAuthLogout)
+	r.Get("/auth/{provider}", s.getAuthLogin)
+  r.Get("/", func (w http.ResponseWriter, r *http.Request)  {
+    t, _ := template.New("foo").Parse(indexTemplate)
+    t.Execute(w, nil)
+  })
 
 	r.Get("/health", s.healthHandler)
 
@@ -36,3 +49,60 @@ func (s *Server) healthHandler(w http.ResponseWriter, r *http.Request) {
 	jsonResp, _ := json.Marshal(s.db.Health())
 	_, _ = w.Write(jsonResp)
 }
+
+func (s *Server) getAuthCallbackFunc(w http.ResponseWriter, r *http.Request) {
+  provider := chi.URLParam(r, "provider")
+  r = r.WithContext(context.WithValue(context.Background(), "provider", provider))
+
+  user, err := gothic.CompleteUserAuth(w, r)
+  if err != nil {
+    fmt.Fprintln(w, err)
+    return
+  }
+
+  fmt.Println(user)
+  
+  t, _ := template.New("foo").Parse(userTemplate)
+  t.Execute(w, user)
+  //http.Redirect(w, r, "http://localhost:3000", http.StatusFound)
+}
+
+//p.Get("/logout/{provider}", 
+func (s *Server) getAuthLogout(res http.ResponseWriter, req *http.Request) {
+  provider := chi.URLParam(req, "provider")
+  req = req.WithContext(context.WithValue(context.Background(), "provider", provider))
+		gothic.Logout(res, req)
+		res.Header().Set("Location", "/")
+		res.WriteHeader(http.StatusTemporaryRedirect)
+	}
+
+	//p.Get("/auth/{provider}", 
+  func (s *Server) getAuthLogin (res http.ResponseWriter, req *http.Request) {
+  provider := chi.URLParam(req, "provider")
+  req = req.WithContext(context.WithValue(context.Background(), "provider", provider))
+		// try to get the user without re-authenticating
+		if gothUser, err := gothic.CompleteUserAuth(res, req); err == nil {
+			t, _ := template.New("foo").Parse(userTemplate)
+			t.Execute(res, gothUser)
+		} else {
+			gothic.BeginAuthHandler(res, req)
+		}
+	}
+//)
+var indexTemplate = `
+    <p><a href="/auth/openid-connect">Log in with openid connect</a></p>
+`
+
+var userTemplate = `
+<p><a href="/logout/{{.Provider}}">logout</a></p>
+<p>Name: {{.Name}} [{{.LastName}}, {{.FirstName}}]</p>
+<p>Email: {{.Email}}</p>
+<p>NickName: {{.NickName}}</p>
+<p>Location: {{.Location}}</p>
+<p>AvatarURL: {{.AvatarURL}} <img src="{{.AvatarURL}}"></p>
+<p>Description: {{.Description}}</p>
+<p>UserID: {{.UserID}}</p>
+<p>AccessToken: {{.AccessToken}}</p>
+<p>ExpiresAt: {{.ExpiresAt}}</p>
+<p>RefreshToken: {{.RefreshToken}}</p>
+`