Browse code
partial work done, wrong computer for dev
Ed L authored on 17/10/2015 14:28:17
Showing 1 changed files
Showing 1 changed files
... | ... |
@@ -157,6 +157,40 @@ |
157 | 157 |
(saved-state (gethash :state session))) |
158 | 158 |
(equal saved-state received-state))) |
159 | 159 |
|
160 |
+(defmacro auth-entry-point (name endpoint-schema) |
|
161 |
+ `(defun ,name (params) |
|
162 |
+ (declare (ignore params)) |
|
163 |
+ (with-session-values (state endpoint-schema) (context :session) |
|
164 |
+ (setf state (gen-state 36) |
|
165 |
+ endpoint-schema ,endpoint-schema) |
|
166 |
+ (with-endpoints ,endpoint-schema |
|
167 |
+ (multiple-value-bind (content rcode headers uri) (do-auth-request ,endpoint-schema state) |
|
168 |
+ (declare (ignore headers)) |
|
169 |
+ (if (< rcode 400) `(302 (:location ,(format nil "~a" uri))) |
|
170 |
+ content)))))) |
|
171 |
+ |
|
172 |
+(defmacro def-callback-generator (name generator-args callback-args &body body) |
|
173 |
+ `(defun ,name ,generator-args |
|
174 |
+ (lambda ,callback-args |
|
175 |
+ ,@body))) |
|
176 |
+ |
|
177 |
+(defmacro reject-when-state-invalid (params &body body) |
|
178 |
+ (alexandria:with-gensyms (received-state) |
|
179 |
+ (alexandria:once-only (params) |
|
180 |
+ `(let ((,received-state (cdr (string-assoc "state" ,params)))) |
|
181 |
+ (if (not (valid-state ,received-state)) |
|
182 |
+ '(403 '() "Out, vile imposter!") |
|
183 |
+ ,@body))))) |
|
184 |
+ |
|
185 |
+(defmacro auth-callback-skeleton (params (&key endpoint-schema auth-session-vars) &body body) |
|
186 |
+ (alexandria:with-gensyms (session) |
|
187 |
+ (alexandria:once-only (params endpoint-schema) |
|
188 |
+ `(reject-when-state-invalid ,params |
|
189 |
+ (with-endpoints ,endpoint-schema |
|
190 |
+ (my-with-context-variables ((,session session)) |
|
191 |
+ (with-session-values ,auth-session-vars ,session |
|
192 |
+ ,@body))))))) |
|
193 |
+ |
|
160 | 194 |
(define-condition user-not-logged-in (error) ()) |
161 | 195 |
|
162 | 196 |
(defmacro my-with-context-variables ((&rest vars) &body body) |
... | ... |
@@ -236,58 +270,31 @@ |
236 | 270 |
(drakma:http-request endpoint |
237 | 271 |
:parameters `(("alt" . "json") |
238 | 272 |
("access_token" . ,access-token)))))) |
239 |
-(defmacro auth-entry-point (name endpoint-schema) |
|
240 |
- `(defun ,name (params) |
|
241 |
- (declare (ignore params)) |
|
242 |
- (with-session-values (state endpoint-schema) (context :session) |
|
243 |
- (setf state (gen-state 36) |
|
244 |
- endpoint-schema ,endpoint-schema) |
|
245 |
- (with-endpoints ,endpoint-schema |
|
246 |
- (multiple-value-bind (content rcode headers uri) (do-auth-request ,endpoint-schema state) |
|
247 |
- (declare (ignore headers)) |
|
248 |
- (if (< rcode 400) `(302 (:location ,(format nil "~a" uri))) |
|
249 |
- content)))))) |
|
250 | 273 |
|
251 | 274 |
(auth-entry-point google-login-entry *goog-endpoint-schema*) |
252 | 275 |
(auth-entry-point facebook-login-entry *fbook-endpoint-schema*) |
253 | 276 |
|
254 |
-(defmacro def-callback-generator (name generator-args callback-args &body body) |
|
255 |
- `(defun ,name ,generator-args |
|
256 |
- (lambda ,callback-args |
|
257 |
- ,@body))) |
|
258 |
- |
|
259 |
-(defmacro reject-when-state-invalid (params &body body) |
|
260 |
- (alexandria:with-gensyms (received-state) |
|
261 |
- (alexandria:once-only (params) |
|
262 |
- `(let ((,received-state (cdr (string-assoc "state" ,params)))) |
|
263 |
- (if (not (valid-state ,received-state)) |
|
264 |
- '(403 '() "Out, vile imposter!") |
|
265 |
- ,@body))))) |
|
266 |
- |
|
267 |
-(defmacro auth-callback-skeleton (params (&key endpoint-schema auth-session-vars) &body body) |
|
268 |
- (alexandria:with-gensyms (session) |
|
269 |
- (alexandria:once-only (params endpoint-schema) |
|
270 |
- `(reject-when-state-invalid ,params |
|
271 |
- (with-endpoints ,endpoint-schema |
|
272 |
- (my-with-context-variables ((,session session)) |
|
273 |
- (with-session-values ,auth-session-vars ,session |
|
274 |
- ,@body))))))) |
|
275 |
- |
|
276 | 277 |
(flet ((get-code (params) (assoc-cdr "code" params #'equal))) |
277 | 278 |
|
278 | 279 |
(def-callback-generator google-callback (get-app-user-cb) (params) |
279 |
- (auth-callback-skeleton params (:endpoint-schema *goog-endpoint-schema* |
|
280 |
- :auth-session-vars (accesstoken userinfo idtoken app-user)) |
|
281 |
- (flet ((get-real-access-token (a-t) (assoc-cdr :access--token a-t)) |
|
282 |
- (get-id-token (a-t) (cljwt:decode (assoc-cdr :id--token a-t) :fail-if-unsupported nil))) |
|
283 |
- (let* ((a-t (get-access-token *goog-endpoint-schema* (get-code params))) |
|
284 |
- (access-token (get-real-access-token a-t)) |
|
285 |
- (id-token (get-id-token a-t)) |
|
286 |
- (user-info (get-user-info *goog-endpoint-schema* access-token))) |
|
287 |
- (setf accesstoken access-token |
|
288 |
- app-user (funcall get-app-user-cb user-info id-token access-token) |
|
289 |
- idtoken id-token |
|
290 |
- userinfo user-info) |
|
280 |
+ |
|
281 |
+ (labels ((get-real-access-token (a-t) (assoc-cdr :access--token a-t)) |
|
282 |
+ (get-id-token (a-t) (cljwt:decode (assoc-cdr :id--token a-t) :fail-if-unsupported nil)) |
|
283 |
+ (get-login-data (a-t) |
|
284 |
+ (let ((access-token (get-real-access-token a-t))) |
|
285 |
+ (values access-token |
|
286 |
+ (get-user-info *goog-endpoint-schema* access-token) |
|
287 |
+ (get-id-token a-t))))) |
|
288 |
+ |
|
289 |
+ (let ((a-t (get-access-token *goog-endpoint-schema* (get-code params)))) |
|
290 |
+ (auth-callback-skeleton params (:endpoint-schema *goog-endpoint-schema* |
|
291 |
+ :auth-session-vars (accesstoken userinfo idtoken app-user)) |
|
292 |
+ (multiple-value-bind (access-token user-info id-token) (get-login-data a-t) |
|
293 |
+ (setf |
|
294 |
+ accesstoken access-token |
|
295 |
+ userinfo user-info |
|
296 |
+ idtoken id-token |
|
297 |
+ app-user (funcall get-app-user-cb user-info id-token access-token))) |
|
291 | 298 |
'(302 (:location "/")))))) |
292 | 299 |
|
293 | 300 |
(def-callback-generator facebook-callback (get-app-user-cb) (params) |
... | ... |
@@ -297,7 +304,8 @@ |
297 | 304 |
(let* ((a-t (get-access-token *fbook-endpoint-schema* (get-code params))) |
298 | 305 |
(id-token (get-id-token a-t)) |
299 | 306 |
(user-info (get-user-info *fbook-endpoint-schema* id-token))) |
300 |
- (setf accesstoken a-t |
|
307 |
+ (setf |
|
308 |
+ accesstoken a-t |
|
301 | 309 |
app-user (funcall get-app-user-cb user-info id-token a-t) |
302 | 310 |
idtoken id-token |
303 | 311 |
userinfo user-info) |