platform/packages/oauth2/example/main.dart

77 lines
2.3 KiB
Dart
Raw Normal View History

2018-12-15 08:39:04 +00:00
// ignore_for_file: todo
import 'dart:async';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_oauth2/protevus_oauth2.dart';
2018-12-15 08:39:04 +00:00
void main() async {
var app = Protevus();
2019-05-02 07:28:38 +00:00
var oauth2 = _ExampleAuthorizationServer();
2022-08-27 07:52:28 +00:00
var rgxBearer = RegExp(r'^[Bb]earer ([^\n\s]+)$');
2018-12-15 08:39:04 +00:00
app.group('/auth', (router) {
router
..get('/authorize', oauth2.authorizationEndpoint)
..post('/token', oauth2.tokenEndpoint);
});
// Assume that all other requests must be authenticated...
app.fallback((req, res) {
var authToken =
2022-08-27 07:52:28 +00:00
req.headers!.value('authorization')?.replaceAll(rgxBearer, '').trim();
2018-12-15 08:39:04 +00:00
if (authToken == null) {
throw ProtevusHttpException.forbidden();
2018-12-15 08:39:04 +00:00
} else {
// TODO: The user has a token, now verify it.
// It is up to you how to store and retrieve auth tokens within your application.
// The purpose of `package:angel_oauth2` is to provide the transport
// across which you distribute these tokens in the first place.
}
});
}
class ThirdPartyApp {}
class User {}
/// A [ThirdPartyApp] can act on behalf of a [User].
class _ExampleAuthorizationServer
extends AuthorizationServer<ThirdPartyApp, User> {
@override
FutureOr<ThirdPartyApp> findClient(String? clientId) {
2018-12-15 08:39:04 +00:00
// TODO: Add your code to find the app associated with a client ID.
2019-05-02 07:28:38 +00:00
throw UnimplementedError();
2018-12-15 08:39:04 +00:00
}
@override
FutureOr<bool> verifyClient(ThirdPartyApp client, String? clientSecret) {
2018-12-15 08:39:04 +00:00
// TODO: Add your code to verify a client secret, if given one.
2019-05-02 07:28:38 +00:00
throw UnimplementedError();
2018-12-15 08:39:04 +00:00
}
@override
FutureOr requestAuthorizationCode(
ThirdPartyApp client,
String? redirectUri,
2018-12-15 08:39:04 +00:00
Iterable<String> scopes,
String state,
RequestContext req,
2019-05-03 07:24:24 +00:00
ResponseContext res,
bool implicit) {
2018-12-15 08:39:04 +00:00
// TODO: In many cases, here you will render a view displaying to the user which scopes are being requested.
2019-05-02 07:28:38 +00:00
throw UnimplementedError();
2018-12-15 08:39:04 +00:00
}
@override
FutureOr<AuthorizationTokenResponse> exchangeAuthorizationCodeForToken(
ThirdPartyApp? client,
String? authCode,
String? redirectUri,
2018-12-15 08:39:04 +00:00
RequestContext req,
ResponseContext res) {
// TODO: Here, you'll convert the auth code into a full-fledged token.
// You might have the auth code stored in a database somewhere.
2019-05-02 07:28:38 +00:00
throw UnimplementedError();
2018-12-15 08:39:04 +00:00
}
}