2018-12-15 08:39:04 +00:00
|
|
|
// ignore_for_file: todo
|
|
|
|
|
import 'dart:async';
|
2021-05-30 00:58:03 +00:00
|
|
|
import 'package:angel3_framework/angel3_framework.dart';
|
|
|
|
|
import 'package:angel3_oauth2/angel3_oauth2.dart';
|
2018-12-15 08:39:04 +00:00
|
|
|
|
2021-05-30 00:46:13 +00:00
|
|
|
void main() async {
|
2019-05-02 07:28:38 +00:00
|
|
|
var app = Angel();
|
|
|
|
|
var oauth2 = _ExampleAuthorizationServer();
|
2022-08-27 07:52:28 +00:00
|
|
|
var rgxBearer = RegExp(r'^[Bb]earer ([^\n\s]+)$');
|
2018-12-15 08:39:04 +00:00
|
|
|
|
|
|
|
|
app.group('/auth', (router) {
|
|
|
|
|
router
|
|
|
|
|
..get('/authorize', oauth2.authorizationEndpoint)
|
|
|
|
|
..post('/token', oauth2.tokenEndpoint);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// Assume that all other requests must be authenticated...
|
|
|
|
|
app.fallback((req, res) {
|
|
|
|
|
var authToken =
|
2022-08-27 07:52:28 +00:00
|
|
|
req.headers!.value('authorization')?.replaceAll(rgxBearer, '').trim();
|
2018-12-15 08:39:04 +00:00
|
|
|
|
|
|
|
|
if (authToken == null) {
|
|
|
|
|
throw AngelHttpException.forbidden();
|
|
|
|
|
} else {
|
|
|
|
|
// TODO: The user has a token, now verify it.
|
|
|
|
|
// It is up to you how to store and retrieve auth tokens within your application.
|
|
|
|
|
// The purpose of `package:angel_oauth2` is to provide the transport
|
|
|
|
|
// across which you distribute these tokens in the first place.
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
class ThirdPartyApp {}
|
|
|
|
|
|
|
|
|
|
class User {}
|
|
|
|
|
|
|
|
|
|
/// A [ThirdPartyApp] can act on behalf of a [User].
|
|
|
|
|
class _ExampleAuthorizationServer
|
|
|
|
|
extends AuthorizationServer<ThirdPartyApp, User> {
|
|
|
|
|
@override
|
2021-05-30 00:46:13 +00:00
|
|
|
FutureOr<ThirdPartyApp> findClient(String? clientId) {
|
2018-12-15 08:39:04 +00:00
|
|
|
// TODO: Add your code to find the app associated with a client ID.
|
2019-05-02 07:28:38 +00:00
|
|
|
throw UnimplementedError();
|
2018-12-15 08:39:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@override
|
2021-05-30 00:46:13 +00:00
|
|
|
FutureOr<bool> verifyClient(ThirdPartyApp client, String? clientSecret) {
|
2018-12-15 08:39:04 +00:00
|
|
|
// TODO: Add your code to verify a client secret, if given one.
|
2019-05-02 07:28:38 +00:00
|
|
|
throw UnimplementedError();
|
2018-12-15 08:39:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@override
|
|
|
|
|
FutureOr requestAuthorizationCode(
|
|
|
|
|
ThirdPartyApp client,
|
2021-05-30 00:46:13 +00:00
|
|
|
String? redirectUri,
|
2018-12-15 08:39:04 +00:00
|
|
|
Iterable<String> scopes,
|
|
|
|
|
String state,
|
|
|
|
|
RequestContext req,
|
2019-05-03 07:24:24 +00:00
|
|
|
ResponseContext res,
|
|
|
|
|
bool implicit) {
|
2018-12-15 08:39:04 +00:00
|
|
|
// TODO: In many cases, here you will render a view displaying to the user which scopes are being requested.
|
2019-05-02 07:28:38 +00:00
|
|
|
throw UnimplementedError();
|
2018-12-15 08:39:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@override
|
|
|
|
|
FutureOr<AuthorizationTokenResponse> exchangeAuthorizationCodeForToken(
|
2021-05-30 00:46:13 +00:00
|
|
|
ThirdPartyApp? client,
|
|
|
|
|
String? authCode,
|
|
|
|
|
String? redirectUri,
|
2018-12-15 08:39:04 +00:00
|
|
|
RequestContext req,
|
|
|
|
|
ResponseContext res) {
|
|
|
|
|
// TODO: Here, you'll convert the auth code into a full-fledged token.
|
|
|
|
|
// You might have the auth code stored in a database somewhere.
|
2019-05-02 07:28:38 +00:00
|
|
|
throw UnimplementedError();
|
2018-12-15 08:39:04 +00:00
|
|
|
}
|
|
|
|
|
}
|
