From 262a04876b3da0a6d1cadf4c575cfb924f407664 Mon Sep 17 00:00:00 2001 From: Frederico Santos Date: Sat, 1 Jun 2024 16:11:59 +0100 Subject: [PATCH] chore: Add Discord OAuth2 authentication endpoint chore: Update dependencies and clean up code chore: Update dependencies, add Discord OAuth2 authentication endpoint, and clean up code chore: Update dependencies, add Google OAuth2 authentication endpoint, and clean up code Code clean up uniqueness on external account id chore: Add Discord and Google OAuth2 authentication endpoints, and update dependencies code review fixes --- Dockerfile | 1 + api/account/discord.go | 104 +++++++++++++++++++++++++++ api/account/google.go | 97 +++++++++++++++++++++++++ api/account/info.go | 13 +++- api/account/login.go | 25 ++++--- api/auth.go | 30 -------- api/common.go | 1 - api/endpoints.go | 143 ++++++++++++++++++++++++++----------- db/account.go | 75 +++++++++++++++++-- db/db.go | 6 ++ docker-compose.Example.yml | 2 +- go.mod | 17 +---- go.sum | 60 +--------------- rogueserver.go | 22 ++++-- 14 files changed, 428 insertions(+), 168 deletions(-) create mode 100644 api/account/discord.go create mode 100644 api/account/google.go delete mode 100644 api/auth.go diff --git a/Dockerfile b/Dockerfile index 8a07093..02777ec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,6 +23,7 @@ FROM scratch WORKDIR /app COPY --from=builder /src/rogueserver . +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ EXPOSE 8001 diff --git a/api/account/discord.go b/api/account/discord.go new file mode 100644 index 0000000..be249ae --- /dev/null +++ b/api/account/discord.go @@ -0,0 +1,104 @@ +/* + Copyright (C) 2024 Pagefault Games + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +*/ + +package account + +import ( + "encoding/json" + "errors" + "net/http" + "net/url" + "os" +) + +func HandleDiscordCallback(w http.ResponseWriter, r *http.Request) (string, error) { + code := r.URL.Query().Get("code") + gameUrl := os.Getenv("GAME_URL") + if code == "" { + defer http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return "", errors.New("code is empty") + } + + discordId, err := RetrieveDiscordId(code) + if err != nil { + defer http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return "", err + } + + return discordId, nil +} + +func RetrieveDiscordId(code string) (string, error) { + token, err := http.PostForm("https://discord.com/api/oauth2/token", url.Values{ + "client_id": {os.Getenv("DISCORD_CLIENT_ID")}, + "client_secret": {os.Getenv("DISCORD_CLIENT_SECRET")}, + "grant_type": {"authorization_code"}, + "code": {code}, + "redirect_uri": {os.Getenv("DISCORD_CALLBACK_URI")}, + "scope": {"identify"}, + }) + + if err != nil { + return "", err + } + + // extract access_token from token + type TokenResponse struct { + AccessToken string `json:"access_token"` + TokenType string `json:"token_type"` + ExpiresIn int `json:"expires_in"` + Scope string `json:"scope"` + RefreshToken string `json:"refresh_token"` + } + + var tokenResponse TokenResponse + err = json.NewDecoder(token.Body).Decode(&tokenResponse) + if err != nil { + return "", err + } + + access_token := tokenResponse.AccessToken + if access_token == "" { + return "", errors.New("access token is empty") + } + + client := &http.Client{} + req, err := http.NewRequest("GET", "https://discord.com/api/users/@me", nil) + if err != nil { + return "", err + } + + req.Header.Set("Authorization", "Bearer "+access_token) + resp, err := client.Do(req) + if err != nil { + return "", err + } + + defer resp.Body.Close() + + type User struct { + Id string `json:"id"` + } + + var user User + err = json.NewDecoder(resp.Body).Decode(&user) + if err != nil { + return "", err + } + + return user.Id, nil +} diff --git a/api/account/google.go b/api/account/google.go new file mode 100644 index 0000000..b717fc9 --- /dev/null +++ b/api/account/google.go @@ -0,0 +1,97 @@ +/* + Copyright (C) 2024 Pagefault Games + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +*/ + +package account + +import ( + "encoding/json" + "errors" + "net/http" + "net/url" + "os" + + "github.com/golang-jwt/jwt/v5" +) + +func HandleGoogleCallback(w http.ResponseWriter, r *http.Request) (string, error) { + code := r.URL.Query().Get("code") + gameUrl := os.Getenv("GAME_URL") + if code == "" { + defer http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return "", errors.New("code is empty") + } + + googleId, err := RetrieveGoogleId(code) + if err != nil { + defer http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return "", err + } + + return googleId, nil +} + +func RetrieveGoogleId(code string) (string, error) { + token, err := http.PostForm("https://oauth2.googleapis.com/token", url.Values{ + "client_id": {os.Getenv("GOOGLE_CLIENT_ID")}, + "client_secret": {os.Getenv("GOOGLE_CLIENT_SECRET")}, + "code": {code}, + "grant_type": {"authorization_code"}, + "redirect_uri": {os.Getenv("GOOGLE_CALLBACK_URI")}, + }) + + if err != nil { + return "", err + } + defer token.Body.Close() + type TokenResponse struct { + AccessToken string `json:"access_token"` + TokenType string `json:"token_type"` + ExpiresIn int `json:"expires_in"` + IdToken string `json:"id_token"` + RefreshToken string `json:"refresh_token"` + Scope string `json:"scope"` + } + var tokenResponse TokenResponse + err = json.NewDecoder(token.Body).Decode(&tokenResponse) + if err != nil { + return "", err + } + + userId, err := parseJWTWithoutValidation(tokenResponse.IdToken) + if err != nil { + return "", err + } + + return userId, nil +} + +func parseJWTWithoutValidation(idToken string) (string, error) { + parser := jwt.NewParser() + + // Use ParseUnverified to parse the token without validation + parsedJwt, _, err := parser.ParseUnverified(idToken, jwt.MapClaims{}) + if err != nil { + return "", err + } + + claims, ok := parsedJwt.Claims.(jwt.MapClaims) + if !ok { + return "", errors.New("invalid token claims") + } + + return claims.GetSubject() +} diff --git a/api/account/info.go b/api/account/info.go index d76b58f..6802238 100644 --- a/api/account/info.go +++ b/api/account/info.go @@ -23,12 +23,19 @@ import ( type InfoResponse struct { Username string `json:"username"` + DiscordId string `json:"discordId"` + GoogleId string `json:"googleId"` LastSessionSlot int `json:"lastSessionSlot"` } // /account/info - get account info -func Info(username string, uuid []byte) (InfoResponse, error) { +func Info(username string, discordId string, googleId string, uuid []byte) (InfoResponse, error) { slot, _ := db.GetLatestSessionSaveDataSlot(uuid) - - return InfoResponse{Username: username, LastSessionSlot: slot}, nil + response := InfoResponse{ + Username: username, + LastSessionSlot: slot, + DiscordId: discordId, + GoogleId: googleId, + } + return response, nil } diff --git a/api/account/login.go b/api/account/login.go index 5fc3e9c..f9b6034 100644 --- a/api/account/login.go +++ b/api/account/login.go @@ -55,18 +55,25 @@ func Login(username, password string) (LoginResponse, error) { return response, fmt.Errorf("password doesn't match") } - token := make([]byte, TokenSize) - _, err = rand.Read(token) + response.Token, err = GenerateTokenForUsername(username) + if err != nil { return response, fmt.Errorf("failed to generate token: %s", err) } - err = db.AddAccountSession(username, token) - if err != nil { - return response, fmt.Errorf("failed to add account session") - } - - response.Token = base64.StdEncoding.EncodeToString(token) - return response, nil } + +func GenerateTokenForUsername(username string) (string, error) { + token := make([]byte, TokenSize) + _, err := rand.Read(token) + if err != nil { + return "", fmt.Errorf("failed to generate token: %s", err) + } + + err = db.AddAccountSession(username, token) + if err != nil { + return "", fmt.Errorf("failed to add account session") + } + return base64.StdEncoding.EncodeToString(token), nil +} diff --git a/api/auth.go b/api/auth.go deleted file mode 100644 index ddc3cc5..0000000 --- a/api/auth.go +++ /dev/null @@ -1,30 +0,0 @@ -package api - -import ( - "github.com/gorilla/sessions" - "github.com/markbates/goth" - "github.com/markbates/goth/gothic" - "github.com/markbates/goth/providers/discord" -) - -// TODO: actual randomized key for sessions -const ( - key = "randomString" - MaxAge = 86400 * 30 // 30 days - IsProd = false -) - -func InitAuth(discordClientId string, discordClientSecret string, discordCallbackURI string) { - store := sessions.NewCookieStore([]byte(key)) - store.MaxAge(MaxAge) - - store.Options.Path = "/" - store.Options.HttpOnly = true - store.Options.Secure = IsProd - - gothic.Store = store - - goth.UseProviders( - discord.New(discordClientId, discordClientSecret, discordCallbackURI, discord.ScopeIdentify), - ) -} diff --git a/api/common.go b/api/common.go index 80d010f..7e3c2aa 100644 --- a/api/common.go +++ b/api/common.go @@ -65,7 +65,6 @@ func Init(mux *http.ServeMux) error { // auth mux.HandleFunc("/auth/{provider}/callback", handleProviderCallback) - mux.HandleFunc("/auth/{provider}/link", handleProviderLink) mux.HandleFunc("/auth/{provider}/logout", handleProviderLogout) return nil } diff --git a/api/endpoints.go b/api/endpoints.go index ea7d1a5..d7e6cb6 100644 --- a/api/endpoints.go +++ b/api/endpoints.go @@ -19,14 +19,15 @@ package api import ( "database/sql" + "encoding/base64" "encoding/json" "errors" "fmt" - "log" "net/http" + "os" "strconv" + "strings" - "github.com/markbates/goth/gothic" "github.com/pagefaultgames/rogueserver/api/account" "github.com/pagefaultgames/rogueserver/api/daily" "github.com/pagefaultgames/rogueserver/api/savedata" @@ -39,11 +40,6 @@ import ( Handler functions are responsible for checking the validity of this data and returning a result or error. Handlers should not return serialized JSON, instead return the struct itself. */ - -var ( - user = string("") -) - // account func handleAccountInfo(w http.ResponseWriter, r *http.Request) { @@ -58,13 +54,25 @@ func handleAccountInfo(w http.ResponseWriter, r *http.Request) { httpError(w, r, err, http.StatusInternalServerError) return } - - response, err := account.Info(username, uuid) + discordId, err := db.FetchDiscordIdByUsername(username) + if err != nil { + if !errors.Is(err, sql.ErrNoRows) { + httpError(w, r, err, http.StatusInternalServerError) + return + } + } + googleId, err := db.FetchGoogleIdByUsername(username) + if err != nil { + if !errors.Is(err, sql.ErrNoRows) { + httpError(w, r, err, http.StatusInternalServerError) + return + } + } + response, err := account.Info(username, discordId, googleId, uuid) if err != nil { httpError(w, r, err, http.StatusInternalServerError) return } - writeJSON(w, r, response) } @@ -552,51 +560,100 @@ func handleDailyRankingPageCount(w http.ResponseWriter, r *http.Request) { // redirect link after authorizing application link func handleProviderCallback(w http.ResponseWriter, r *http.Request) { - gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil } - - // called again with code after authorization - code := r.URL.Query().Get("code") - if code != "" { - userId, err := db.FetchDiscordIdByUsername(user) - if err != nil { - - } - defer http.Redirect(w, r, "http://localhost:8000", http.StatusSeeOther) + provider := r.PathValue("provider") + state := r.URL.Query().Get("state") + gameUrl := os.Getenv("GAME_URL") + var externalAuthId string + var err error + switch provider { + case "discord": + externalAuthId, err = account.HandleDiscordCallback(w, r) + case "google": + externalAuthId, err = account.HandleGoogleCallback(w, r) + default: + http.Error(w, "invalid provider", http.StatusBadRequest) + return } - gothUser, err := gothic.CompleteUserAuth(w, r) if err != nil { - log.Println("callback err", w, r) + httpError(w, r, err, http.StatusInternalServerError) return - } else { - err := db.AddDiscordAuthByUsername(gothUser.UserID, user) + } + + if state != "" { + state = strings.Replace(state, " ", "+", -1) + stateByte, err := base64.StdEncoding.DecodeString(state) if err != nil { - log.Println("error adding Discord Auth to database") + http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return + } + + userName, err := db.FetchUsernameBySessionToken(stateByte) + if err != nil { + http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return + } + + switch provider { + case "discord": + err = db.AddDiscordIdByUsername(externalAuthId, userName) + case "google": + err = db.AddGoogleIdByUsername(externalAuthId, userName) + } + + if err != nil { + http.Redirect(w, r, gameUrl, http.StatusSeeOther) return } - } - log.Println("user", gothUser.UserID) -} -func handleProviderLink(w http.ResponseWriter, r *http.Request) { - gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil } - username := r.URL.Query().Get("username") - // username recorded prior to authorization - if username != "" { - user = username - } - // try to get the user without re-authenticating - if gothUser, err := gothic.CompleteUserAuth(w, r); err == nil { - log.Print("gothUser:", gothUser.Name) } else { - gothic.BeginAuthHandler(w, r) + var userName string + switch provider { + case "discord": + userName, err = db.FetchUsernameByDiscordId(externalAuthId) + case "google": + userName, err = db.FetchUsernameByGoogleId(externalAuthId) + } + if err != nil { + http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return + } + + sessionToken, err := account.GenerateTokenForUsername(userName) + if err != nil { + http.Redirect(w, r, gameUrl, http.StatusSeeOther) + return + } + + http.SetCookie(w, &http.Cookie{ + Name: "pokerogue_sessionId", + Value: sessionToken, + Path: "/", + }) } + defer http.Redirect(w, r, gameUrl, http.StatusSeeOther) } func handleProviderLogout(w http.ResponseWriter, r *http.Request) { - gothic.GetProviderName = func(r *http.Request) (string, error) { return r.PathValue("provider"), nil } - gothic.Logout(w, r) - w.Header().Set("Location", "/") - w.WriteHeader(http.StatusTemporaryRedirect) + uuid, err := uuidFromRequest(r) + if err != nil { + httpError(w, r, err, http.StatusBadRequest) + return + } + + switch r.PathValue("provider") { + case "discord": + err = db.RemoveDiscordIdByUUID(uuid) + case "google": + err = db.RemoveGoogleIdByUUID(uuid) + default: + http.Error(w, "invalid provider", http.StatusBadRequest) + return + } + if err != nil { + httpError(w, r, err, http.StatusInternalServerError) + return + } + w.WriteHeader(http.StatusOK) } diff --git a/db/account.go b/db/account.go index 346acdd..b78eb4c 100644 --- a/db/account.go +++ b/db/account.go @@ -50,7 +50,7 @@ func AddAccountSession(username string, token []byte) error { return nil } -func AddDiscordAuthByUsername(discordId []byte, username string) error { +func AddDiscordIdByUsername(discordId string, username string) error { _, err := handle.Exec("UPDATE accounts SET discordId = ? WHERE username = ?", discordId, username) if err != nil { return err @@ -59,16 +59,65 @@ func AddDiscordAuthByUsername(discordId []byte, username string) error { return nil } -func FetchDiscordIdByUsername(username string) ([]byte, error) { - var discordId []byte +func AddGoogleIdByUsername(googleId string, username string) error { + _, err := handle.Exec("UPDATE accounts SET googleId = ? WHERE username = ?", googleId, username) + if err != nil { + return err + } + + return nil +} + +func FetchUsernameByDiscordId(discordId string) (string, error) { + var username string + err := handle.QueryRow("SELECT username FROM accounts WHERE discordId = ?", discordId).Scan(&username) + if err != nil { + return "", err + } + + return username, nil +} + +func FetchUsernameByGoogleId(googleId string) (string, error) { + var username string + err := handle.QueryRow("SELECT username FROM accounts WHERE googleId = ?", googleId).Scan(&username) + if err != nil { + return "", err + } + + return username, nil +} + +func FetchDiscordIdByUsername(username string) (string, error) { + var discordId string err := handle.QueryRow("SELECT discordId FROM accounts WHERE username = ?", username).Scan(&discordId) if err != nil { - return nil, err + return "", err } return discordId, nil } +func FetchGoogleIdByUsername(username string) (string, error) { + var googleId string + err := handle.QueryRow("SELECT googleId FROM accounts WHERE username = ?", username).Scan(&googleId) + if err != nil { + return "", err + } + + return googleId, nil +} + +func FetchUsernameBySessionToken(token []byte) (string, error) { + var username string + err := handle.QueryRow("SELECT a.username FROM accounts a JOIN sessions s ON a.uuid = s.uuid WHERE s.token = ?", token).Scan(&username) + if err != nil { + return "", err + } + + return username, nil +} + func UpdateAccountPassword(uuid, key, salt []byte) error { _, err := handle.Exec("UPDATE accounts SET (hash, salt) VALUES (?, ?) WHERE uuid = ?", key, salt, uuid) if err != nil { @@ -257,3 +306,21 @@ func FetchUsernameFromUUID(uuid []byte) (string, error) { return username, nil } + +func RemoveDiscordIdByUUID(uuid []byte) error { + _, err := handle.Exec("UPDATE accounts SET discordId = NULL WHERE uuid = ?", uuid) + if err != nil { + return err + } + + return nil +} + +func RemoveGoogleIdByUUID(uuid []byte) error { + _, err := handle.Exec("UPDATE accounts SET googleId = NULL WHERE uuid = ?", uuid) + if err != nil { + return err + } + + return nil +} diff --git a/db/db.go b/db/db.go index a91a94a..885c3b7 100644 --- a/db/db.go +++ b/db/db.go @@ -97,6 +97,12 @@ func setupDb(tx *sql.Tx) error { // MIGRATION 002 `DROP TABLE accountCompensations`, + + // ---------------------------------- + // MIGRATION 003 + + `ALTER TABLE accounts ADD COLUMN IF NOT EXISTS discordId VARCHAR(32) UNIQUE DEFAULT NULL`, + `ALTER TABLE accounts ADD COLUMN IF NOT EXISTS googleId VARCHAR(32) UNIQUE DEFAULT NULL`, } for _, q := range queries { diff --git a/docker-compose.Example.yml b/docker-compose.Example.yml index f1bcb73..1c74bc6 100644 --- a/docker-compose.Example.yml +++ b/docker-compose.Example.yml @@ -1,6 +1,6 @@ services: server: - command: --debug --dbaddr db --dbuser pokerogue --dbpass pokerogue --dbname pokeroguedb + command: --debug --dbaddr db --dbuser pokerogue --dbpass pokerogue --dbname pokeroguedb --gameurl http://localhost:8000 --callbackuri http://localhost:8001 image: ghcr.io/pagefaultgames/rogueserver:master restart: unless-stopped depends_on: diff --git a/go.mod b/go.mod index ba7d197..81a41a6 100644 --- a/go.mod +++ b/go.mod @@ -8,19 +8,6 @@ require ( golang.org/x/crypto v0.22.0 ) -require ( - github.com/golang/protobuf v1.5.3 // indirect - github.com/gorilla/context v1.1.1 // indirect - github.com/gorilla/mux v1.6.2 // indirect - github.com/gorilla/securecookie v1.1.2 // indirect - golang.org/x/oauth2 v0.17.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/protobuf v1.32.0 // indirect -) +require github.com/golang-jwt/jwt/v5 v5.2.1 -require ( - github.com/gorilla/sessions v1.2.2 - github.com/joho/godotenv v1.5.1 - github.com/markbates/goth v1.79.0 - golang.org/x/sys v0.19.0 // indirect -) +require golang.org/x/sys v0.19.0 // indirect diff --git a/go.sum b/go.sum index 2a35a39..d6d1862 100644 --- a/go.sum +++ b/go.sum @@ -1,66 +1,10 @@ github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8= -github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= -github.com/gorilla/mux v1.6.2 h1:Pgr17XVTNXAk3q/r4CpKzC5xBM/qW1uVLV+IhRZpIIk= -github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA= -github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= -github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY= -github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ= -github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= -github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= -github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= -github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= -github.com/markbates/goth v1.79.0 h1:fUYi9R6VubVEK2bpmXvIUp7xRcxA68i8ovfUQx/i5Qc= -github.com/markbates/goth v1.79.0/go.mod h1:RBD+tcFnXul2NnYuODhnIweOcuVPkBohLfEvutPekcU= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= -golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= diff --git a/rogueserver.go b/rogueserver.go index ef996c1..59bf9ea 100644 --- a/rogueserver.go +++ b/rogueserver.go @@ -44,12 +44,27 @@ func main() { dbaddr := flag.String("dbaddr", "localhost", "database address") dbname := flag.String("dbname", "pokeroguedb", "database name") - discordclientid := flag.String("discordclientid", "1225433195617718315", "Discord Oauth2 Client ID") - discordsecretid := flag.String("discordsecretid", "LxtTMCEeRagl7Rve0goZzUnv4mnT5Xzm", "Discord Oauth2 Client ID") - discordcallbackuri := flag.String("discordcallbackuri", "http://localhost:8001/auth/discord/callback", "Discord Oauth2 Client ID") + discordclientid := flag.String("discordclientid", "dcid", "Discord Oauth2 Client ID") + discordsecretid := flag.String("discordsecretid", "dsid", "Discord Oauth2 Secret ID") + + googleclientid := flag.String("googleclientid", "gcid", "Google Oauth2 Client ID") + googlesecretid := flag.String("googlesecretid", "gsid", "Google Oauth2 Secret ID") + callbackuri := flag.String("callbackuri", "http://localhost:8001/", "Callback URI for Oauth2 Client") + + gameurl := flag.String("gameurl", "https://pokerogue.net", "URL for game server") flag.Parse() + // set discord client id as env variable + os.Setenv("DISCORD_CLIENT_ID", *discordclientid) + os.Setenv("DISCORD_CLIENT_SECRET", *discordsecretid) + os.Setenv("DISCORD_CALLBACK_URI", *callbackuri+"/auth/discord/callback") + + os.Setenv("GOOGLE_CLIENT_ID", *googleclientid) + os.Setenv("GOOGLE_CLIENT_SECRET", *googlesecretid) + os.Setenv("GOOGLE_CALLBACK_URI", *callbackuri+"/auth/google/callback") + os.Setenv("GAME_URL", *gameurl) + // register gob types gob.Register([]interface{}{}) gob.Register(map[string]interface{}{}) @@ -72,7 +87,6 @@ func main() { if err := api.Init(mux); err != nil { log.Fatal(err) } - api.InitAuth(*discordclientid, *discordsecretid, *discordcallbackuri) // start web server handler := prodHandler(mux)