authorization controller setup for OAuth

maorleger · May 6, 2017 · 4573ec4 · 4573ec4
1 parent 36dffcd
commit 4573ec4
Show file tree

Hide file tree

Showing 7 changed files with 93 additions and 6 deletions.
diff --git a/.gitignore b/.gitignore
@@ -31,3 +31,6 @@ dist/
 
 # generated elm file
 web/static/js/main.js
+
+# local setup files
+local.sh
diff --git a/mix.exs b/mix.exs
@@ -19,7 +19,7 @@ defmodule Tracker2x2.Mixfile do
   def application do
     [mod: {Tracker2x2, []},
      applications: [:phoenix, :phoenix_pubsub, :phoenix_html, :cowboy, :logger, :gettext,
-                    :phoenix_ecto, :postgrex]]
+                    :phoenix_ecto, :postgrex, :oauth2]]
   end
 
   # Specifies which paths to compile per environment.
@@ -37,7 +37,8 @@ defmodule Tracker2x2.Mixfile do
      {:phoenix_html, "~> 2.6"},
      {:phoenix_live_reload, "~> 1.0", only: :dev},
      {:gettext, "~> 0.11"},
-     {:cowboy, "~> 1.0"}]
+     {:cowboy, "~> 1.0"},
+     {:oauth2, "~> 0.3"}]
   end
 
   # Aliases are shortcuts or tasks specific to the current project.

diff --git a/mix.lock b/mix.lock
@@ -1,12 +1,18 @@
-%{"connection": {:hex, :connection, "1.0.4", "a1cae72211f0eef17705aaededacac3eb30e6625b04a6117c1b2db6ace7d5976", [:mix], []},
+%{"certifi": {:hex, :certifi, "1.1.0", "c9b71a547016c2528a590ccfc28de786c7edb74aafa17446b84f54e04efc00ee", [:rebar3], []},
+  "connection": {:hex, :connection, "1.0.4", "a1cae72211f0eef17705aaededacac3eb30e6625b04a6117c1b2db6ace7d5976", [:mix], []},
   "cowboy": {:hex, :cowboy, "1.1.2", "61ac29ea970389a88eca5a65601460162d370a70018afe6f949a29dca91f3bb0", [:rebar3], [{:cowlib, "~> 1.0.2", [hex: :cowlib, optional: false]}, {:ranch, "~> 1.3.2", [hex: :ranch, optional: false]}]},
   "cowlib": {:hex, :cowlib, "1.0.2", "9d769a1d062c9c3ac753096f868ca121e2730b9a377de23dec0f7e08b1df84ee", [:make], []},
   "db_connection": {:hex, :db_connection, "1.1.2", "2865c2a4bae0714e2213a0ce60a1b12d76a6efba0c51fbda59c9ab8d1accc7a8", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, optional: false]}, {:poolboy, "~> 1.5", [hex: :poolboy, optional: true]}, {:sbroker, "~> 1.0", [hex: :sbroker, optional: true]}]},
   "decimal": {:hex, :decimal, "1.3.1", "157b3cedb2bfcb5359372a7766dd7a41091ad34578296e951f58a946fcab49c6", [:mix], []},
   "ecto": {:hex, :ecto, "2.1.4", "d1ba932813ec0e0d9db481ef2c17777f1cefb11fc90fa7c142ff354972dfba7e", [:mix], [{:db_connection, "~> 1.1", [hex: :db_connection, optional: true]}, {:decimal, "~> 1.2", [hex: :decimal, optional: false]}, {:mariaex, "~> 0.8.0", [hex: :mariaex, optional: true]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, optional: true]}, {:poolboy, "~> 1.5", [hex: :poolboy, optional: false]}, {:postgrex, "~> 0.13.0", [hex: :postgrex, optional: true]}, {:sbroker, "~> 1.0", [hex: :sbroker, optional: true]}]},
   "fs": {:hex, :fs, "0.9.2", "ed17036c26c3f70ac49781ed9220a50c36775c6ca2cf8182d123b6566e49ec59", [:rebar], []},
   "gettext": {:hex, :gettext, "0.13.1", "5e0daf4e7636d771c4c71ad5f3f53ba09a9ae5c250e1ab9c42ba9edccc476263", [:mix], []},
+  "hackney": {:hex, :hackney, "1.8.0", "8388a22f4e7eb04d171f2cf0285b217410f266d6c13a4c397a6c22ab823a486c", [:rebar3], [{:certifi, "1.1.0", [hex: :certifi, optional: false]}, {:idna, "4.0.0", [hex: :idna, optional: false]}, {:metrics, "1.0.1", [hex: :metrics, optional: false]}, {:mimerl, "1.0.2", [hex: :mimerl, optional: false]}, {:ssl_verify_fun, "1.1.1", [hex: :ssl_verify_fun, optional: false]}]},
+  "idna": {:hex, :idna, "4.0.0", "10aaa9f79d0b12cf0def53038547855b91144f1bfcc0ec73494f38bb7b9c4961", [:rebar3], []},
+  "metrics": {:hex, :metrics, "1.0.1", "25f094dea2cda98213cecc3aeff09e940299d950904393b2a29d191c346a8486", [:rebar3], []},
   "mime": {:hex, :mime, "1.1.0", "01c1d6f4083d8aa5c7b8c246ade95139620ef8effb009edde934e0ec3b28090a", [:mix], []},
+  "mimerl": {:hex, :mimerl, "1.0.2", "993f9b0e084083405ed8252b99460c4f0563e41729ab42d9074fd5e52439be88", [:rebar3], []},
+  "oauth2": {:hex, :oauth2, "0.9.1", "cac86d87f35ec835bfe4c791263bdb88c0d8bf1617d64f555ede4e9d913e35ef", [:mix], [{:hackney, "~> 1.7", [hex: :hackney, optional: false]}]},
   "phoenix": {:hex, :phoenix, "1.2.3", "b68dd6a7e6ff3eef38ad59771007d2f3f344988ea6e658e9b2c6ffb2ef494810", [:mix], [{:cowboy, "~> 1.0", [hex: :cowboy, optional: true]}, {:phoenix_pubsub, "~> 1.0", [hex: :phoenix_pubsub, optional: false]}, {:plug, "~> 1.4 or ~> 1.3.3 or ~> 1.2.4 or ~> 1.1.8 or ~> 1.0.5", [hex: :plug, optional: false]}, {:poison, "~> 1.5 or ~> 2.0", [hex: :poison, optional: false]}]},
   "phoenix_ecto": {:hex, :phoenix_ecto, "3.2.3", "450c749876ff1de4a78fdb305a142a76817c77a1cd79aeca29e5fc9a6c630b26", [:mix], [{:ecto, "~> 2.1", [hex: :ecto, optional: false]}, {:phoenix_html, "~> 2.9", [hex: :phoenix_html, optional: true]}, {:plug, "~> 1.0", [hex: :plug, optional: false]}]},
   "phoenix_html": {:hex, :phoenix_html, "2.9.3", "1b5a2122cbf743aa242f54dced8a4f1cc778b8bd304f4b4c0043a6250c58e258", [:mix], [{:plug, "~> 1.0", [hex: :plug, optional: false]}]},
@@ -16,4 +22,5 @@
   "poison": {:hex, :poison, "2.2.0", "4763b69a8a77bd77d26f477d196428b741261a761257ff1cf92753a0d4d24a63", [:mix], []},
   "poolboy": {:hex, :poolboy, "1.5.1", "6b46163901cfd0a1b43d692657ed9d7e599853b3b21b95ae5ae0a777cf9b6ca8", [:rebar], []},
   "postgrex": {:hex, :postgrex, "0.13.2", "2b88168fc6a5456a27bfb54ccf0ba4025d274841a7a3af5e5deb1b755d95154e", [:mix], [{:connection, "~> 1.0", [hex: :connection, optional: false]}, {:db_connection, "~> 1.1", [hex: :db_connection, optional: false]}, {:decimal, "~> 1.0", [hex: :decimal, optional: false]}]},
-  "ranch": {:hex, :ranch, "1.3.2", "e4965a144dc9fbe70e5c077c65e73c57165416a901bd02ea899cfd95aa890986", [:rebar3], []}}
+  "ranch": {:hex, :ranch, "1.3.2", "e4965a144dc9fbe70e5c077c65e73c57165416a901bd02ea899cfd95aa890986", [:rebar3], []},
+  "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.1", "28a4d65b7f59893bc2c7de786dec1e1555bd742d336043fe644ae956c3497fbe", [:make, :rebar], []}}
diff --git a/web/controllers/auth_controller.ex b/web/controllers/auth_controller.ex
@@ -0,0 +1,57 @@
+defmodule Tracker2x2.AuthController do
+  use Tracker2x2.Web, :controller
+
+  def index(conn, %{"provider" => provider}) do
+    redirect conn, external: authorize_url!(provider)
+  end
+
+  def callback(conn, %{"provider" => provider, "code" => code} = params) do
+    client = get_token!(provider, code)
+    user = get_user!(provider, client)
+
+    conn
+    |> put_session(:current_user, user)
+    |> put_session(:access_token, client.token.access_token)
+    |> redirect(to: "/")
+  end
+
+  defp authorize_url!("google") do
+    Google.authorize_url!(scope: "https://www.googleapis.com/auth/userinfo.email")
+  end
+
+  defp authorize_url!("github") do
+    GitHub.authorize_url!
+  end
+
+  defp authorize_url!(url) do
+    raise "No matching provider for #{url} in authorize_url!"
+  end
+
+  defp get_token!("google", code) do
+    IO.puts "in get_token!"
+    Google.get_token!(code: code)
+  end
+
+  defp get_token!("github", code) do
+    GitHub.get_token!(code: code)
+  end
+
+  defp get_token!(provider, code) do
+    raise "No matching provider for #{provider} with code #{code} in get_token!"
+  end
+
+  defp get_user!("google", client) do
+    IO.puts "in google callback"
+    IO.inspect client
+    user_url = "https://www.googleapis.com/plus/v1/people/me/openIdConnect"
+    %{body: user} = OAuth2.Client.get!(client, user_url)
+    %{name: user["name"]}
+  end
+
+  defp get_user!("github", client) do
+    IO.puts "in github callback"
+    IO.inspect client
+    %{body: user} = OAuth2.Client.get!(client, "https://api.github.com/user")
+    %{name: user["name"], avatar: user["avatar_url"]}
+  end
+end
diff --git a/web/controllers/page_controller.ex b/web/controllers/page_controller.ex
@@ -2,6 +2,8 @@ defmodule Tracker2x2.PageController do
   use Tracker2x2.Web, :controller
 
   def index(conn, _params) do
-    render conn, "index.html"
+    conn
+    |> assign(:current_user, get_session(conn, :current_user))
+    |> render("index.html")
   end
 end
diff --git a/web/router.ex b/web/router.ex
@@ -19,6 +19,13 @@ defmodule Tracker2x2.Router do
     get "/", PageController, :index
   end
 
+  scope "/auth", Tracker2x2 do
+    pipe_through :browser
+
+    get "/:provider", AuthController, :index
+    get "/:provider/callback", AuthController, :callback
+  end
+
   # Other scopes may use custom stacks.
   # scope "/api", Tracker2x2 do
   #   pipe_through :api

diff --git a/web/templates/page/index.html.eex b/web/templates/page/index.html.eex
@@ -1 +1,11 @@
-<div id="elm-main"></div>
+<%= if @current_user do %>
+  <%# <div id="elm-main"></div> %>
+  <div><%= @current_user.name %></div>
+<% else %>
+  <%= link to: auth_path(@conn, :index, "google"), class: "btn btn-primary" do %>
+    Sign in with Google
+  <% end %>
+  <%= link to: auth_path(@conn, :index, "github"), class: "btn btn-primary" do %>
+    Sign in with github
+  <% end %>
+<% end %>