twitch-bot/internal/actors/spotify/http.go

73 lines
1.9 KiB
Go
Raw Permalink Normal View History

package spotify
import (
"crypto/sha256"
"crypto/sha512"
"encoding/hex"
"fmt"
"net/http"
"net/url"
"strings"
"time"
"github.com/gofrs/uuid"
"github.com/gorilla/mux"
"github.com/sirupsen/logrus"
"golang.org/x/crypto/pbkdf2"
"golang.org/x/oauth2"
)
const (
spotifyRequestTimeout = 2 * time.Second
pkcePBKDFIter = 210000
pkcePBKDFLen = 64
)
var instanceSalt = uuid.Must(uuid.NewV4()).String()
func handleStartAuth(w http.ResponseWriter, r *http.Request) {
channel := mux.Vars(r)["channel"]
pkceVerifier := hex.EncodeToString(pbkdf2.Key([]byte(channel), []byte(instanceSalt), pkcePBKDFIter, pkcePBKDFLen, sha512.New))
redirURL := baseURL.ResolveReference(&url.URL{Path: r.URL.Path})
conf, err := oauthConfig(channel, strings.Split(redirURL.String(), "?")[0])
if err != nil {
logrus.WithError(err).Error("getting Spotify oauth config")
http.Error(w, "unable to get Spotify config for this channel", http.StatusInternalServerError)
return
}
code := r.URL.Query().Get("code")
if code == "" {
http.Redirect(
w, r,
conf.AuthCodeURL(
fmt.Sprintf("%x", sha256.Sum256(append([]byte(conf.ClientID), []byte(channel)...))),
oauth2.S256ChallengeOption(pkceVerifier),
),
http.StatusFound,
)
return
}
token, err := conf.Exchange(
r.Context(),
r.URL.Query().Get("code"),
oauth2.VerifierOption(pkceVerifier),
)
if err != nil {
logrus.WithError(err).Error("getting Spotify oauth token")
http.Error(w, "unable to get Spotify auth token", http.StatusInternalServerError)
return
}
if err = db.StoreEncryptedCoreMeta(strings.Join([]string{"spotify-auth", channel}, ":"), token); err != nil {
logrus.WithError(err).Error("storing Spotify oauth token")
http.Error(w, "unable to store Spotify auth token", http.StatusInternalServerError)
return
}
http.Error(w, "Spotify is now authorized for this channel, you can close this page", http.StatusOK)
}