poc of connecting existing application into edx site with openid

Author: ngurajeka

connect.go

@@ -0,0 +1,71 @@
+package auth_backend
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/url"
+
+	"golang.org/x/oauth2"
+)
+
+// Backend is the main part of auth_backend.
+// It stores oauth2.Config, app and edx url configuration
+type Backend struct {
+	conf    *oauth2.Config
+	app_url string
+	edx_url string
+}
+
+// Init to initialize a new backend authentication
+func Init(client_id, client_secret, app_url, edx_url string) *Backend {
+	return &Backend{
+		conf: &oauth2.Config{
+			ClientID:     client_id,
+			ClientSecret: client_secret,
+			RedirectURL:  app_url + URL_REDIRECT,
+			Scopes:       Scopes(),
+			Endpoint: oauth2.Endpoint{
+				AuthURL:  edx_url + URL_AUTHORIZATION,
+				TokenURL: edx_url + URL_ACCESS_TOKEN,
+			},
+		},
+		app_url: app_url,
+		edx_url: edx_url,
+	}
+}
+
+// GetAuthorizationURL return authentication url based on given state
+func (backend *Backend) GetAuthorizationURL(state string) string {
+	return backend.conf.AuthCodeURL(state)
+}
+
+// Authenticate is callback handler when receiving redirection from edx site after successfully login
+func (backend *Backend) Authenticate(receivedState string, values url.Values) (UserInfo, error) {
+	var user UserInfo
+
+	queryState := values.Get("state")
+	if receivedState != queryState {
+		return user, fmt.Errorf("Invalid session state: retrieved: %s; Param: %s", receivedState, queryState)
+	}
+
+	code := values.Get("code")
+	token, err := backend.conf.Exchange(oauth2.NoContext, code)
+	if err != nil {
+		return user, err
+	}
+
+	client := backend.conf.Client(oauth2.NoContext, token)
+	userinfo, err := client.Get(backend.edx_url + URL_USER_INFO)
+	if err != nil {
+		return user, err
+	}
+	defer userinfo.Body.Close()
+
+	data, _ := ioutil.ReadAll(userinfo.Body)
+	if err := json.Unmarshal(data, &user); err != nil {
+		return user, err
+	}
+
+	return user, nil
+}

constant.go

@@ -0,0 +1,29 @@
+package auth_backend
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+)
+
+const (
+	// URL_AUTHORIZATION used to request an authorization
+	URL_AUTHORIZATION = "/oauth2/authorize"
+	// URL_ACCESS_TOKEN used to get a new access token
+	URL_ACCESS_TOKEN = "/oauth2/access_token"
+	// URL_USER_INFO used to retrieve current user information
+	URL_USER_INFO = "/oauth2/user_info/"
+	// URL_REDIRECT used as parameters when requesting an authorization as redirect uri
+	URL_REDIRECT = "/complete/edx-oidc/"
+)
+
+// Scopes return a default scopes for authentication
+func Scopes() []string {
+	return []string{"profile", "email", "openid"}
+}
+
+// RandomToken generate a random string that will be used as state
+func RandomToken(l int) string {
+	b := make([]byte, l)
+	rand.Read(b)
+	return base64.StdEncoding.EncodeToString(b)
+}

user.go

@@ -0,0 +1,13 @@
+package auth_backend
+
+// UserInfo stored user information from user endpoint edx
+type UserInfo struct {
+	TrackingID uint   `json:"user_tracking_id"`
+	Email      string `json:"email"`
+	FamilyName string `json:"family_name"`
+	GivenName  string `json:"given_name"`
+	Locale     string `json:"locale"`
+	Name       string `json:"name'`
+	Username   string `json:"preferred_username"`
+	Sub        string `json:"sub"`
+}