-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
120 lines (103 loc) · 3 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
package main
import (
"io/ioutil"
"log"
"net/http"
"net/url"
"os"
"strings"
)
import (
"github.com/gin-contrib/cors"
//"github.com/gin-gonic/autotls"
"github.com/gin-gonic/gin"
)
func main() {
authURL := "https://www.bungie.net/platform/app/oauth/token/"
//Port the application will listen on
port := os.Getenv("PORT")
if port == "" {
log.Fatal("$PORT must be set")
}
//API Key for the Bungie API
apiKey := os.Getenv("API_KEY")
if apiKey == "" {
log.Fatal("API_KEY must be set")
}
//Client ID for the Bungie API OAUTH endpoint
clientID := os.Getenv("CLIENT_ID")
if clientID == "" {
log.Fatal("CLIENT_ID must be set")
}
//Client Secret for the Bungie API OAUTH endpoint
clientSecret := os.Getenv("CLIENT_SECRET")
if clientSecret == "" {
log.Fatal("CLIENT_SECRET must be set")
}
//CORS allowed origins, comma-separated list of origins
corsOrigins := os.Getenv("CORS_ORIGINS")
if corsOrigins == "" {
corsOrigins = "*"
}
AllowedOrigins := strings.Split(corsOrigins, ",")
//create router
r := gin.Default()
//Setup CORS
r.Use(cors.New(cors.Config{
AllowAllOrigins: false,
AllowOrigins: AllowedOrigins,
AllowMethods: []string{"OPTIONS", "GET", "POST", "HEAD"},
AllowHeaders: []string{"Origin", "Accept", "Content-Type"},
AllowCredentials: false,
ExposeHeaders: []string{"Content-Length", "Content-Language", "Content-Type"},
MaxAge: 60,
AllowBrowserExtensions: false,
}))
//Handle base route
r.GET("/", func(c *gin.Context) {
c.String(http.StatusOK, "Authentication Proxy for the bungie.net api")
})
//Proxy authentication request to the Bungie api
//Adds client secret not available in JS frontend
r.POST("/authenticate", func(c *gin.Context) {
var authBody AuthBody
//parse the received body into struct
err := c.ShouldBind(&authBody)
if err != nil {
log.Println("Invalid Post Body sent")
}
//Build the request body
data := url.Values{}
data.Set("grant_type", authBody.GrantType)
data.Set("code", authBody.Code)
data.Set("client_id", clientID)
data.Set("client_secret", clientSecret)
//build the request and set required headers
r, err := http.NewRequest("POST", authURL, strings.NewReader(data.Encode()))
if err != nil {
log.Fatal(err)
}
r.Header.Set("Content-type", "application/x-www-form-urlencoded")
r.Header.Set("X-API-KEY", "")
//execute the request
client := &http.Client{}
resp, err := client.Do(r)
if err != nil {
log.Fatal("Error fetching data from bungie.net API: ", err)
}
//handle the response
if resp != nil {
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Fatal("Invalid response body received from bungie.net API: ", err)
}
c.Data(resp.StatusCode, resp.Header.Get("Content-Type"), body)
}
})
log.Fatal(r.Run(":" + port))
}
type AuthBody struct {
GrantType string `json:"grantType" form:"grant_type" binding:"required"`
Code string `json:"code" form:"code" binding:"required"`
}