bug fixes, update changelog [#523]

.secrets.baseline

@@ -124,7 +124,7 @@
         "filename": "core/auth/apis.go",
         "hashed_secret": "4d55af37dbbb6a42088d917caa1ca25428ec42c9",
         "is_verified": false,
-        "line_number": 1939
+        "line_number": 1938
       }
     ],
     "core/auth/auth.go": [
@@ -288,5 +288,5 @@
       }
     ]
   },
-  "generated_at": "2022-08-24T20:24:53Z"
+  "generated_at": "2022-08-24T21:08:13Z"
 }

CHANGELOG.md

@@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 ### Added
+- Support for OAuth 2.0 Access Tokens [#523](https://github.com/rokwire/core-building-block/issues/523)
 - Use signature Key ID to check specific key for service account auth [#481](https://github.com/rokwire/core-building-block/issues/481)
 - Include account ID in request logs [#562](https://github.com/rokwire/core-building-block/issues/562)
 - Add system flag to login response [#552](https://github.com/rokwire/core-building-block/issues/552)

core/auth/apis.go

@@ -347,16 +347,15 @@ func (a *Auth) Refresh(refreshToken string, apiKey string, l *logs.Log) (*model.
 		if externalUser != nil {
 			//check if need to update the account data
 			authType, err := a.storage.FindAuthType(loginSession.AuthType.ID)
-			if err != nil || authType == nil {
-				l.Infof("error getting auth type - %s", refreshToken)
-				if err == nil {
-					err = errors.ErrorData(logutils.StatusMissing, model.TypeAuthType, &logutils.FieldArgs{"id": loginSession.AuthType.ID})
-				}
-				return nil, errors.WrapErrorAction("error getting auth type", "", nil, err)
+			if err != nil {
+				return nil, errors.WrapErrorAction(logutils.ActionGet, model.TypeAuthType, nil, err)
+			}
+			if authType == nil {
+				return nil, errors.ErrorData(logutils.StatusMissing, model.TypeAuthType, &logutils.FieldArgs{"id": loginSession.AuthType.ID})
 			}
 			externalIDChanges, err := a.updateDataIfNeeded(*loginSession.AccountAuthType, *externalUser, *authType, loginSession.AppOrg, l)
 			if err != nil {
-				return nil, errors.WrapErrorAction("update account if needed on refresh", "", nil, err)
+				return nil, errors.WrapErrorAction(logutils.ActionUpdate, model.TypeAccount, logutils.StringArgs("refresh"), err)
 			}
 			for k, v := range externalIDChanges {
 				if loginSession.ExternalIDs == nil {

core/auth/auth_type_oauth2.go

@@ -188,22 +188,25 @@ func (o *oauth2AuthConfig) generateState() (string, error) {
 }
 
 type oauth2Token struct {
-	AccessToken string `json:"access_token" validate:"required"`
-	Scope       string `json:"scope" validate:"required"`
-	TokenType   string `json:"token_type" validate:"required"`
+	AccessToken  string `json:"access_token" validate:"required"`
+	RefreshToken string `json:"refresh_token"`
+	TokenType    string `json:"token_type" validate:"required"`
+	Scope        string `json:"scope" validate:"required"`
 }
 
 func (t *oauth2Token) getAuthorizationHeader() string {
 	return fmt.Sprintf("%s %s", t.TokenType, t.AccessToken)
 }
 
 func (t *oauth2Token) getResponse() map[string]interface{} {
-	tokenParams := map[string]interface{}{}
-	tokenParams["access_token"] = t.AccessToken
-	tokenParams["token_type"] = t.TokenType
+	tokenParams := map[string]interface{}{
+		"access_token":  t.AccessToken,
+		"refresh_token": t.RefreshToken,
+		"token_type":    t.TokenType,
+		"scope":         t.Scope,
+	}
 
-	params := map[string]interface{}{}
-	params["oauth2_token"] = tokenParams
+	params := map[string]interface{}{"oauth2_token": tokenParams}
 	return params
 }
 

core/auth/auth_type_oidc.go

@@ -241,14 +241,14 @@ func (t *oidcToken) getAuthorizationHeader() string {
 }
 
 func (t *oidcToken) getResponse() map[string]interface{} {
-	tokenParams := map[string]interface{}{}
-	tokenParams["id_token"] = t.IDToken
-	tokenParams["access_token"] = t.AccessToken
-	tokenParams["refresh_token"] = t.RefreshToken
-	tokenParams["token_type"] = t.TokenType
-
-	params := map[string]interface{}{}
-	params["oidc_token"] = tokenParams
+	tokenParams := map[string]interface{}{
+		"id_token":      t.IDToken,
+		"access_token":  t.AccessToken,
+		"refresh_token": t.RefreshToken,
+		"token_type":    t.TokenType,
+	}
+
+	params := map[string]interface{}{"oidc_token": tokenParams}
 	return params
 }