commit 1f2c1c52e148ef43fd951593cb749a439bbce2cd
author Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Fri Apr 12 07:17:58 2024 +0400
committer gio <gio@v0.dodo.cloud> Fri Apr 12 13:46:22 2024 +0000
tree fef7aaa9e192bd3696480a99dd5cc924a25b3343
parent a40058c6271d54bfb75a30fd883c3de4fa53c27a

auth-ui: auto consent

Change-Id: I466dd8f2fcc7ba4899f02168518899e9f1d60de6

core/auth/ui/main.go

diff --git a/core/auth/ui/main.go b/core/auth/ui/main.go
index 735a685..3f77bc8 100644
--- a/core/auth/ui/main.go
+++ b/core/auth/ui/main.go
@@ -510,11 +510,27 @@
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
-	w.Header().Set("Content-Type", "text/html")
-	if err := s.tmpls.Consent.Execute(w, consent.RequestedScopes); err != nil {
+	username, err := getWhoAmIFromKratos(r.Cookies())
+	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
+	acceptedScopes := consent.RequestedScopes
+	idToken := map[string]string{
+		"username": username,
+		"email":    username + "@" + *emailDomain,
+	}
+	// TODO(gio): is auto consent safe? should such behaviour be configurable?
+	if redirectTo, err := s.hydra.ConsentAccept(r.FormValue("consent_challenge"), acceptedScopes, idToken); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+	} else {
+		http.Redirect(w, r, redirectTo, http.StatusSeeOther)
+	}
+	// w.Header().Set("Content-Type", "text/html")
+	// if err := s.tmpls.Consent.Execute(w, consent.RequestedScopes); err != nil {
+	// 	http.Error(w, err.Error(), http.StatusInternalServerError)
+	// 	return
+	// }
 }
 
 func (s *Server) processConsent(w http.ResponseWriter, r *http.Request) {