loris/lib/business_logic/auth/oauth.dart

import 'dart:convert';

import 'package:http/http.dart' as http;
import 'package:url_launcher/url_launcher.dart';
import '../../global.dart' as global;
import '../../business_logic/settings.dart' as settings;
import 'package:shelf/shelf.dart';
import 'package:shelf/shelf_io.dart' as shelf_io;

class App {
  late String clientSecret;
  late String clientId;
  late String id;
  late String name;
  late String website;
  late String redirectUri;
  App(
      {required this.clientSecret,
      required this.clientId,
      required this.id,
      required this.name,
      required this.website,
      required this.redirectUri});
  factory App.fromJson(Map<String, dynamic> json) {
    return App(
        id: json["id"].toString(),
        name: json["name"].toString(),
        website: json["website"].toString(),
        redirectUri: json["redirect_uri"].toString(),
        clientId: json["client_id"].toString(),
        clientSecret: json["client_secret"].toString());
  }
}

Response readAuthcode(Request request) {
  Map<String, String> params = request.url.queryParameters;
  if (params.containsKey("code") && params["code"] != null) {
    String code = params["code"].toString();
    settings.saveAuthCode(code);
  }
  return Response(200,
      body:
          "<html><head><meta http-equiv='Refresh' content='0; URL=https://example.com/'></head></html>");
}

// returns status code
Future<int> handleFullOauth() async {
  try {
    http.Response response = await doOauthFlow();
    if (response.statusCode != 200) {
      return response.statusCode;
    }

    await settings.saveAuthCode("");
    var handler = const Pipeline().addHandler(readAuthcode);
    var server = await shelf_io.serve(handler, 'localhost', 1312);
    server.idleTimeout = const Duration(minutes: 5);
    await pollCode();
    server.close();
    return 200;
  } catch (e) {
    return 400;
  }
}

Future<String> pollCode() async {
  String code = "";
  while (code == "") {
    await Future.delayed(const Duration(seconds: 3));
    code = await settings.loadAuthCode();
  }
  print(code);
  return code;
}

Future<http.Response> doOauthFlow() async {
  String url = await settings.loadInstanceUrl();
  try {
    http.Response response = await registerApp(url);
    print(response.body);
    openBrowserForAuthCode(url, App.fromJson(jsonDecode(response.body)));
    return response;
  } catch (e) {
    return http.Response(jsonEncode({}), 404);
  }
}

Future<http.Response> registerApp(String baseurl) async {
  //String url = baseurl Uri."api/v1/apps";
  Uri url = Uri.https(baseurl, "/api/v1/apps");
  final response = await http.post(url,
      headers: global.defaultHeaders,
      body: jsonEncode({
        'client_name': global.name,
        'redirect_uris': "http://localhost:1312",
        'scopes': "read write",
        'website': global.website
      }));
  return response;
}

void openBrowserForAuthCode(String baseurl, App app) {
  Uri url = Uri(
      scheme: "https",
      path: "$baseurl/oauth/authorize",
      // ignore: prefer_interpolation_to_compose_strings
      query: "client_id=" +
          app.clientId +
          "&scope=read+write" +
          "&redirect_uri=http://localhost:1312" +
          "&response_type=code");
  launchUrl(url);
}