1 files changed, 23 insertions, 0 deletions

diff --git a/src/main/java/moe/nea/prickly/server/Server.java b/src/main/java/moe/nea/prickly/server/Server.java
index dbea0be..120078a 100644
--- a/src/main/java/moe/nea/prickly/server/Server.java
+++ b/src/main/java/moe/nea/prickly/server/Server.java
@@ -9,13 +9,19 @@ import io.javalin.Javalin;
 import io.javalin.config.JavalinConfig;
 import io.javalin.rendering.template.JavalinJte;
 import java.nio.file.Path;
+import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
 import lombok.extern.slf4j.Slf4j;
+import moe.nea.prickly.auth.Authorizations;
 import moe.nea.prickly.config.Config;
 import moe.nea.prickly.model.AuthorizationRequest;
+import moe.nea.prickly.model.AuthorizeAction;
 import moe.nea.prickly.util.BundleUtil;
+import moe.nea.prickly.util.JsonHelper;
 import moe.nea.prickly.util.OAuthUtil;
+import moe.nea.prickly.util.QueryParameterHelper;
+import org.jspecify.annotations.Nullable;
 
 @Slf4j
 public class Server {
@@ -56,6 +62,23 @@ public class Server {
 							"authorizationRequest",
 							new AuthorizationRequest(responseType, redirectUri, state, scope)));
 		});
+		javalin.post(prefix + "/authorize", ctx -> {
+			var authRequest = JsonHelper.parseFormParam(ctx.formParam("authRequest"), AuthorizationRequest.class);
+			var action = AuthorizeAction.valueOf(ctx.formParam("action"));
+			var map = new HashMap<String, @Nullable String>();
+			map.put("state", authRequest.state());
+			switch (action) {
+				case ACCEPT: // TODO: differentiate authRequest.responseType()
+					map.put("code", Authorizations.createToken(Objects.requireNonNull(ctx.formParam("username"))));
+					break;
+				case DENY:
+					map.put("error", "access_denied");
+					map.put("error_description", "You have denied access to " + application.NAME);
+					break;
+			}
+			ctx.redirect(QueryParameterHelper.appendQuery(authRequest.redirectUri(), map)
+					.toString());
+		});
 	}
 
 	protected void configure(JavalinConfig config) {