Merge pull request #1845 from flant/minor-linter-fixes
fix: Minor style fixes after merging PKCE implementation
This commit is contained in:
commit
6cdbb59406
@ -62,6 +62,7 @@ type UserMatcher struct {
|
|||||||
GroupAttr string `json:"groupAttr"`
|
GroupAttr string `json:"groupAttr"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Config holds configuration options for LDAP logins.
|
||||||
type Config struct {
|
type Config struct {
|
||||||
// The host and optional port of the LDAP server. If port isn't supplied, it will be
|
// The host and optional port of the LDAP server. If port isn't supplied, it will be
|
||||||
// guessed based on the TLS configuration. 389 or 636.
|
// guessed based on the TLS configuration. 389 or 636.
|
||||||
|
@ -820,7 +820,8 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
|
|||||||
codeChallengeFromStorage := authCode.PKCE.CodeChallenge
|
codeChallengeFromStorage := authCode.PKCE.CodeChallenge
|
||||||
providedCodeVerifier := r.PostFormValue("code_verifier")
|
providedCodeVerifier := r.PostFormValue("code_verifier")
|
||||||
|
|
||||||
if providedCodeVerifier != "" && codeChallengeFromStorage != "" {
|
switch {
|
||||||
|
case providedCodeVerifier != "" && codeChallengeFromStorage != "":
|
||||||
calculatedCodeChallenge, err := s.calculateCodeChallenge(providedCodeVerifier, authCode.PKCE.CodeChallengeMethod)
|
calculatedCodeChallenge, err := s.calculateCodeChallenge(providedCodeVerifier, authCode.PKCE.CodeChallengeMethod)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Error(err)
|
s.logger.Error(err)
|
||||||
@ -831,11 +832,11 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
|
|||||||
s.tokenErrHelper(w, errInvalidGrant, "Invalid code_verifier.", http.StatusBadRequest)
|
s.tokenErrHelper(w, errInvalidGrant, "Invalid code_verifier.", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
} else if providedCodeVerifier != "" {
|
case providedCodeVerifier != "":
|
||||||
// Received no code_challenge on /auth, but a code_verifier on /token
|
// Received no code_challenge on /auth, but a code_verifier on /token
|
||||||
s.tokenErrHelper(w, errInvalidRequest, "No PKCE flow started. Cannot check code_verifier.", http.StatusBadRequest)
|
s.tokenErrHelper(w, errInvalidRequest, "No PKCE flow started. Cannot check code_verifier.", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
} else if codeChallengeFromStorage != "" {
|
case codeChallengeFromStorage != "":
|
||||||
// Received PKCE request on /auth, but no code_verifier on /token
|
// Received PKCE request on /auth, but no code_verifier on /token
|
||||||
s.tokenErrHelper(w, errInvalidGrant, "Expecting parameter code_verifier in PKCE flow.", http.StatusBadRequest)
|
s.tokenErrHelper(w, errInvalidGrant, "Expecting parameter code_verifier in PKCE flow.", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
|
Reference in New Issue
Block a user