use PreferredUsername
Signed-off-by: Rui Yang <ryang@pivotal.io>
This commit is contained in:
Rui Yang
Rui Yang
parent
a087c05ebf
commit
930b331a5b
@ -14,9 +14,10 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"golang.org/x/oauth2"
|
||||||
|
|
||||||
"github.com/dexidp/dex/connector"
|
"github.com/dexidp/dex/connector"
|
||||||
"github.com/dexidp/dex/pkg/log"
|
"github.com/dexidp/dex/pkg/log"
|
||||||
"golang.org/x/oauth2"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type oauthConnector struct {
|
type oauthConnector struct {
|
||||||
@ -113,7 +114,6 @@ func newHTTPClient(rootCAs []string, insecureSkipVerify bool) (*http.Client, err
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *oauthConnector) LoginURL(scopes connector.Scopes, callbackURL, state string) (string, error) {
|
func (c *oauthConnector) LoginURL(scopes connector.Scopes, callbackURL, state string) (string, error) {
|
||||||
|
|
||||||
if c.redirectURI != callbackURL {
|
if c.redirectURI != callbackURL {
|
||||||
return "", fmt.Errorf("expected callback URL %q did not match the URL in the config %q", callbackURL, c.redirectURI)
|
return "", fmt.Errorf("expected callback URL %q did not match the URL in the config %q", callbackURL, c.redirectURI)
|
||||||
}
|
}
|
||||||
@ -130,7 +130,6 @@ func (c *oauthConnector) LoginURL(scopes connector.Scopes, callbackURL, state st
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (identity connector.Identity, err error) {
|
func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (identity connector.Identity, err error) {
|
||||||
|
|
||||||
q := r.URL.Query()
|
q := r.URL.Query()
|
||||||
if errType := q.Get("error"); errType != "" {
|
if errType := q.Get("error"); errType != "" {
|
||||||
return identity, errors.New(q.Get("error_description"))
|
return identity, errors.New(q.Get("error_description"))
|
||||||
@ -185,7 +184,7 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id
|
|||||||
|
|
||||||
identity.UserID, _ = userInfoResult[c.userIDKey].(string)
|
identity.UserID, _ = userInfoResult[c.userIDKey].(string)
|
||||||
identity.Username, _ = userInfoResult[c.userNameKey].(string)
|
identity.Username, _ = userInfoResult[c.userNameKey].(string)
|
||||||
identity.Name, _ = userInfoResult["name"].(string)
|
identity.PreferredUsername, _ = userInfoResult["name"].(string)
|
||||||
identity.Email, _ = userInfoResult["email"].(string)
|
identity.Email, _ = userInfoResult["email"].(string)
|
||||||
identity.EmailVerified, _ = userInfoResult["email_verified"].(bool)
|
identity.EmailVerified, _ = userInfoResult["email_verified"].(bool)
|
||||||
|
|
||||||
@ -195,7 +194,7 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id
|
|||||||
c.addGroupsFromMap(groups, userInfoResult)
|
c.addGroupsFromMap(groups, userInfoResult)
|
||||||
c.addGroupsFromToken(groups, token.AccessToken)
|
c.addGroupsFromToken(groups, token.AccessToken)
|
||||||
|
|
||||||
for groupName, _ := range groups {
|
for groupName := range groups {
|
||||||
identity.Groups = append(identity.Groups, groupName)
|
identity.Groups = append(identity.Groups, groupName)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -215,7 +214,7 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id
|
|||||||
func (c *oauthConnector) addGroupsFromMap(groups map[string]bool, result map[string]interface{}) error {
|
func (c *oauthConnector) addGroupsFromMap(groups map[string]bool, result map[string]interface{}) error {
|
||||||
groupsClaim, ok := result[c.groupsKey].([]interface{})
|
groupsClaim, ok := result[c.groupsKey].([]interface{})
|
||||||
if !ok {
|
if !ok {
|
||||||
return errors.New("Cant convert to array")
|
return errors.New("cant convert to array")
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, group := range groupsClaim {
|
for _, group := range groupsClaim {
|
||||||
@ -230,7 +229,7 @@ func (c *oauthConnector) addGroupsFromMap(groups map[string]bool, result map[str
|
|||||||
func (c *oauthConnector) addGroupsFromToken(groups map[string]bool, token string) error {
|
func (c *oauthConnector) addGroupsFromToken(groups map[string]bool, token string) error {
|
||||||
parts := strings.Split(token, ".")
|
parts := strings.Split(token, ".")
|
||||||
if len(parts) < 2 {
|
if len(parts) < 2 {
|
||||||
return errors.New("Invalid token")
|
return errors.New("invalid token")
|
||||||
}
|
}
|
||||||
|
|
||||||
decoded, err := decode(parts[1])
|
decoded, err := decode(parts[1])
|
||||||
|
|||||||
@ -13,9 +13,10 @@ import (
|
|||||||
"sort"
|
"sort"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/dexidp/dex/connector"
|
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
jose "gopkg.in/square/go-jose.v2"
|
jose "gopkg.in/square/go-jose.v2"
|
||||||
|
|
||||||
|
"github.com/dexidp/dex/connector"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestOpen(t *testing.T) {
|
func TestOpen(t *testing.T) {
|
||||||
@ -67,7 +68,6 @@ func TestLoginURL(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
|
func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
|
||||||
|
|
||||||
tokenClaims := map[string]interface{}{}
|
tokenClaims := map[string]interface{}{}
|
||||||
|
|
||||||
userInfoClaims := map[string]interface{}{
|
userInfoClaims := map[string]interface{}{
|
||||||
@ -92,7 +92,7 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
|
|||||||
expectEqual(t, len(identity.Groups), 2)
|
expectEqual(t, len(identity.Groups), 2)
|
||||||
expectEqual(t, identity.Groups[0], "admin-group")
|
expectEqual(t, identity.Groups[0], "admin-group")
|
||||||
expectEqual(t, identity.Groups[1], "user-group")
|
expectEqual(t, identity.Groups[1], "user-group")
|
||||||
expectEqual(t, identity.Name, "test-name")
|
expectEqual(t, identity.PreferredUsername, "test-name")
|
||||||
expectEqual(t, identity.UserID, "test-user-id")
|
expectEqual(t, identity.UserID, "test-user-id")
|
||||||
expectEqual(t, identity.Username, "test-username")
|
expectEqual(t, identity.Username, "test-username")
|
||||||
expectEqual(t, identity.Email, "test-email")
|
expectEqual(t, identity.Email, "test-email")
|
||||||
@ -100,7 +100,6 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
||||||
|
|
||||||
tokenClaims := map[string]interface{}{
|
tokenClaims := map[string]interface{}{
|
||||||
"groups_key": []string{"test-group"},
|
"groups_key": []string{"test-group"},
|
||||||
}
|
}
|
||||||
@ -124,7 +123,7 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
|||||||
|
|
||||||
expectEqual(t, len(identity.Groups), 1)
|
expectEqual(t, len(identity.Groups), 1)
|
||||||
expectEqual(t, identity.Groups[0], "test-group")
|
expectEqual(t, identity.Groups[0], "test-group")
|
||||||
expectEqual(t, identity.Name, "test-name")
|
expectEqual(t, identity.PreferredUsername, "test-name")
|
||||||
expectEqual(t, identity.UserID, "test-user-id")
|
expectEqual(t, identity.UserID, "test-user-id")
|
||||||
expectEqual(t, identity.Username, "test-username")
|
expectEqual(t, identity.Username, "test-username")
|
||||||
expectEqual(t, identity.Email, "test-email")
|
expectEqual(t, identity.Email, "test-email")
|
||||||
@ -132,7 +131,6 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func testSetup(t *testing.T, tokenClaims map[string]interface{}, userInfoClaims map[string]interface{}) *httptest.Server {
|
func testSetup(t *testing.T, tokenClaims map[string]interface{}, userInfoClaims map[string]interface{}) *httptest.Server {
|
||||||
|
|
||||||
key, err := rsa.GenerateKey(rand.Reader, 1024)
|
key, err := rsa.GenerateKey(rand.Reader, 1024)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal("Failed to generate rsa key", err)
|
t.Fatal("Failed to generate rsa key", err)
|
||||||
|
|||||||
Reference in New Issue
Block a user