From 7b75e1e0cc629f5f6d5a98301b95804257260cf0 Mon Sep 17 00:00:00 2001 From: Shuanglei Tao Date: Thu, 21 Apr 2022 11:11:47 +0800 Subject: [PATCH 1/2] Add numeric user ID support for oauth connector Signed-off-by: Shuanglei Tao --- connector/oauth/oauth.go | 10 ++++++++-- connector/oauth/oauth_test.go | 28 ++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/connector/oauth/oauth.go b/connector/oauth/oauth.go index e37932ad..237d075e 100644 --- a/connector/oauth/oauth.go +++ b/connector/oauth/oauth.go @@ -209,12 +209,18 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id return identity, fmt.Errorf("OAuth Connector: failed to parse userinfo: %v", err) } - userID, found := userInfoResult[c.userIDKey].(string) + userID, found := userInfoResult[c.userIDKey] if !found { return identity, fmt.Errorf("OAuth Connector: not found %v claim", c.userIDKey) } - identity.UserID = userID + switch userID.(type) { + case float64, int64, string: + identity.UserID = fmt.Sprintf("%v", userID) + default: + return identity, fmt.Errorf("OAuth Connector: %v claim should be string or number, got %T", c.userIDKey, userID) + } + identity.Username, _ = userInfoResult[c.userNameKey].(string) identity.PreferredUsername, _ = userInfoResult[c.preferredUsernameKey].(string) identity.Email, _ = userInfoResult[c.emailKey].(string) diff --git a/connector/oauth/oauth_test.go b/connector/oauth/oauth_test.go index 082a3aa5..91284568 100644 --- a/connector/oauth/oauth_test.go +++ b/connector/oauth/oauth_test.go @@ -168,6 +168,34 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) { assert.Equal(t, identity.EmailVerified, false) } +func TestHandleCallbackForNumericUserID(t *testing.T) { + tokenClaims := map[string]interface{}{} + + userInfoClaims := map[string]interface{}{ + "name": "test-name", + "user_id_key": 1000, + "user_name_key": "test-username", + "preferred_username": "test-preferred-username", + "mail": "mod_mail", + "has_verified_email": false, + } + + testServer := testSetup(t, tokenClaims, userInfoClaims) + defer testServer.Close() + + conn := newConnector(t, testServer.URL) + req := newRequestWithAuthCode(t, testServer.URL, "some-code") + + identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req) + assert.Equal(t, err, nil) + + assert.Equal(t, identity.UserID, "1000") + assert.Equal(t, identity.Username, "test-username") + assert.Equal(t, identity.PreferredUsername, "test-preferred-username") + assert.Equal(t, identity.Email, "mod_mail") + assert.Equal(t, identity.EmailVerified, false) +} + func testSetup(t *testing.T, tokenClaims map[string]interface{}, userInfoClaims map[string]interface{}) *httptest.Server { key, err := rsa.GenerateKey(rand.Reader, 1024) if err != nil { From 691f8be7850fce1fbbdd12f74ba002c03e8c507e Mon Sep 17 00:00:00 2001 From: Shuanglei Tao Date: Thu, 5 May 2022 15:59:18 +0800 Subject: [PATCH 2/2] Fix unparam lint error in oauth_test Signed-off-by: Shuanglei Tao --- connector/oauth/oauth_test.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/connector/oauth/oauth_test.go b/connector/oauth/oauth_test.go index 91284568..3a5ec6bf 100644 --- a/connector/oauth/oauth_test.go +++ b/connector/oauth/oauth_test.go @@ -84,7 +84,7 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) { defer testServer.Close() conn := newConnector(t, testServer.URL) - req := newRequestWithAuthCode(t, testServer.URL, "some-code") + req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallBackForGroupsInUserInfo") identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req) assert.Equal(t, err, nil) @@ -120,7 +120,7 @@ func TestHandleCallBackForGroupMapsInUserInfo(t *testing.T) { defer testServer.Close() conn := newConnector(t, testServer.URL) - req := newRequestWithAuthCode(t, testServer.URL, "some-code") + req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallBackForGroupMapsInUserInfo") identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req) assert.Equal(t, err, nil) @@ -154,7 +154,7 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) { defer testServer.Close() conn := newConnector(t, testServer.URL) - req := newRequestWithAuthCode(t, testServer.URL, "some-code") + req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallBackForGroupsInToken") identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req) assert.Equal(t, err, nil) @@ -184,7 +184,7 @@ func TestHandleCallbackForNumericUserID(t *testing.T) { defer testServer.Close() conn := newConnector(t, testServer.URL) - req := newRequestWithAuthCode(t, testServer.URL, "some-code") + req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallbackForNumericUserID") identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req) assert.Equal(t, err, nil)