Merge pull request #2483 from tsl0922/master
Add numeric user ID support for oauth connector
This commit is contained in:
commit
997ec94a4a
@ -209,12 +209,18 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id
|
|||||||
return identity, fmt.Errorf("OAuth Connector: failed to parse userinfo: %v", err)
|
return identity, fmt.Errorf("OAuth Connector: failed to parse userinfo: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
userID, found := userInfoResult[c.userIDKey].(string)
|
userID, found := userInfoResult[c.userIDKey]
|
||||||
if !found {
|
if !found {
|
||||||
return identity, fmt.Errorf("OAuth Connector: not found %v claim", c.userIDKey)
|
return identity, fmt.Errorf("OAuth Connector: not found %v claim", c.userIDKey)
|
||||||
}
|
}
|
||||||
|
|
||||||
identity.UserID = userID
|
switch userID.(type) {
|
||||||
|
case float64, int64, string:
|
||||||
|
identity.UserID = fmt.Sprintf("%v", userID)
|
||||||
|
default:
|
||||||
|
return identity, fmt.Errorf("OAuth Connector: %v claim should be string or number, got %T", c.userIDKey, userID)
|
||||||
|
}
|
||||||
|
|
||||||
identity.Username, _ = userInfoResult[c.userNameKey].(string)
|
identity.Username, _ = userInfoResult[c.userNameKey].(string)
|
||||||
identity.PreferredUsername, _ = userInfoResult[c.preferredUsernameKey].(string)
|
identity.PreferredUsername, _ = userInfoResult[c.preferredUsernameKey].(string)
|
||||||
identity.Email, _ = userInfoResult[c.emailKey].(string)
|
identity.Email, _ = userInfoResult[c.emailKey].(string)
|
||||||
|
@ -84,7 +84,7 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
|
|||||||
defer testServer.Close()
|
defer testServer.Close()
|
||||||
|
|
||||||
conn := newConnector(t, testServer.URL)
|
conn := newConnector(t, testServer.URL)
|
||||||
req := newRequestWithAuthCode(t, testServer.URL, "some-code")
|
req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallBackForGroupsInUserInfo")
|
||||||
|
|
||||||
identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req)
|
identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req)
|
||||||
assert.Equal(t, err, nil)
|
assert.Equal(t, err, nil)
|
||||||
@ -120,7 +120,7 @@ func TestHandleCallBackForGroupMapsInUserInfo(t *testing.T) {
|
|||||||
defer testServer.Close()
|
defer testServer.Close()
|
||||||
|
|
||||||
conn := newConnector(t, testServer.URL)
|
conn := newConnector(t, testServer.URL)
|
||||||
req := newRequestWithAuthCode(t, testServer.URL, "some-code")
|
req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallBackForGroupMapsInUserInfo")
|
||||||
|
|
||||||
identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req)
|
identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req)
|
||||||
assert.Equal(t, err, nil)
|
assert.Equal(t, err, nil)
|
||||||
@ -154,7 +154,7 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
|||||||
defer testServer.Close()
|
defer testServer.Close()
|
||||||
|
|
||||||
conn := newConnector(t, testServer.URL)
|
conn := newConnector(t, testServer.URL)
|
||||||
req := newRequestWithAuthCode(t, testServer.URL, "some-code")
|
req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallBackForGroupsInToken")
|
||||||
|
|
||||||
identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req)
|
identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req)
|
||||||
assert.Equal(t, err, nil)
|
assert.Equal(t, err, nil)
|
||||||
@ -168,6 +168,34 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
|||||||
assert.Equal(t, identity.EmailVerified, false)
|
assert.Equal(t, identity.EmailVerified, false)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestHandleCallbackForNumericUserID(t *testing.T) {
|
||||||
|
tokenClaims := map[string]interface{}{}
|
||||||
|
|
||||||
|
userInfoClaims := map[string]interface{}{
|
||||||
|
"name": "test-name",
|
||||||
|
"user_id_key": 1000,
|
||||||
|
"user_name_key": "test-username",
|
||||||
|
"preferred_username": "test-preferred-username",
|
||||||
|
"mail": "mod_mail",
|
||||||
|
"has_verified_email": false,
|
||||||
|
}
|
||||||
|
|
||||||
|
testServer := testSetup(t, tokenClaims, userInfoClaims)
|
||||||
|
defer testServer.Close()
|
||||||
|
|
||||||
|
conn := newConnector(t, testServer.URL)
|
||||||
|
req := newRequestWithAuthCode(t, testServer.URL, "TestHandleCallbackForNumericUserID")
|
||||||
|
|
||||||
|
identity, err := conn.HandleCallback(connector.Scopes{Groups: true}, req)
|
||||||
|
assert.Equal(t, err, nil)
|
||||||
|
|
||||||
|
assert.Equal(t, identity.UserID, "1000")
|
||||||
|
assert.Equal(t, identity.Username, "test-username")
|
||||||
|
assert.Equal(t, identity.PreferredUsername, "test-preferred-username")
|
||||||
|
assert.Equal(t, identity.Email, "mod_mail")
|
||||||
|
assert.Equal(t, identity.EmailVerified, false)
|
||||||
|
}
|
||||||
|
|
||||||
func testSetup(t *testing.T, tokenClaims map[string]interface{}, userInfoClaims map[string]interface{}) *httptest.Server {
|
func testSetup(t *testing.T, tokenClaims map[string]interface{}, userInfoClaims map[string]interface{}) *httptest.Server {
|
||||||
key, err := rsa.GenerateKey(rand.Reader, 1024)
|
key, err := rsa.GenerateKey(rand.Reader, 1024)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
Reference in New Issue
Block a user