k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

Merge pull request #638 from ericchiang/dev-share-a-single-callback

Browse Source 
*: allow call connectors to share a single a single callback
This commit is contained in:
Eric Chiang
2016-10-27 16:59:04 -07:00
committed by GitHub
parent 44fec87ce1 7c2289e0de
commit d7912a3a97
11 changed files with 108 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
connector/connector.go
View File

@@ -33,7 +33,7 @@ type PasswordConnector interface {
// CallbackConnector is an optional interface for callback based connectors.
type CallbackConnector interface {
LoginURL(callbackURL, state string) (string, error)
HandleCallback(r *http.Request) (identity Identity, state string, err error)
HandleCallback(r *http.Request) (identity Identity, err error)
}
// GroupsConnector is an optional interface for connectors which can map a user to groups.

18
connector/github/github.go
View File

@@ -83,28 +83,28 @@ func (e *oauth2Error) Error() string {
return e.error + ": " + e.errorDescription
}
func (c *githubConnector) HandleCallback(r *http.Request) (identity connector.Identity, state string, err error) {
func (c *githubConnector) HandleCallback(r *http.Request) (identity connector.Identity, err error) {
q := r.URL.Query()
if errType := q.Get("error"); errType != "" {
return identity, "", &oauth2Error{errType, q.Get("error_description")}
return identity, &oauth2Error{errType, q.Get("error_description")}
}
token, err := c.oauth2Config.Exchange(c.ctx, q.Get("code"))
if err != nil {
return identity, "", fmt.Errorf("github: failed to get token: %v", err)
return identity, fmt.Errorf("github: failed to get token: %v", err)
}
resp, err := c.oauth2Config.Client(c.ctx, token).Get(baseURL + "/user")
if err != nil {
return identity, "", fmt.Errorf("github: get URL %v", err)
return identity, fmt.Errorf("github: get URL %v", err)
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return identity, "", fmt.Errorf("github: read body: %v", err)
return identity, fmt.Errorf("github: read body: %v", err)
}
return identity, "", fmt.Errorf("%s: %s", resp.Status, body)
return identity, fmt.Errorf("%s: %s", resp.Status, body)
}
var user struct {
Name string `json:"name"`
@@ -113,13 +113,13 @@ func (c *githubConnector) HandleCallback(r *http.Request) (identity connector.Id
Email string `json:"email"`
}
if err := json.NewDecoder(resp.Body).Decode(&user); err != nil {
return identity, "", fmt.Errorf("failed to decode response: %v", err)
return identity, fmt.Errorf("failed to decode response: %v", err)
}
data := connectorData{AccessToken: token.AccessToken}
connData, err := json.Marshal(data)
if err != nil {
return identity, "", fmt.Errorf("marshal connector data: %v", err)
return identity, fmt.Errorf("marshal connector data: %v", err)
}
username := user.Name
@@ -133,7 +133,7 @@ func (c *githubConnector) HandleCallback(r *http.Request) (identity connector.Id
EmailVerified: true,
ConnectorData: connData,
}
return identity, q.Get("state"), nil
return identity, nil
}
func (c *githubConnector) Groups(identity connector.Identity) ([]string, error) {

4
connector/mock/connectortest.go
View File

@@ -41,14 +41,14 @@ func (m callbackConnector) LoginURL(callbackURL, state string) (string, error) {
var connectorData = []byte("foobar")
func (m callbackConnector) HandleCallback(r *http.Request) (connector.Identity, string, error) {
func (m callbackConnector) HandleCallback(r *http.Request) (connector.Identity, error) {
return connector.Identity{
UserID: "0-385-28089-0",
Username: "Kilgore Trout",
Email: "kilgore@kilgore.trout",
EmailVerified: true,
ConnectorData: connectorData,
}, r.URL.Query().Get("state"), nil
}, nil
}
func (m callbackConnector) Groups(identity connector.Identity) ([]string, error) {

14
connector/oidc/oidc.go
View File

@@ -94,23 +94,23 @@ func (e *oauth2Error) Error() string {
return e.error + ": " + e.errorDescription
}
func (c *oidcConnector) HandleCallback(r *http.Request) (identity connector.Identity, state string, err error) {
func (c *oidcConnector) HandleCallback(r *http.Request) (identity connector.Identity, err error) {
q := r.URL.Query()
if errType := q.Get("error"); errType != "" {
return identity, "", &oauth2Error{errType, q.Get("error_description")}
return identity, &oauth2Error{errType, q.Get("error_description")}
}
token, err := c.oauth2Config.Exchange(c.ctx, q.Get("code"))
if err != nil {
return identity, "", fmt.Errorf("oidc: failed to get token: %v", err)
return identity, fmt.Errorf("oidc: failed to get token: %v", err)
}
rawIDToken, ok := token.Extra("id_token").(string)
if !ok {
return identity, "", errors.New("oidc: no id_token in token response")
return identity, errors.New("oidc: no id_token in token response")
}
idToken, err := c.verifier.Verify(rawIDToken)
if err != nil {
return identity, "", fmt.Errorf("oidc: failed to verify ID Token: %v", err)
return identity, fmt.Errorf("oidc: failed to verify ID Token: %v", err)
}
var claims struct {
@@ -119,7 +119,7 @@ func (c *oidcConnector) HandleCallback(r *http.Request) (identity connector.Iden
EmailVerified bool `json:"email_verified"`
}
if err := idToken.Claims(&claims); err != nil {
return identity, "", fmt.Errorf("oidc: failed to decode claims: %v", err)
return identity, fmt.Errorf("oidc: failed to decode claims: %v", err)
}
identity = connector.Identity{
@@ -128,5 +128,5 @@ func (c *oidcConnector) HandleCallback(r *http.Request) (identity connector.Iden
Email: claims.Email,
EmailVerified: claims.EmailVerified,
}
return identity, q.Get("state"), nil
return identity, nil
}