handlers/connector_login: update AuthRequest irregardless of method

Before, you could not POST your credentials to a password-connector's
endpoint without GETing that endpoint first. While this makes sense for
browser clients; automated interactions with Dex don't need to look at
the password form to fill it in.

A symptom of that missing GET was that the POST succeeded (!) with

    login successful: connector "", username="admin", email="admin@example.com", groups=[]

Note the connector "". A subsequent call to finalizeLogin would then
fail with

    connector with ID "" not found: failed to get connector object from storage: not found

Now, the connector ID of an auth request will be updated for both GETs
and POSTs.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
This commit is contained in:
Stephan Renatus 2017-12-08 11:49:47 +01:00
parent 5172a46171
commit f18d7afc6f

View File

@ -222,22 +222,23 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
} }
return return
} }
// Set the connector being used for the login.
updater := func(a storage.AuthRequest) (storage.AuthRequest, error) {
a.ConnectorID = connID
return a, nil
}
if err := s.storage.UpdateAuthRequest(authReqID, updater); err != nil {
s.logger.Errorf("Failed to set connector ID on auth request: %v", err)
s.renderError(w, http.StatusInternalServerError, "Database error.")
return
}
scopes := parseScopes(authReq.Scopes) scopes := parseScopes(authReq.Scopes)
showBacklink := len(s.connectors) > 1 showBacklink := len(s.connectors) > 1
switch r.Method { switch r.Method {
case "GET": case "GET":
// Set the connector being used for the login.
updater := func(a storage.AuthRequest) (storage.AuthRequest, error) {
a.ConnectorID = connID
return a, nil
}
if err := s.storage.UpdateAuthRequest(authReqID, updater); err != nil {
s.logger.Errorf("Failed to set connector ID on auth request: %v", err)
s.renderError(w, http.StatusInternalServerError, "Database error.")
return
}
switch conn := conn.Connector.(type) { switch conn := conn.Connector.(type) {
case connector.CallbackConnector: case connector.CallbackConnector:
// Use the auth request ID as the "state" token. // Use the auth request ID as the "state" token.