From 10d671956a6f0e64d10340d313a2b115f5093dd3 Mon Sep 17 00:00:00 2001 From: Livio Amstutz Date: Thu, 28 Nov 2019 08:56:53 +0100 Subject: [PATCH] some error handling --- pkg/op/default_op.go | 10 ++-------- pkg/op/error.go | 10 ++++++++-- pkg/op/tokenrequest.go | 33 ++++++++++++++++++++++----------- 3 files changed, 32 insertions(+), 21 deletions(-) diff --git a/pkg/op/default_op.go b/pkg/op/default_op.go index e80a129..7060d18 100644 --- a/pkg/op/default_op.go +++ b/pkg/op/default_op.go @@ -1,7 +1,6 @@ package op import ( - "encoding/json" "errors" "net/http" "net/url" @@ -234,16 +233,11 @@ func (p *DefaultOP) HandleAuthorizeCallback(w http.ResponseWriter, r *http.Reque func (p *DefaultOP) HandleExchange(w http.ResponseWriter, r *http.Request) { reqType := r.FormValue("grant_type") if reqType == "" { - ExchangeRequestError(w, r, nil, ErrInvalidRequest("grant_type missing")) + ExchangeRequestError(w, r, ErrInvalidRequest("grant_type missing")) return } if reqType == string(oidc.GrantTypeCode) { - token, err := CodeExchange(w, r, p.storage, p.decoder) - if err != nil { - - } - b, _ := json.Marshal(token) - w.Write(b) + CodeExchange(w, r, p.storage, p.decoder) return } p.handleTokenExchange(w, r) diff --git a/pkg/op/error.go b/pkg/op/error.go index 1aacc27..d794518 100644 --- a/pkg/op/error.go +++ b/pkg/op/error.go @@ -4,6 +4,7 @@ import ( "net/http" "github.com/caos/oidc/pkg/oidc" + "github.com/caos/oidc/pkg/utils" ) const ( @@ -47,8 +48,13 @@ func AuthRequestError(w http.ResponseWriter, r *http.Request, authReq *oidc.Auth http.Redirect(w, r, url, http.StatusFound) } -func ExchangeRequestError(w http.ResponseWriter, r *http.Request, exchangeReq *oidc.AuthRequest, err error) { - +func ExchangeRequestError(w http.ResponseWriter, r *http.Request, err error) { + e, ok := err.(*OAuthError) + if !ok { + e.ErrorType = ServerError + e.Description = err.Error() + } + utils.MarshalJSON(w, e) } type OAuthError struct { diff --git a/pkg/op/tokenrequest.go b/pkg/op/tokenrequest.go index 6f9664e..74594cb 100644 --- a/pkg/op/tokenrequest.go +++ b/pkg/op/tokenrequest.go @@ -5,6 +5,8 @@ import ( "net/http" "time" + "github.com/caos/oidc/pkg/utils" + "github.com/gorilla/schema" "github.com/caos/oidc/pkg/oidc" @@ -21,46 +23,55 @@ import ( // return ParseTokenExchangeRequest(w, r) // } -func CodeExchange(w http.ResponseWriter, r *http.Request, storage Storage, decoder *schema.Decoder) (*oidc.AccessTokenResponse, error) { +func CodeExchange(w http.ResponseWriter, r *http.Request, storage Storage, decoder *schema.Decoder) { err := r.ParseForm() if err != nil { - return nil, errors.New("Unimplemented") //TODO: impl + ExchangeRequestError(w, r, ErrInvalidRequest("error parsing form")) + return } tokenReq := new(oidc.AccessTokenRequest) err = decoder.Decode(tokenReq, r.Form) if err != nil { - return nil, err + ExchangeRequestError(w, r, ErrInvalidRequest("error decoding form")) + return } if tokenReq.Code == "" { - return nil, errors.New("code missing") + ExchangeRequestError(w, r, ErrInvalidRequest("code missing")) + return } client, err := AuthorizeClient(r, tokenReq, storage) if err != nil { - return nil, err + ExchangeRequestError(w, r, err) + return } authReq, err := storage.AuthRequestByCode(client, tokenReq.Code, tokenReq.RedirectURI) if err != nil { - + ExchangeRequestError(w, r, err) + return } err = storage.DeleteAuthRequestAndCode(authReq.ID, tokenReq.Code) if err != nil { - + ExchangeRequestError(w, r, err) + return } accessToken, err := CreateAccessToken() if err != nil { - + ExchangeRequestError(w, r, err) + return } idToken, err := CreateIDToken(nil, "", nil) if err != nil { - + ExchangeRequestError(w, r, err) + return } - return &oidc.AccessTokenResponse{ + resp := &oidc.AccessTokenResponse{ AccessToken: accessToken, IDToken: idToken, - }, nil + } + utils.MarshalJSON(w, resp) } func CreateAccessToken() (string, error) {