some linting
This commit is contained in:
Livio Amstutz
parent
2ad9f081da
commit
162990f974
12 changed files with 44 additions and 28 deletions
|
|
@ -17,8 +17,8 @@ import (
|
|||
)
|
||||
|
||||
var (
|
||||
callbackPath string = "/auth/callback"
|
||||
key []byte = []byte("test1234test1234")
|
||||
callbackPath = "/auth/callback"
|
||||
key = []byte("test1234test1234")
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
|
|
|||
|
|
@ -16,8 +16,8 @@ import (
|
|||
)
|
||||
|
||||
var (
|
||||
callbackPath string = "/orbctl/github/callback"
|
||||
key []byte = []byte("test1234test1234")
|
||||
callbackPath = "/orbctl/github/callback"
|
||||
key = []byte("test1234test1234")
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ import (
|
|||
)
|
||||
|
||||
var (
|
||||
client *http.Client = http.DefaultClient
|
||||
client = http.DefaultClient
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
|
|
|||
|
|
@ -175,6 +175,11 @@ func (s *AuthStorage) TokenRequestByRefreshToken(ctx context.Context, refreshTok
|
|||
func (s *AuthStorage) TerminateSession(_ context.Context, userID, clientID string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *AuthStorage) RevokeToken(ctx context.Context, token string, userID string, clientID string) *oidc.Error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *AuthStorage) GetSigningKey(_ context.Context, keyCh chan<- jose.SigningKey) {
|
||||
keyCh <- jose.SigningKey{Algorithm: jose.RS256, Key: s.key}
|
||||
}
|
||||
|
|
@ -294,7 +299,7 @@ func (c *ConfClient) AuthMethod() oidc.AuthMethod {
|
|||
}
|
||||
|
||||
func (c *ConfClient) IDTokenLifetime() time.Duration {
|
||||
return time.Duration(5 * time.Minute)
|
||||
return 5 * time.Minute
|
||||
}
|
||||
func (c *ConfClient) AccessTokenType() op.AccessTokenType {
|
||||
return c.accessTokenType
|
||||
|
|
|
|||
|
|
@ -9,6 +9,10 @@ import (
|
|||
"io"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrCipherTextBlockSize = errors.New("ciphertext block size is too short")
|
||||
)
|
||||
|
||||
func EncryptAES(data string, key string) (string, error) {
|
||||
encrypted, err := EncryptBytesAES([]byte(data), key)
|
||||
if err != nil {
|
||||
|
|
@ -55,8 +59,7 @@ func DecryptBytesAES(cipherText []byte, key string) ([]byte, error) {
|
|||
}
|
||||
|
||||
if len(cipherText) < aes.BlockSize {
|
||||
err = errors.New("Ciphertext block size is too short!")
|
||||
return nil, err
|
||||
return nil, ErrCipherTextBlockSize
|
||||
}
|
||||
iv := cipherText[:aes.BlockSize]
|
||||
cipherText = cipherText[aes.BlockSize:]
|
||||
|
|
|
|||
|
|
@ -4,12 +4,17 @@ import (
|
|||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"fmt"
|
||||
"hash"
|
||||
|
||||
"gopkg.in/square/go-jose.v2"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrUnsupportedAlgorithm = errors.New("unsupported signing algorithm")
|
||||
)
|
||||
|
||||
func GetHashAlgorithm(sigAlgorithm jose.SignatureAlgorithm) (hash.Hash, error) {
|
||||
switch sigAlgorithm {
|
||||
case jose.RS256, jose.ES256, jose.PS256:
|
||||
|
|
@ -19,7 +24,7 @@ func GetHashAlgorithm(sigAlgorithm jose.SignatureAlgorithm) (hash.Hash, error) {
|
|||
case jose.RS512, jose.ES512, jose.PS512:
|
||||
return sha512.New(), nil
|
||||
default:
|
||||
return nil, fmt.Errorf("oidc: unsupported signing algorithm %q", sigAlgorithm)
|
||||
return nil, fmt.Errorf("%w: %q", ErrUnsupportedAlgorithm, sigAlgorithm)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -323,7 +323,7 @@ func (t *idTokenClaims) GetSignatureAlgorithm() jose.SignatureAlgorithm {
|
|||
return t.signatureAlg
|
||||
}
|
||||
|
||||
//SetSignatureAlgorithm implements the IDTokenClaims interface
|
||||
//SetAccessTokenHash implements the IDTokenClaims interface
|
||||
func (t *idTokenClaims) SetAccessTokenHash(hash string) {
|
||||
t.AccessTokenHash = hash
|
||||
}
|
||||
|
|
|
|||
|
|
@ -183,7 +183,7 @@ func (j *JWTTokenRequest) GetSubject() string {
|
|||
return j.Subject
|
||||
}
|
||||
|
||||
//GetSubject implements the TokenRequest interface
|
||||
//GetScopes implements the TokenRequest interface
|
||||
func (j *JWTTokenRequest) GetScopes() []string {
|
||||
return j.Scopes
|
||||
}
|
||||
|
|
|
|||
|
|
@ -324,20 +324,20 @@ func NewUserInfoAddress(streetAddress, locality, region, postalCode, country, fo
|
|||
Formatted: formatted,
|
||||
}
|
||||
}
|
||||
func (i *userinfo) MarshalJSON() ([]byte, error) {
|
||||
func (u *userinfo) MarshalJSON() ([]byte, error) {
|
||||
type Alias userinfo
|
||||
a := &struct {
|
||||
*Alias
|
||||
Locale interface{} `json:"locale,omitempty"`
|
||||
UpdatedAt int64 `json:"updated_at,omitempty"`
|
||||
}{
|
||||
Alias: (*Alias)(i),
|
||||
Alias: (*Alias)(u),
|
||||
}
|
||||
if !i.Locale.IsRoot() {
|
||||
a.Locale = i.Locale
|
||||
if !u.Locale.IsRoot() {
|
||||
a.Locale = u.Locale
|
||||
}
|
||||
if !time.Time(i.UpdatedAt).IsZero() {
|
||||
a.UpdatedAt = time.Time(i.UpdatedAt).Unix()
|
||||
if !time.Time(u.UpdatedAt).IsZero() {
|
||||
a.UpdatedAt = time.Time(u.UpdatedAt).Unix()
|
||||
}
|
||||
|
||||
b, err := json.Marshal(a)
|
||||
|
|
@ -345,34 +345,34 @@ func (i *userinfo) MarshalJSON() ([]byte, error) {
|
|||
return nil, err
|
||||
}
|
||||
|
||||
if len(i.claims) == 0 {
|
||||
if len(u.claims) == 0 {
|
||||
return b, nil
|
||||
}
|
||||
|
||||
err = json.Unmarshal(b, &i.claims)
|
||||
err = json.Unmarshal(b, &u.claims)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("jws: invalid map of custom claims %v", i.claims)
|
||||
return nil, fmt.Errorf("jws: invalid map of custom claims %v", u.claims)
|
||||
}
|
||||
|
||||
return json.Marshal(i.claims)
|
||||
return json.Marshal(u.claims)
|
||||
}
|
||||
|
||||
func (i *userinfo) UnmarshalJSON(data []byte) error {
|
||||
func (u *userinfo) UnmarshalJSON(data []byte) error {
|
||||
type Alias userinfo
|
||||
a := &struct {
|
||||
Address *userInfoAddress `json:"address,omitempty"`
|
||||
*Alias
|
||||
UpdatedAt int64 `json:"update_at,omitempty"`
|
||||
}{
|
||||
Alias: (*Alias)(i),
|
||||
Alias: (*Alias)(u),
|
||||
}
|
||||
if err := json.Unmarshal(data, &a); err != nil {
|
||||
return err
|
||||
}
|
||||
i.Address = a.Address
|
||||
i.UpdatedAt = Time(time.Unix(a.UpdatedAt, 0).UTC())
|
||||
u.Address = a.Address
|
||||
u.UpdatedAt = Time(time.Unix(a.UpdatedAt, 0).UTC())
|
||||
|
||||
if err := json.Unmarshal(data, &i.claims); err != nil {
|
||||
if err := json.Unmarshal(data, &u.claims); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,8 +2,9 @@ package oidc
|
|||
|
||||
import (
|
||||
"encoding/json"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func TestUserInfoMarshal(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -61,6 +61,7 @@ func TestValidateIssuer(t *testing.T) {
|
|||
},
|
||||
}
|
||||
//ensure env is not set
|
||||
//nolint:errcheck
|
||||
os.Unsetenv(OidcDevMode)
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
|
|
@ -86,6 +87,7 @@ func TestValidateIssuerDevLocalAllowed(t *testing.T) {
|
|||
false,
|
||||
},
|
||||
}
|
||||
//nolint:errcheck
|
||||
os.Setenv(OidcDevMode, "true")
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ func ValidateRefreshTokenScopes(requestedScopes []string, authRequest RefreshTok
|
|||
return nil
|
||||
}
|
||||
|
||||
//AuthorizeCodeClient checks the authorization of the client and that the used method was the one previously registered.
|
||||
//AuthorizeRefreshClient checks the authorization of the client and that the used method was the one previously registered.
|
||||
//It than returns the data representing the original auth request corresponding to the refresh_token
|
||||
func AuthorizeRefreshClient(ctx context.Context, tokenReq *oidc.RefreshTokenRequest, exchanger Exchanger) (request RefreshTokenRequest, client Client, err error) {
|
||||
if tokenReq.ClientAssertionType == oidc.ClientAssertionTypeJWTAssertion {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue