cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: Change op.tokenHandler to follow the same pattern as the rest of the endpoint handlers (#210)

Browse source 
inside op: provide a standard endpoint handler that uses injected data.
This commit is contained in:
David Sharnoff 2022-09-29 22:39:23 -07:00 committed by GitHub
parent 29904e9446
commit 2d248b1a1a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 33 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

61
pkg/op/token_request.go
View file

@ -25,37 +25,42 @@ type Exchanger interface {
func tokenHandler(exchanger Exchanger) func(w http.ResponseWriter, r *http.Request) { func tokenHandler(exchanger Exchanger) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
grantType := r.FormValue("grant_type") Exchange(w, r, exchanger)
switch grantType { }
case string(oidc.GrantTypeCode): }
CodeExchange(w, r, exchanger)
return //Exchange performs a token exchange appropriate for the grant type
case string(oidc.GrantTypeRefreshToken): func Exchange(w http.ResponseWriter, r *http.Request, exchanger Exchanger) {
if exchanger.GrantTypeRefreshTokenSupported() { grantType := r.FormValue("grant_type")
RefreshTokenExchange(w, r, exchanger) switch grantType {
return case string(oidc.GrantTypeCode):
} CodeExchange(w, r, exchanger)
case string(oidc.GrantTypeBearer): return
if ex, ok := exchanger.(JWTAuthorizationGrantExchanger); ok && exchanger.GrantTypeJWTAuthorizationSupported() { case string(oidc.GrantTypeRefreshToken):
JWTProfile(w, r, ex) if exchanger.GrantTypeRefreshTokenSupported() {
return RefreshTokenExchange(w, r, exchanger)
}
case string(oidc.GrantTypeTokenExchange):
if exchanger.GrantTypeTokenExchangeSupported() {
TokenExchange(w, r, exchanger)
return
}
case string(oidc.GrantTypeClientCredentials):
if exchanger.GrantTypeClientCredentialsSupported() {
ClientCredentialsExchange(w, r, exchanger)
return
}
case "":
RequestError(w, r, oidc.ErrInvalidRequest().WithDescription("grant_type missing"))
return return
} }
RequestError(w, r, oidc.ErrUnsupportedGrantType().WithDescription("%s not supported", grantType)) case string(oidc.GrantTypeBearer):
if ex, ok := exchanger.(JWTAuthorizationGrantExchanger); ok && exchanger.GrantTypeJWTAuthorizationSupported() {
JWTProfile(w, r, ex)
return
}
case string(oidc.GrantTypeTokenExchange):
if exchanger.GrantTypeTokenExchangeSupported() {
TokenExchange(w, r, exchanger)
return
}
case string(oidc.GrantTypeClientCredentials):
if exchanger.GrantTypeClientCredentialsSupported() {
ClientCredentialsExchange(w, r, exchanger)
return
}
case "":
RequestError(w, r, oidc.ErrInvalidRequest().WithDescription("grant_type missing"))
return
} }
RequestError(w, r, oidc.ErrUnsupportedGrantType().WithDescription("%s not supported", grantType))
} }
//AuthenticatedTokenRequest is a helper interface for ParseAuthenticatedTokenRequest //AuthenticatedTokenRequest is a helper interface for ParseAuthenticatedTokenRequest