cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: Add rp.WithAuthStyle as Option

Browse source
This commit is contained in:
Jan-Otto Kröpke 2024-02-18 21:40:42 +01:00
parent c5619ab4ff
commit 97e1d1dd1d
No known key found for this signature in database
1 changed files with 20 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

25
pkg/client/rp/relying_party.go
View file

@ -100,6 +100,8 @@ type relyingParty struct {
httpClient *http.Client httpClient *http.Client
cookieHandler *httphelper.CookieHandler cookieHandler *httphelper.CookieHandler
oauthAuthStyle oauth2.AuthStyle
errorHandler func(http.ResponseWriter, *http.Request, string, string, string) errorHandler func(http.ResponseWriter, *http.Request, string, string, string)
unauthorizedHandler func(http.ResponseWriter, *http.Request, string, string) unauthorizedHandler func(http.ResponseWriter, *http.Request, string, string)
idTokenVerifier *IDTokenVerifier idTokenVerifier *IDTokenVerifier
@ -187,6 +189,7 @@ func NewRelyingPartyOAuth(config *oauth2.Config, options ...Option) (RelyingPart
httpClient: httphelper.DefaultHTTPClient, httpClient: httphelper.DefaultHTTPClient,
oauth2Only: true, oauth2Only: true,
unauthorizedHandler: DefaultUnauthorizedHandler, unauthorizedHandler: DefaultUnauthorizedHandler,
oauthAuthStyle: oauth2.AuthStyleAutoDetect,
} }
for _, optFunc := range options { for _, optFunc := range options {
@ -195,6 +198,8 @@ func NewRelyingPartyOAuth(config *oauth2.Config, options ...Option) (RelyingPart
} }
} }
rp.oauthConfig.Endpoint.AuthStyle = rp.oauthAuthStyle
// avoid races by calling these early // avoid races by calling these early
_ = rp.IDTokenVerifier() // sets idTokenVerifier _ = rp.IDTokenVerifier() // sets idTokenVerifier
_ = rp.ErrorHandler() // sets errorHandler _ = rp.ErrorHandler() // sets errorHandler
@ -214,8 +219,9 @@ func NewRelyingPartyOIDC(ctx context.Context, issuer, clientID, clientSecret, re
RedirectURL: redirectURI, RedirectURL: redirectURI,
Scopes: scopes, Scopes: scopes,
}, },
httpClient: httphelper.DefaultHTTPClient, httpClient: httphelper.DefaultHTTPClient,
oauth2Only: false, oauth2Only: false,
oauthAuthStyle: oauth2.AuthStyleAutoDetect,
} }
for _, optFunc := range options { for _, optFunc := range options {
@ -232,6 +238,9 @@ func NewRelyingPartyOIDC(ctx context.Context, issuer, clientID, clientSecret, re
rp.oauthConfig.Endpoint = endpoints.Endpoint rp.oauthConfig.Endpoint = endpoints.Endpoint
rp.endpoints = endpoints rp.endpoints = endpoints
rp.oauthConfig.Endpoint.AuthStyle = rp.oauthAuthStyle
rp.endpoints.Endpoint.AuthStyle = rp.oauthAuthStyle
// avoid races by calling these early // avoid races by calling these early
_ = rp.IDTokenVerifier() // sets idTokenVerifier _ = rp.IDTokenVerifier() // sets idTokenVerifier
_ = rp.ErrorHandler() // sets errorHandler _ = rp.ErrorHandler() // sets errorHandler
@ -290,6 +299,13 @@ func WithUnauthorizedHandler(unauthorizedHandler UnauthorizedHandler) Option {
} }
} }
func WithAuthStyle(oauthAuthStyle oauth2.AuthStyle) Option {
return func(rp *relyingParty) error {
rp.oauthAuthStyle = oauthAuthStyle
return nil
}
}
func WithVerifierOpts(opts ...VerifierOption) Option { func WithVerifierOpts(opts ...VerifierOption) Option {
return func(rp *relyingParty) error { return func(rp *relyingParty) error {
rp.verifierOpts = opts rp.verifierOpts = opts
@ -589,9 +605,8 @@ type Endpoints struct {
func GetEndpoints(discoveryConfig *oidc.DiscoveryConfiguration) Endpoints { func GetEndpoints(discoveryConfig *oidc.DiscoveryConfiguration) Endpoints {
return Endpoints{ return Endpoints{
Endpoint: oauth2.Endpoint{ Endpoint: oauth2.Endpoint{
AuthURL: discoveryConfig.AuthorizationEndpoint, AuthURL: discoveryConfig.AuthorizationEndpoint,
AuthStyle: oauth2.AuthStyleAutoDetect, TokenURL: discoveryConfig.TokenEndpoint,
TokenURL: discoveryConfig.TokenEndpoint,
}, },
IntrospectURL: discoveryConfig.IntrospectionEndpoint, IntrospectURL: discoveryConfig.IntrospectionEndpoint,
UserinfoURL: discoveryConfig.UserinfoEndpoint, UserinfoURL: discoveryConfig.UserinfoEndpoint,