mirror of
https://github.com/matrix-org/dendrite.git
synced 2026-01-22 05:23:09 -06:00
Fix clientapi for the OAuth2 OIDC refactoring in b8ac83f.
This commit is contained in:
Tommie Gannert
parent
098fb12575
commit
59a327da19
|
|
@ -23,6 +23,7 @@ import (
|
||||||
func newGitHubIdentityProvider(cfg *config.IdentityProvider, hc *http.Client) identityProvider {
|
func newGitHubIdentityProvider(cfg *config.IdentityProvider, hc *http.Client) identityProvider {
|
||||||
return &oauth2IdentityProvider{
|
return &oauth2IdentityProvider{
|
||||||
cfg: cfg,
|
cfg: cfg,
|
||||||
|
oauth2Cfg: &cfg.OAuth2,
|
||||||
hc: hc,
|
hc: hc,
|
||||||
|
|
||||||
authorizationURL: "https://github.com/login/oauth/authorize",
|
authorizationURL: "https://github.com/login/oauth/authorize",
|
||||||
|
|
|
||||||
|
|
@ -32,6 +32,7 @@ import (
|
||||||
|
|
||||||
type oauth2IdentityProvider struct {
|
type oauth2IdentityProvider struct {
|
||||||
cfg *config.IdentityProvider
|
cfg *config.IdentityProvider
|
||||||
|
oauth2Cfg *config.OAuth2
|
||||||
hc *http.Client
|
hc *http.Client
|
||||||
|
|
||||||
authorizationURL string
|
authorizationURL string
|
||||||
|
|
@ -48,7 +49,7 @@ type oauth2IdentityProvider struct {
|
||||||
|
|
||||||
func (p *oauth2IdentityProvider) AuthorizationURL(ctx context.Context, callbackURL, nonce string) (string, error) {
|
func (p *oauth2IdentityProvider) AuthorizationURL(ctx context.Context, callbackURL, nonce string) (string, error) {
|
||||||
u, err := resolveURL(p.authorizationURL, url.Values{
|
u, err := resolveURL(p.authorizationURL, url.Values{
|
||||||
"client_id": []string{p.cfg.OAuth2.ClientID},
|
"client_id": []string{p.oauth2Cfg.ClientID},
|
||||||
"response_type": []string{"code"},
|
"response_type": []string{"code"},
|
||||||
"redirect_uri": []string{callbackURL},
|
"redirect_uri": []string{callbackURL},
|
||||||
"scope": []string{strings.Join(p.scopes, " ")},
|
"scope": []string{strings.Join(p.scopes, " ")},
|
||||||
|
|
@ -121,8 +122,8 @@ func (p *oauth2IdentityProvider) getAccessToken(ctx context.Context, callbackURL
|
||||||
"grant_type": []string{"authorization_code"},
|
"grant_type": []string{"authorization_code"},
|
||||||
"code": []string{code},
|
"code": []string{code},
|
||||||
"redirect_uri": []string{callbackURL},
|
"redirect_uri": []string{callbackURL},
|
||||||
"client_id": []string{p.cfg.OAuth2.ClientID},
|
"client_id": []string{p.oauth2Cfg.ClientID},
|
||||||
"client_secret": []string{p.cfg.OAuth2.ClientSecret},
|
"client_secret": []string{p.oauth2Cfg.ClientSecret},
|
||||||
}
|
}
|
||||||
hreq, err := http.NewRequestWithContext(ctx, http.MethodPost, p.accessTokenURL, strings.NewReader(body.Encode()))
|
hreq, err := http.NewRequestWithContext(ctx, http.MethodPost, p.accessTokenURL, strings.NewReader(body.Encode()))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,7 @@ func TestOAuth2IdentityProviderAuthorizationURL(t *testing.T) {
|
||||||
|
|
||||||
authorizationURL: "https://oauth2.example.com/authorize",
|
authorizationURL: "https://oauth2.example.com/authorize",
|
||||||
}
|
}
|
||||||
|
idp.oauth2Cfg = &idp.cfg.OAuth2
|
||||||
|
|
||||||
got, err := idp.AuthorizationURL(ctx, "https://matrix.example.com/continue", "anonce")
|
got, err := idp.AuthorizationURL(ctx, "https://matrix.example.com/continue", "anonce")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -98,6 +99,7 @@ func TestOAuth2IdentityProviderProcessCallback(t *testing.T) {
|
||||||
displayNamePath: "name",
|
displayNamePath: "name",
|
||||||
suggestedUserIDPath: "preferred_user",
|
suggestedUserIDPath: "preferred_user",
|
||||||
}
|
}
|
||||||
|
idp.oauth2Cfg = &idp.cfg.OAuth2
|
||||||
|
|
||||||
got, err := idp.ProcessCallback(ctx, callbackURL, "anonce", tst.Query)
|
got, err := idp.ProcessCallback(ctx, callbackURL, "anonce", tst.Query)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -145,6 +147,7 @@ func TestOAuth2IdentityProviderGetAccessToken(t *testing.T) {
|
||||||
|
|
||||||
accessTokenURL: s.URL + "/token",
|
accessTokenURL: s.URL + "/token",
|
||||||
}
|
}
|
||||||
|
idp.oauth2Cfg = &idp.cfg.OAuth2
|
||||||
|
|
||||||
got, err := idp.getAccessToken(ctx, callbackURL, "acode")
|
got, err := idp.getAccessToken(ctx, callbackURL, "acode")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -198,6 +201,7 @@ func TestOAuth2IdentityProviderGetUserInfo(t *testing.T) {
|
||||||
displayNamePath: "name",
|
displayNamePath: "name",
|
||||||
suggestedUserIDPath: "preferred_user",
|
suggestedUserIDPath: "preferred_user",
|
||||||
}
|
}
|
||||||
|
idp.oauth2Cfg = &idp.cfg.OAuth2
|
||||||
|
|
||||||
gotSub, gotName, gotSuggestedUser, err := idp.getUserInfo(ctx, "atoken")
|
gotSub, gotName, gotSuggestedUser, err := idp.getUserInfo(ctx, "atoken")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
|
|
@ -51,6 +51,7 @@ func newOIDCIdentityProvider(cfg *config.IdentityProvider, hc *http.Client) *oid
|
||||||
return &oidcIdentityProvider{
|
return &oidcIdentityProvider{
|
||||||
oauth2IdentityProvider: &oauth2IdentityProvider{
|
oauth2IdentityProvider: &oauth2IdentityProvider{
|
||||||
cfg: cfg,
|
cfg: cfg,
|
||||||
|
oauth2Cfg: &cfg.OIDC.OAuth2,
|
||||||
hc: hc,
|
hc: hc,
|
||||||
|
|
||||||
scopes: []string{"openid", "profile", "email"},
|
scopes: []string{"openid", "profile", "email"},
|
||||||
|
|
|
||||||
|
|
@ -26,10 +26,10 @@ func TestOIDCIdentityProviderAuthorizationURL(t *testing.T) {
|
||||||
defer s.Close()
|
defer s.Close()
|
||||||
|
|
||||||
idp := newOIDCIdentityProvider(&config.IdentityProvider{
|
idp := newOIDCIdentityProvider(&config.IdentityProvider{
|
||||||
|
OIDC: config.OIDC{
|
||||||
OAuth2: config.OAuth2{
|
OAuth2: config.OAuth2{
|
||||||
ClientID: "aclientid",
|
ClientID: "aclientid",
|
||||||
},
|
},
|
||||||
OIDC: config.OIDC{
|
|
||||||
DiscoveryURL: s.URL + "/discovery",
|
DiscoveryURL: s.URL + "/discovery",
|
||||||
},
|
},
|
||||||
}, s.Client())
|
}, s.Client())
|
||||||
|
|
@ -97,10 +97,10 @@ func TestOIDCIdentityProviderProcessCallback(t *testing.T) {
|
||||||
|
|
||||||
sURL = s.URL
|
sURL = s.URL
|
||||||
idp := newOIDCIdentityProvider(&config.IdentityProvider{
|
idp := newOIDCIdentityProvider(&config.IdentityProvider{
|
||||||
|
OIDC: config.OIDC{
|
||||||
OAuth2: config.OAuth2{
|
OAuth2: config.OAuth2{
|
||||||
ClientID: "aclientid",
|
ClientID: "aclientid",
|
||||||
},
|
},
|
||||||
OIDC: config.OIDC{
|
|
||||||
DiscoveryURL: sURL + "/discovery",
|
DiscoveryURL: sURL + "/discovery",
|
||||||
},
|
},
|
||||||
}, s.Client())
|
}, s.Client())
|
||||||
|
|
|
||||||
|
|
@ -20,10 +20,10 @@ func TestNewAuthenticator(t *testing.T) {
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Type: config.SSOTypeOIDC,
|
Type: config.SSOTypeOIDC,
|
||||||
|
OIDC: config.OIDC{
|
||||||
OAuth2: config.OAuth2{
|
OAuth2: config.OAuth2{
|
||||||
ClientID: "aclientid",
|
ClientID: "aclientid",
|
||||||
},
|
},
|
||||||
OIDC: config.OIDC{
|
|
||||||
DiscoveryURL: "http://oidc.example.com/discovery",
|
DiscoveryURL: "http://oidc.example.com/discovery",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue