go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-15 00:15:00 +02:00
Code Issues Releases Activity

SessionState refactoring; improve token renewal and cookie refresh

Browse Source 
* New SessionState to consolidate email, access token and refresh token
* split ServeHttp into individual methods
* log on session renewal
* log on access token refresh
* refactor cookie encription/decription and session state serialization
This commit is contained in:
Jehiah Czebotar
2015-06-23 07:23:39 -04:00
parent b9ae5dc8d7
commit d49c3e167f
21 changed files with 883 additions and 597 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
providers/github.go
View File

@ -2,8 +2,10 @@ package providers
import (
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"log"
"net/http"
"net/url"
)
@ -138,7 +140,7 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
return false, nil
}
func (p *GitHubProvider) GetEmailAddress(body []byte, access_token string) (string, error) {
func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
var emails []struct {
Email string `json:"email"`
@ -148,31 +150,34 @@ func (p *GitHubProvider) GetEmailAddress(body []byte, access_token string) (stri
// if we require an Org or Team, check that first
if p.Org != "" {
if p.Team != "" {
if ok, err := p.hasOrgAndTeam(access_token); err != nil || !ok {
if ok, err := p.hasOrgAndTeam(s.AccessToken); err != nil || !ok {
return "", err
}
} else {
if ok, err := p.hasOrg(access_token); err != nil || !ok {
if ok, err := p.hasOrg(s.AccessToken); err != nil || !ok {
return "", err
}
}
}
params := url.Values{
"access_token": {access_token},
"access_token": {s.AccessToken},
}
endpoint := "https://api.github.com/user/emails?" + params.Encode()
resp, err := http.DefaultClient.Get(endpoint)
if err != nil {
return "", err
}
body, err = ioutil.ReadAll(resp.Body)
body, err := ioutil.ReadAll(resp.Body)
resp.Body.Close()
if err != nil {
return "", err
}
if resp.StatusCode != 200 {
return "", fmt.Errorf("got %d from %q %s", resp.StatusCode, endpoint, body)
} else {
log.Printf("got %d from %q %s", resp.StatusCode, endpoint, body)
}
if err := json.Unmarshal(body, &emails); err != nil {
@ -185,9 +190,5 @@ func (p *GitHubProvider) GetEmailAddress(body []byte, access_token string) (stri
}
}
return "", nil
}
func (p *GitHubProvider) ValidateToken(access_token string) bool {
return validateToken(p, access_token, nil)
return "", errors.New("no email address found")
}