Standardize provider interface method names

oauthproxy.go

@@ -270,7 +270,7 @@ func buildSessionChain(opts *options.Options, sessionStore sessionsapi.SessionSt
 		if opts.GetOIDCVerifier() != nil {
 			sessionLoaders = append(sessionLoaders, middlewareapi.TokenToSessionLoader{
 				Verifier:       opts.GetOIDCVerifier(),
-				TokenToSession: opts.GetProvider().CreateSessionStateFromBearerToken,
+				TokenToSession: opts.GetProvider().CreateSessionFromBearer,
 			})
 		}
 
@@ -291,7 +291,7 @@ func buildSessionChain(opts *options.Options, sessionStore sessionsapi.SessionSt
 		SessionStore:           sessionStore,
 		RefreshPeriod:          opts.Cookie.Refresh,
 		RefreshSessionIfNeeded: opts.GetProvider().RefreshSessionIfNeeded,
-		ValidateSessionState:   opts.GetProvider().ValidateSessionState,
+		ValidateSessionState:   opts.GetProvider().ValidateSession,
 	}))
 
 	return chain
@@ -416,7 +416,7 @@ func (p *OAuthProxy) enrichSessionState(ctx context.Context, s *sessionsapi.Sess
 		}
 	}
 
-	return p.provider.EnrichSessionState(ctx, s)
+	return p.provider.EnrichSession(ctx, s)
 }
 
 // MakeCSRFCookie creates a cookie for CSRF

oauthproxy_test.go

@@ -400,7 +400,7 @@ func (tp *TestProvider) GetEmailAddress(_ context.Context, _ *sessions.SessionSt
 	return tp.EmailAddress, nil
 }
 
-func (tp *TestProvider) ValidateSessionState(_ context.Context, _ *sessions.SessionState) bool {
+func (tp *TestProvider) ValidateSession(_ context.Context, _ *sessions.SessionState) bool {
 	return tp.ValidToken
 }
 

providers/digitalocean.go

@@ -83,6 +83,6 @@ func (p *DigitalOceanProvider) GetEmailAddress(ctx context.Context, s *sessions.
 }
 
 // ValidateSessionState validates the AccessToken
-func (p *DigitalOceanProvider) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (p *DigitalOceanProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	return validateToken(ctx, p, s.AccessToken, makeOIDCHeader(s.AccessToken))
 }

providers/facebook.go

@@ -89,6 +89,6 @@ func (p *FacebookProvider) GetEmailAddress(ctx context.Context, s *sessions.Sess
 }
 
 // ValidateSessionState validates the AccessToken
-func (p *FacebookProvider) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (p *FacebookProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	return validateToken(ctx, p, s.AccessToken, makeOIDCHeader(s.AccessToken))
 }

providers/github.go

@@ -103,7 +103,7 @@ func (p *GitHubProvider) SetUsers(users []string) {
 }
 
 // EnrichSessionState updates the User & Email after the initial Redeem
-func (p *GitHubProvider) EnrichSessionState(ctx context.Context, s *sessions.SessionState) error {
+func (p *GitHubProvider) EnrichSession(ctx context.Context, s *sessions.SessionState) error {
 	err := p.getEmail(ctx, s)
 	if err != nil {
 		return err
@@ -112,7 +112,7 @@ func (p *GitHubProvider) EnrichSessionState(ctx context.Context, s *sessions.Ses
 }
 
 // ValidateSessionState validates the AccessToken
-func (p *GitHubProvider) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (p *GitHubProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	return validateToken(ctx, p, s.AccessToken, makeGitHubHeader(s.AccessToken))
 }
 

providers/gitlab.go

@@ -188,13 +188,13 @@ func (p *GitLabProvider) createSessionState(ctx context.Context, token *oauth2.T
 }
 
 // ValidateSessionState checks that the session's IDToken is still valid
-func (p *GitLabProvider) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (p *GitLabProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	_, err := p.Verifier.Verify(ctx, s.IDToken)
 	return err == nil
 }
 
 // GetEmailAddress returns the Account email address
-func (p *GitLabProvider) EnrichSessionState(ctx context.Context, s *sessions.SessionState) error {
+func (p *GitLabProvider) EnrichSession(ctx context.Context, s *sessions.SessionState) error {
 	// Retrieve user info
 	userInfo, err := p.getUserInfo(ctx, s)
 	if err != nil {

providers/gitlab_test.go

@@ -64,7 +64,7 @@ func TestGitLabProviderBadToken(t *testing.T) {
 	p := testGitLabProvider(bURL.Host)
 
 	session := &sessions.SessionState{AccessToken: "unexpected_gitlab_access_token"}
-	err := p.EnrichSessionState(context.Background(), session)
+	err := p.EnrichSession(context.Background(), session)
 	assert.Error(t, err)
 }
 
@@ -76,7 +76,7 @@ func TestGitLabProviderUnverifiedEmailDenied(t *testing.T) {
 	p := testGitLabProvider(bURL.Host)
 
 	session := &sessions.SessionState{AccessToken: "gitlab_access_token"}
-	err := p.EnrichSessionState(context.Background(), session)
+	err := p.EnrichSession(context.Background(), session)
 	assert.Error(t, err)
 }
 
@@ -89,7 +89,7 @@ func TestGitLabProviderUnverifiedEmailAllowed(t *testing.T) {
 	p.AllowUnverifiedEmail = true
 
 	session := &sessions.SessionState{AccessToken: "gitlab_access_token"}
-	err := p.EnrichSessionState(context.Background(), session)
+	err := p.EnrichSession(context.Background(), session)
 	assert.NoError(t, err)
 	assert.Equal(t, "foo@bar.com", session.Email)
 }
@@ -103,7 +103,7 @@ func TestGitLabProviderUsername(t *testing.T) {
 	p.AllowUnverifiedEmail = true
 
 	session := &sessions.SessionState{AccessToken: "gitlab_access_token"}
-	err := p.EnrichSessionState(context.Background(), session)
+	err := p.EnrichSession(context.Background(), session)
 	assert.NoError(t, err)
 	assert.Equal(t, "FooBar", session.User)
 }
@@ -118,7 +118,7 @@ func TestGitLabProviderGroupMembershipValid(t *testing.T) {
 	p.Groups = []string{"foo"}
 
 	session := &sessions.SessionState{AccessToken: "gitlab_access_token"}
-	err := p.EnrichSessionState(context.Background(), session)
+	err := p.EnrichSession(context.Background(), session)
 	assert.NoError(t, err)
 	assert.Equal(t, "FooBar", session.User)
 }
@@ -133,6 +133,6 @@ func TestGitLabProviderGroupMembershipMissing(t *testing.T) {
 	p.Groups = []string{"baz"}
 
 	session := &sessions.SessionState{AccessToken: "gitlab_access_token"}
-	err := p.EnrichSessionState(context.Background(), session)
+	err := p.EnrichSession(context.Background(), session)
 	assert.Error(t, err)
 }

providers/google.go

@@ -179,7 +179,7 @@ func (p *GoogleProvider) Redeem(ctx context.Context, redirectURL, code string) (
 
 // EnrichSessionState checks the listed Google Groups configured and adds any
 // that the user is a member of to session.Groups.
-func (p *GoogleProvider) EnrichSessionState(ctx context.Context, s *sessions.SessionState) error {
+func (p *GoogleProvider) EnrichSession(ctx context.Context, s *sessions.SessionState) error {
 	// TODO (@NickMeves) - Move to pure EnrichSessionState logic and stop
 	// reusing legacy `groupValidator`.
 	//

providers/internal_util_test.go

@@ -32,7 +32,7 @@ func (tp *ValidateSessionStateTestProvider) GetEmailAddress(ctx context.Context,
 
 // Note that we're testing the internal validateToken() used to implement
 // several Provider's ValidateSessionState() implementations
-func (tp *ValidateSessionStateTestProvider) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (tp *ValidateSessionStateTestProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	return false
 }
 

providers/linkedin.go

@@ -94,6 +94,6 @@ func (p *LinkedInProvider) GetEmailAddress(ctx context.Context, s *sessions.Sess
 }
 
 // ValidateSessionState validates the AccessToken
-func (p *LinkedInProvider) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (p *LinkedInProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	return validateToken(ctx, p, s.AccessToken, makeLinkedInHeader(s.AccessToken))
 }

providers/oidc.go

@@ -175,7 +175,7 @@ func (p *OIDCProvider) createSessionState(ctx context.Context, token *oauth2.Tok
 	return newSession, nil
 }
 
-func (p *OIDCProvider) CreateSessionStateFromBearerToken(ctx context.Context, rawIDToken string, idToken *oidc.IDToken) (*sessions.SessionState, error) {
+func (p *OIDCProvider) CreateSessionFromBearer(ctx context.Context, rawIDToken string, idToken *oidc.IDToken) (*sessions.SessionState, error) {
 	newSession, err := p.createSessionStateInternal(ctx, idToken, nil)
 	if err != nil {
 		return nil, err
@@ -221,7 +221,7 @@ func (p *OIDCProvider) createSessionStateInternal(ctx context.Context, idToken *
 }
 
 // ValidateSessionState checks that the session's IDToken is still valid
-func (p *OIDCProvider) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (p *OIDCProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	_, err := p.Verifier.Verify(ctx, s.IDToken)
 	return err == nil
 }

providers/oidc_test.go

@@ -354,7 +354,7 @@ func TestCreateSessionStateFromBearerToken(t *testing.T) {
 			idToken, err := verifier.Verify(context.Background(), rawIDToken)
 			assert.NoError(t, err)
 
-			ss, err := provider.CreateSessionStateFromBearerToken(context.Background(), rawIDToken, idToken)
+			ss, err := provider.CreateSessionFromBearer(context.Background(), rawIDToken, idToken)
 			assert.NoError(t, err)
 
 			assert.Equal(t, tc.ExpectedUser, ss.User)

providers/provider_default.go

@@ -94,7 +94,7 @@ func (p *ProviderData) GetEmailAddress(_ context.Context, _ *sessions.SessionSta
 
 // EnrichSessionState is called after Redeem to allow providers to enrich session fields
 // such as User, Email, Groups with provider specific API calls.
-func (p *ProviderData) EnrichSessionState(_ context.Context, _ *sessions.SessionState) error {
+func (p *ProviderData) EnrichSession(_ context.Context, _ *sessions.SessionState) error {
 	return nil
 }
 
@@ -115,7 +115,7 @@ func (p *ProviderData) Authorize(_ context.Context, s *sessions.SessionState) (b
 }
 
 // ValidateSessionState validates the AccessToken
-func (p *ProviderData) ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool {
+func (p *ProviderData) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
 	return validateToken(ctx, p, s.AccessToken, nil)
 }
 
@@ -127,6 +127,6 @@ func (p *ProviderData) RefreshSessionIfNeeded(_ context.Context, _ *sessions.Ses
 
 // CreateSessionStateFromBearerToken should be implemented to allow providers
 // to convert ID tokens into sessions
-func (p *ProviderData) CreateSessionStateFromBearerToken(_ context.Context, _ string, _ *oidc.IDToken) (*sessions.SessionState, error) {
+func (p *ProviderData) CreateSessionFromBearer(_ context.Context, _ string, _ *oidc.IDToken) (*sessions.SessionState, error) {
 	return nil, ErrNotImplemented
 }

providers/provider_default_test.go

@@ -52,7 +52,7 @@ func TestAcrValuesConfigured(t *testing.T) {
 func TestEnrichSessionState(t *testing.T) {
 	p := &ProviderData{}
 	s := &sessions.SessionState{}
-	assert.NoError(t, p.EnrichSessionState(context.Background(), s))
+	assert.NoError(t, p.EnrichSession(context.Background(), s))
 }
 
 func TestProviderDataAuthorize(t *testing.T) {

providers/providers.go

@@ -13,12 +13,12 @@ type Provider interface {
 	// DEPRECATED: Migrate to EnrichSessionState
 	GetEmailAddress(ctx context.Context, s *sessions.SessionState) (string, error)
 	Redeem(ctx context.Context, redirectURI, code string) (*sessions.SessionState, error)
-	EnrichSessionState(ctx context.Context, s *sessions.SessionState) error
+	EnrichSession(ctx context.Context, s *sessions.SessionState) error
 	Authorize(ctx context.Context, s *sessions.SessionState) (bool, error)
-	ValidateSessionState(ctx context.Context, s *sessions.SessionState) bool
+	ValidateSession(ctx context.Context, s *sessions.SessionState) bool
 	GetLoginURL(redirectURI, finalRedirect string) string
 	RefreshSessionIfNeeded(ctx context.Context, s *sessions.SessionState) (bool, error)
-	CreateSessionStateFromBearerToken(ctx context.Context, rawIDToken string, idToken *oidc.IDToken) (*sessions.SessionState, error)
+	CreateSessionFromBearer(ctx context.Context, rawIDToken string, idToken *oidc.IDToken) (*sessions.SessionState, error)
 }
 
 // New provides a new Provider based on the configured provider string