public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add ValidateSession function to LoginGovProvder to include Auth Header (#1509) 

* Add ValidateSession function to LoginGovProvder to include Auth Header

* Update CHANGELOG for PR 1509

* Update logingov_test to include ValidationURL
This commit is contained in:
Preston Sheldon 2022-02-04 04:22:33 -05:00 committed by GitHub
parent 88709d8b69
commit 11699a822a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -10,6 +10,7 @@
- [#1489](https://github.com/oauth2-proxy/oauth2-proxy/pull/1489) Fix Docker Buildx push to include build version (@JoelSpeed) - [#1489](https://github.com/oauth2-proxy/oauth2-proxy/pull/1489) Fix Docker Buildx push to include build version (@JoelSpeed)
- [#1477](https://github.com/oauth2-proxy/oauth2-proxy/pull/1477) Remove provider documentation for `Microsoft Azure AD` (@omBratteng) - [#1477](https://github.com/oauth2-proxy/oauth2-proxy/pull/1477) Remove provider documentation for `Microsoft Azure AD` (@omBratteng)
- [#1509](https://github.com/oauth2-proxy/oauth2-proxy/pull/1509) Update LoginGovProvider ValidateSession to pass access_token in Header (@pksheldon4)
# V7.2.1 # V7.2.1

7
providers/logingov.go
View File

@ -84,7 +84,7 @@ func NewLoginGovProvider(p *ProviderData) *LoginGovProvider {
loginURL: loginGovDefaultLoginURL, loginURL: loginGovDefaultLoginURL,
redeemURL: loginGovDefaultRedeemURL, redeemURL: loginGovDefaultRedeemURL,
profileURL: loginGovDefaultProfileURL, profileURL: loginGovDefaultProfileURL,
validateURL: nil, validateURL: loginGovDefaultProfileURL,
scope: loginGovDefaultScope, scope: loginGovDefaultScope,
}) })
return &LoginGovProvider{ return &LoginGovProvider{
@ -237,3 +237,8 @@ func (p *LoginGovProvider) GetLoginURL(redirectURI, state, _ string) string {
a := makeLoginURL(p.ProviderData, redirectURI, state, extraParams) a := makeLoginURL(p.ProviderData, redirectURI, state, extraParams)
return a.String() return a.String()
} }
// ValidateSession validates the AccessToken
func (p *LoginGovProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
return validateToken(ctx, p, s.AccessToken, makeOIDCHeader(s.AccessToken))
}

2
providers/logingov_test.go
View File

@ -75,7 +75,7 @@ func TestNewLoginGovProvider(t *testing.T) {
g.Expect(providerData.LoginURL.String()).To(Equal("https://secure.login.gov/openid_connect/authorize")) g.Expect(providerData.LoginURL.String()).To(Equal("https://secure.login.gov/openid_connect/authorize"))
g.Expect(providerData.RedeemURL.String()).To(Equal("https://secure.login.gov/api/openid_connect/token")) g.Expect(providerData.RedeemURL.String()).To(Equal("https://secure.login.gov/api/openid_connect/token"))
g.Expect(providerData.ProfileURL.String()).To(Equal("https://secure.login.gov/api/openid_connect/userinfo")) g.Expect(providerData.ProfileURL.String()).To(Equal("https://secure.login.gov/api/openid_connect/userinfo"))
g.Expect(providerData.ValidateURL.String()).To(Equal("")) g.Expect(providerData.ValidateURL.String()).To(Equal("https://secure.login.gov/api/openid_connect/userinfo"))
g.Expect(providerData.Scope).To(Equal("email openid")) g.Expect(providerData.Scope).To(Equal("email openid"))
} }