public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #392 from arnottcr/master 

[github provider] use Authorization header, not access_token query parameter
This commit is contained in:
Jehiah Czebotar 2017-05-26 08:42:07 -04:00 committed by GitHub
parent f4c356637f 17b1fa31dd
commit 6d6cb7e1f8
1 changed files with 14 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
providers/github.go
View File

@ -62,7 +62,6 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
}
params := url.Values{
"access_token": {accessToken},
"limit": {"100"},
}
@ -74,6 +73,7 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
}
req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Accept", "application/vnd.github.v3+json")
req.Header.Set("Authorization", fmt.Sprintf("token %s", accessToken))
resp, err := http.DefaultClient.Do(req)
if err != nil {
return false, err
@ -86,7 +86,7 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
}
if resp.StatusCode != 200 {
return false, fmt.Errorf(
"got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body)
"got %d from %q %s", resp.StatusCode, endpoint.String(), body)
}
if err := json.Unmarshal(body, &orgs); err != nil {
@ -118,7 +118,6 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
}
params := url.Values{
"access_token": {accessToken},
"limit": {"100"},
}
@ -130,6 +129,7 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
}
req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Accept", "application/vnd.github.v3+json")
req.Header.Set("Authorization", fmt.Sprintf("token %s", accessToken))
resp, err := http.DefaultClient.Do(req)
if err != nil {
return false, err
@ -142,7 +142,7 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
}
if resp.StatusCode != 200 {
return false, fmt.Errorf(
"got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body)
"got %d from %q %s", resp.StatusCode, endpoint.String(), body)
}
if err := json.Unmarshal(body, &teams); err != nil {
@ -198,17 +198,14 @@ func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
}
}
params := url.Values{
"access_token": {s.AccessToken},
}
endpoint := &url.URL{
Scheme: p.ValidateURL.Scheme,
Host: p.ValidateURL.Host,
Path: path.Join(p.ValidateURL.Path, "/user/emails"),
RawQuery: params.Encode(),
}
resp, err := http.DefaultClient.Get(endpoint.String())
req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Authorization", fmt.Sprintf("token %s", s.AccessToken))
resp, err := http.DefaultClient.Do(req)
if err != nil {
return "", err
}
@ -220,9 +217,9 @@ func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
if resp.StatusCode != 200 {
return "", fmt.Errorf("got %d from %q %s",
resp.StatusCode, stripToken(endpoint.String()), body)
resp.StatusCode, endpoint.String(), body)
} else {
log.Printf("got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body)
log.Printf("got %d from %q %s", resp.StatusCode, endpoint.String(), body)
}
if err := json.Unmarshal(body, &emails); err != nil {