Merge 8419af869d into e4becfdf1f
This commit is contained in:
Drew Foehn
GitHub
commit
8ff3a43ab8
|
|
@ -8,6 +8,8 @@
|
||||||
|
|
||||||
## Changes since v7.13.0
|
## Changes since v7.13.0
|
||||||
|
|
||||||
|
- [#3236](https://github.com/oauth2-proxy/oauth2-proxy/pull/3236) Updated the Google Provider's token endpoint to match Google OIDC's token endpoint. As listed in https://accounts.google.com/.well-known/openid-configuration this token endpoint provides additional claims in the id token such as profile photo and full name (@pixeldrew)
|
||||||
|
|
||||||
# V7.13.0
|
# V7.13.0
|
||||||
|
|
||||||
## Release Highlights
|
## Release Highlights
|
||||||
|
|
|
||||||
|
|
@ -69,19 +69,26 @@ var (
|
||||||
}
|
}
|
||||||
|
|
||||||
// Default Redeem URL for Google.
|
// Default Redeem URL for Google.
|
||||||
// Pre-parsed URL of https://www.googleapis.com/oauth2/v3/token.
|
// pulled from https://accounts.google.com/.well-known/openid-configuration
|
||||||
googleDefaultRedeemURL = &url.URL{
|
googleDefaultRedeemURL = &url.URL{
|
||||||
Scheme: "https",
|
Scheme: "https",
|
||||||
Host: "www.googleapis.com",
|
Host: "oauth2.googleapis.com",
|
||||||
Path: "/oauth2/v3/token",
|
Path: "/token",
|
||||||
}
|
}
|
||||||
|
|
||||||
// Default Validation URL for Google.
|
// Default Validation URL for Google.
|
||||||
// Pre-parsed URL of https://www.googleapis.com/oauth2/v1/tokeninfo.
|
// https://developers.google.com/identity/sign-in/android/backend-auth#calling-the-tokeninfo-endpoint
|
||||||
googleDefaultValidateURL = &url.URL{
|
googleDefaultValidateURL = &url.URL{
|
||||||
Scheme: "https",
|
Scheme: "https",
|
||||||
Host: "www.googleapis.com",
|
Host: "oauth2.googleapis.com",
|
||||||
Path: "/oauth2/v1/tokeninfo",
|
Path: "/tokeninfo",
|
||||||
|
}
|
||||||
|
|
||||||
|
// pulled from https://openidconnect.googleapis.com/v1/userinfo
|
||||||
|
googleDefaultProfileURL = &url.URL{
|
||||||
|
Scheme: "https",
|
||||||
|
Host: "openidconnect.googleapis.com",
|
||||||
|
Path: "/v1/userinfo",
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -91,7 +98,7 @@ func NewGoogleProvider(p *ProviderData, opts options.GoogleOptions) (*GoogleProv
|
||||||
name: googleProviderName,
|
name: googleProviderName,
|
||||||
loginURL: googleDefaultLoginURL,
|
loginURL: googleDefaultLoginURL,
|
||||||
redeemURL: googleDefaultRedeemURL,
|
redeemURL: googleDefaultRedeemURL,
|
||||||
profileURL: nil,
|
profileURL: googleDefaultProfileURL,
|
||||||
validateURL: googleDefaultValidateURL,
|
validateURL: googleDefaultValidateURL,
|
||||||
scope: googleDefaultScope,
|
scope: googleDefaultScope,
|
||||||
})
|
})
|
||||||
|
|
|
||||||
|
|
@ -51,9 +51,9 @@ func TestNewGoogleProvider(t *testing.T) {
|
||||||
|
|
||||||
g.Expect(providerData.ProviderName).To(Equal("Google"))
|
g.Expect(providerData.ProviderName).To(Equal("Google"))
|
||||||
g.Expect(providerData.LoginURL.String()).To(Equal("https://accounts.google.com/o/oauth2/auth?access_type=offline"))
|
g.Expect(providerData.LoginURL.String()).To(Equal("https://accounts.google.com/o/oauth2/auth?access_type=offline"))
|
||||||
g.Expect(providerData.RedeemURL.String()).To(Equal("https://www.googleapis.com/oauth2/v3/token"))
|
g.Expect(providerData.RedeemURL.String()).To(Equal("https://oauth2.googleapis.com/token"))
|
||||||
g.Expect(providerData.ProfileURL.String()).To(Equal(""))
|
g.Expect(providerData.ProfileURL.String()).To(Equal("https://openidconnect.googleapis.com/v1/userinfo"))
|
||||||
g.Expect(providerData.ValidateURL.String()).To(Equal("https://www.googleapis.com/oauth2/v1/tokeninfo"))
|
g.Expect(providerData.ValidateURL.String()).To(Equal("https://oauth2.googleapis.com/tokeninfo"))
|
||||||
g.Expect(providerData.Scope).To(Equal("profile email"))
|
g.Expect(providerData.Scope).To(Equal("profile email"))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue