public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

chore(goconsts): use proper constants for http methods 

Signed-off-by: Jan Larwig <jan@larwig.com>
This commit is contained in:
Jan Larwig 2026-06-08 12:54:40 +02:00
parent 65037b086c
commit 9a14186a26
No known key found for this signature in database
GPG Key ID: C2172BFA220A037A
11 changed files with 106 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
oauthproxy.go
View File

@ -587,7 +587,7 @@ func (p *OAuthProxy) ErrorPage(rw http.ResponseWriter, req *http.Request, code i
// IsAllowedRequest is used to check if auth should be skipped for this request
func (p *OAuthProxy) IsAllowedRequest(req *http.Request) bool {
isPreflightRequestAllowed := p.skipAuthPreflight && req.Method == "OPTIONS"
isPreflightRequestAllowed := p.skipAuthPreflight && req.Method == http.MethodOptions
return isPreflightRequestAllowed || p.isAllowedRoute(req) || p.isTrustedIP(req)
}
@ -669,7 +669,7 @@ func (p *OAuthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code
// ManualSignIn handles basic auth logins to the proxy
func (p *OAuthProxy) ManualSignIn(req *http.Request) (string, bool, int) {
if req.Method != "POST" || p.basicAuthValidator == nil {
if req.Method != http.MethodPost || p.basicAuthValidator == nil {
return "", false, http.StatusOK
}
user := req.FormValue("username")

150
oauthproxy_test.go
View File

@ -54,7 +54,7 @@ func TestRobotsTxt(t *testing.T) {
t.Fatal(err)
}
rw := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/robots.txt", nil)
req, _ := http.NewRequest(http.MethodGet, "/robots.txt", nil)
proxy.ServeHTTP(rw, req)
assert.Equal(t, 200, rw.Code)
assert.Equal(t, "User-agent: *\nDisallow: /\n", rw.Body.String())
@ -241,7 +241,7 @@ func TestBasicAuthPassword(t *testing.T) {
// Save the required session
rw := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
err = proxy.sessionStore.Save(rw, req, &sessions.SessionState{
Email: emailAddress,
})
@ -250,7 +250,7 @@ func TestBasicAuthPassword(t *testing.T) {
// Extract the cookie value to inject into the test request
cookie := rw.Header().Values("Set-Cookie")[0]
req, _ = http.NewRequest("GET", "/", nil)
req, _ = http.NewRequest(http.MethodGet, "/", nil)
req.Header.Set("Cookie", cookie)
rw = httptest.NewRecorder()
proxy.ServeHTTP(rw, req)
@ -300,14 +300,14 @@ func TestPassGroupsHeadersWithGroups(t *testing.T) {
// Save the required session
rw := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
err = proxy.sessionStore.Save(rw, req, session)
assert.NoError(t, err)
// Extract the cookie value to inject into the test request
cookie := rw.Header().Values("Set-Cookie")[0]
req, _ = http.NewRequest("GET", "/", nil)
req, _ = http.NewRequest(http.MethodGet, "/", nil)
req.Header.Set("Cookie", cookie)
rw = httptest.NewRecorder()
proxy.ServeHTTP(rw, req)
@ -457,7 +457,7 @@ func (patTest *PassAccessTokenTest) getEndpointWithCookie(cookie string, endpoin
return 0, ""
}
req, err := http.NewRequest("GET", endpoint, strings.NewReader(""))
req, err := http.NewRequest(http.MethodGet, endpoint, strings.NewReader(""))
if err != nil {
return 0, ""
}
@ -608,7 +608,7 @@ func NewSignInPageTest(skipProvider bool) (*SignInPageTest, error) {
func (sipTest *SignInPageTest) GetEndpoint(endpoint string) (int, string) {
rw := httptest.NewRecorder()
req, _ := http.NewRequest("GET", endpoint, strings.NewReader(""))
req, _ := http.NewRequest(http.MethodGet, endpoint, strings.NewReader(""))
sipTest.proxy.ServeHTTP(rw, req)
return rw.Code, rw.Body.String()
}
@ -894,7 +894,7 @@ func NewProcessCookieTest(opts ProcessCookieTestOpts, modifiers ...OptionsModifi
// access_token validation.
pcTest.proxy.CookieOptions.Refresh = time.Duration(0)
pcTest.rw = httptest.NewRecorder()
pcTest.req, _ = http.NewRequest("GET", "/", strings.NewReader(""))
pcTest.req, _ = http.NewRequest(http.MethodGet, "/", strings.NewReader(""))
pcTest.validateUser = true
return &pcTest, nil
}
@ -1027,7 +1027,7 @@ func NewUserInfoEndpointTest() (*ProcessCookieTest, error) {
if err != nil {
return nil, err
}
pcTest.req, _ = http.NewRequest("GET",
pcTest.req, _ = http.NewRequest(http.MethodGet,
pcTest.opts.ProxyPrefix+"/userinfo", nil)
return pcTest, nil
}
@ -1135,7 +1135,7 @@ func NewAuthOnlyEndpointTest(querystring string, modifiers ...OptionsModifier) (
return nil, err
}
pcTest.req, _ = http.NewRequest(
"GET",
http.MethodGet,
fmt.Sprintf("%s/auth%s", pcTest.opts.ProxyPrefix, querystring),
nil)
return pcTest, nil
@ -1274,7 +1274,7 @@ func TestAuthOnlyEndpointSetXAuthRequestHeaders(t *testing.T) {
pcTest.validateUser = true
pcTest.rw = httptest.NewRecorder()
pcTest.req, _ = http.NewRequest("GET",
pcTest.req, _ = http.NewRequest(http.MethodGet,
pcTest.opts.ProxyPrefix+authOnlyPath, nil)
created := time.Now()
@ -1367,7 +1367,7 @@ func TestAuthOnlyEndpointSetBasicAuthTrueRequestHeaders(t *testing.T) {
pcTest.validateUser = true
pcTest.rw = httptest.NewRecorder()
pcTest.req, _ = http.NewRequest("GET",
pcTest.req, _ = http.NewRequest(http.MethodGet,
pcTest.opts.ProxyPrefix+authOnlyPath, nil)
created := time.Now()
@ -1447,7 +1447,7 @@ func TestAuthOnlyEndpointSetBasicAuthFalseRequestHeaders(t *testing.T) {
pcTest.validateUser = true
pcTest.rw = httptest.NewRecorder()
pcTest.req, _ = http.NewRequest("GET",
pcTest.req, _ = http.NewRequest(http.MethodGet,
pcTest.opts.ProxyPrefix+authOnlyPath, nil)
created := time.Now()
@ -1495,7 +1495,7 @@ func TestAuthSkippedForPreflightRequests(t *testing.T) {
}
proxy.provider = NewTestProvider(upstreamURL, "")
rw := httptest.NewRecorder()
req, _ := http.NewRequest("OPTIONS", "/preflight-request", nil)
req, _ := http.NewRequest(http.MethodOptions, "/preflight-request", nil)
proxy.ServeHTTP(rw, req)
assert.Equal(t, 200, rw.Code)
@ -1652,19 +1652,19 @@ func TestRequestSignature(t *testing.T) {
resp string
}{
"No request signature": {
method: "GET",
method: http.MethodGet,
body: "",
key: "",
resp: "no signature received",
},
"Get request": {
method: "GET",
method: http.MethodGet,
body: "",
key: "7d9e1aa87a5954e6f9fc59266b3af9d7c35fda2d",
resp: "signatures match",
},
"Post request": {
method: "POST",
method: http.MethodPost,
body: `{ "hello": "world!" }`,
key: "d90df39e2d19282840252612dd7c81421a372f61",
resp: "signatures match",
@ -2189,7 +2189,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: false,
realClientIPHeader: "X-Real-IP", // Default value
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
return req
}(),
expectTrusted: false,
@ -2201,7 +2201,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: false,
realClientIPHeader: "X-Real-IP",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.RemoteAddr = "@"
return req
}(),
@ -2214,7 +2214,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: false,
realClientIPHeader: "X-Real-IP",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.RemoteAddr = "@"
return req
}(),
@ -2227,7 +2227,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: false,
realClientIPHeader: "X-Real-IP", // Default value
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.RemoteAddr = "127.0.0.1:43670"
return req
}(),
@ -2240,7 +2240,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: true,
realClientIPHeader: "X-Real-IP", // Default value
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.RemoteAddr = "127.0.0.1:44324"
return req
}(),
@ -2253,7 +2253,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: true,
realClientIPHeader: "X-Forwarded-For",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.Header.Add("X-Forwarded-For", "127.0.0.1")
return req
}(),
@ -2266,7 +2266,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: true,
realClientIPHeader: "X-Forwarded-For",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.Header.Add("X-Forwarded-For", "::1")
return req
}(),
@ -2279,7 +2279,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: true,
realClientIPHeader: "X-Forwarded-For",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.Header.Add("X-Forwarded-For", "12.34.56.78")
return req
}(),
@ -2292,7 +2292,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: true,
realClientIPHeader: "X-Forwarded-For",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.Header.Add("X-Forwarded-For", "::2")
return req
}(),
@ -2305,7 +2305,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: true,
realClientIPHeader: "X-Forwarded-For",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.Header.Add("X-Real-IP", "::1")
return req
}(),
@ -2318,7 +2318,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: true,
realClientIPHeader: "X-Forwarded-For",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.Header.Add("X-Forwarded-For", "adsfljk29242as!!")
return req
}(),
@ -2331,7 +2331,7 @@ func TestTrustedIPs(t *testing.T) {
reverseProxy: false,
realClientIPHeader: "X-Real-IP",
req: func() *http.Request {
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
req.RemoteAddr = "adsfljk29242as!!"
return req
}(),
@ -2427,12 +2427,12 @@ func Test_buildRoutesAllowlist(t *testing.T) {
},
expectedRoutes: []expectedAllowedRoute{
{
method: "GET",
method: http.MethodGet,
negate: false,
regexString: "^/foo/bar",
},
{
method: "POST",
method: http.MethodPost,
negate: false,
regexString: "^/baz/[0-9]+/thing",
},
@ -2485,11 +2485,11 @@ func Test_buildRoutesAllowlist(t *testing.T) {
regexString: "^/baz/[0-9]+/thing/regex",
},
{
method: "GET",
method: http.MethodGet,
regexString: "^/foo/bar",
},
{
method: "POST",
method: http.MethodPost,
regexString: "^/baz/[0-9]+/thing",
},
{
@ -2641,7 +2641,7 @@ func TestApiRoutes(t *testing.T) {
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
req, err := http.NewRequest("GET", tc.url, nil)
req, err := http.NewRequest(http.MethodGet, tc.url, nil)
req.Header.Set("Accept", tc.contentType)
assert.NoError(t, err)
@ -2700,37 +2700,37 @@ func TestAllowedRequest(t *testing.T) {
}{
{
name: "Regex GET allowed",
method: "GET",
method: http.MethodGet,
url: "/skip/auth/regex",
allowed: true,
},
{
name: "Regex POST allowed ",
method: "POST",
method: http.MethodPost,
url: "/skip/auth/regex",
allowed: true,
},
{
name: "Regex denied",
method: "GET",
method: http.MethodGet,
url: "/wrong/denied",
allowed: false,
},
{
name: "Regex allowed with fragment-free path",
method: "GET",
method: http.MethodGet,
url: "/public/legit/endpoint",
allowed: true,
},
{
name: "Regex denied when path contains encoded fragment suffix",
method: "GET",
method: http.MethodGet,
url: "/public/secret%23/endpoint",
allowed: false,
},
{
name: "Route allowed",
method: "GET",
method: http.MethodGet,
url: "/skip/auth/routes/get",
allowed: true,
},
@ -2742,25 +2742,25 @@ func TestAllowedRequest(t *testing.T) {
},
{
name: "Route denied with wrong path",
method: "GET",
method: http.MethodGet,
url: "/skip/auth/routes/wrong/path",
allowed: false,
},
{
name: "Route denied with wrong path and method",
method: "POST",
method: http.MethodPost,
url: "/skip/auth/routes/wrong/path",
allowed: false,
},
{
name: "Route allowed with fragment-free path",
method: "GET",
method: http.MethodGet,
url: "/foo/public/bar",
allowed: true,
},
{
name: "Route denied when path contains encoded fragment suffix",
method: "GET",
method: http.MethodGet,
url: "/foo/secret%23/bar",
allowed: false,
},
@ -2825,37 +2825,37 @@ func TestAllowedRequestWithForwardedUriHeader(t *testing.T) {
}{
{
name: "Regex GET allowed",
method: "GET",
method: http.MethodGet,
url: "/skip/auth/regex",
allowed: true,
},
{
name: "Regex POST allowed ",
method: "POST",
method: http.MethodPost,
url: "/skip/auth/regex",
allowed: true,
},
{
name: "Regex denied",
method: "GET",
method: http.MethodGet,
url: "/wrong/denied",
allowed: false,
},
{
name: "Regex allowed with fragment-free path",
method: "GET",
method: http.MethodGet,
url: "/public/legit/endpoint",
allowed: true,
},
{
name: "Regex denied when X-Forwarded-Uri contains an encoded fragment suffix",
method: "GET",
method: http.MethodGet,
url: "/public/secret%23/endpoint",
allowed: false,
},
{
name: "Route allowed",
method: "GET",
method: http.MethodGet,
url: "/skip/auth/routes/get",
allowed: true,
},
@ -2867,25 +2867,25 @@ func TestAllowedRequestWithForwardedUriHeader(t *testing.T) {
},
{
name: "Route denied with wrong path",
method: "GET",
method: http.MethodGet,
url: "/skip/auth/routes/wrong/path",
allowed: false,
},
{
name: "Route denied with wrong path and method",
method: "POST",
method: http.MethodPost,
url: "/skip/auth/routes/wrong/path",
allowed: false,
},
{
name: "Route allowed with fragment-free path",
method: "GET",
method: http.MethodGet,
url: "/foo/public/bar",
allowed: true,
},
{
name: "Route denied when X-Forwarded-Uri contains an encoded fragment suffix",
method: "GET",
method: http.MethodGet,
url: "/foo/secret%23/bar",
allowed: false,
},
@ -2986,37 +2986,37 @@ func TestAllowedRequestNegateWithoutMethod(t *testing.T) {
}{
{
name: "Some static file allowed",
method: "GET",
method: http.MethodGet,
url: "/static/file.txt",
allowed: true,
},
{
name: "POST to contact form allowed",
method: "POST",
method: http.MethodPost,
url: "/contact",
allowed: true,
},
{
name: "Regex POST allowed",
method: "POST",
method: http.MethodPost,
url: "/api/public-entity",
allowed: true,
},
{
name: "Regex POST with trailing slash allowed",
method: "POST",
method: http.MethodPost,
url: "/api/public-entity/",
allowed: true,
},
{
name: "Regex GET api route denied",
method: "GET",
method: http.MethodGet,
url: "/api/users",
allowed: false,
},
{
name: "Regex POST api route denied",
method: "POST",
method: http.MethodPost,
url: "/api/users",
allowed: false,
},
@ -3086,37 +3086,37 @@ func TestAllowedRequestNegateWithMethod(t *testing.T) {
}{
{
name: "Some static file allowed",
method: "GET",
method: http.MethodGet,
url: "/static/file.txt",
allowed: true,
},
{
name: "POST to contact form not allowed",
method: "POST",
method: http.MethodPost,
url: "/contact",
allowed: false,
},
{
name: "Regex POST allowed",
method: "POST",
method: http.MethodPost,
url: "/api/public-entity",
allowed: true,
},
{
name: "Regex POST with trailing slash allowed",
method: "POST",
method: http.MethodPost,
url: "/api/public-entity/",
allowed: true,
},
{
name: "Regex GET api route denied",
method: "GET",
method: http.MethodGet,
url: "/api/users",
allowed: false,
},
{
name: "Regex POST api route denied",
method: "POST",
method: http.MethodPost,
url: "/api/users",
allowed: false,
},
@ -3256,7 +3256,7 @@ func TestProxyAllowedGroups(t *testing.T) {
t.Fatal(err)
}
test.req, _ = http.NewRequest("GET", fmt.Sprintf("/%s", tt.querystring), nil)
test.req, _ = http.NewRequest(http.MethodGet, fmt.Sprintf("/%s", tt.querystring), nil)
test.req.Header.Add("accept", applicationJSON)
err = test.SaveSession(session)
@ -3400,7 +3400,7 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) {
{
name: "UserWithGroupSkipAuthPreflight",
groups: []string{"a", "c"},
method: "OPTIONS",
method: http.MethodOptions,
ip: "1.2.3.5:43670",
withSession: true,
expectedStatusCode: http.StatusAccepted,
@ -3408,7 +3408,7 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) {
{
name: "UserWithGroupTrustedIp",
groups: []string{"a", "c"},
method: "GET",
method: http.MethodGet,
ip: "1.2.3.4:43670",
withSession: true,
expectedStatusCode: http.StatusAccepted,
@ -3416,7 +3416,7 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) {
{
name: "UserWithoutGroupSkipAuthPreflight",
groups: []string{"c"},
method: "OPTIONS",
method: http.MethodOptions,
ip: "1.2.3.5:43670",
withSession: true,
expectedStatusCode: http.StatusForbidden,
@ -3424,21 +3424,21 @@ func TestAuthOnlyAllowedGroupsWithSkipMethods(t *testing.T) {
{
name: "UserWithoutGroupTrustedIp",
groups: []string{"c"},
method: "GET",
method: http.MethodGet,
ip: "1.2.3.4:43670",
withSession: true,
expectedStatusCode: http.StatusForbidden,
},
{
name: "UserWithoutSessionSkipAuthPreflight",
method: "OPTIONS",
method: http.MethodOptions,
ip: "1.2.3.5:43670",
withSession: false,
expectedStatusCode: http.StatusAccepted,
},
{
name: "UserWithoutSessionTrustedIp",
method: "GET",
method: http.MethodGet,
ip: "1.2.3.4:43670",
withSession: false,
expectedStatusCode: http.StatusAccepted,
@ -3790,14 +3790,14 @@ func TestIdTokenPlaceholderInSignOut(t *testing.T) {
// Save the required session
rw := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
req, _ := http.NewRequest(http.MethodGet, "/", nil)
err = proxy.sessionStore.Save(rw, req, session)
assert.NoError(t, err)
rw = httptest.NewRecorder()
rdUrl := url.QueryEscape("https://my-oidc-provider.example.com/sign_out_page?id_token_hint={id_token}&post_logout_redirect_uri=https://my-app.example.com/")
req, _ = http.NewRequest("GET", "/oauth2/sign_out?rd="+rdUrl, nil)
req, _ = http.NewRequest(http.MethodGet, "/oauth2/sign_out?rd="+rdUrl, nil)
req = middlewareapi.AddRequestScope(req, &middlewareapi.RequestScope{
RequestID: "11111111-2222-4333-8444-555555555555",
Session: session,

2
pkg/apis/options/load.go
View File

@ -145,7 +145,7 @@ func loadAndSubstituteEnvs(configFileName string) ([]byte, error) {
func registerFlags(v *viper.Viper, prefix string, flagSet *pflag.FlagSet, options interface{}) error {
val := reflect.ValueOf(options)
var typ reflect.Type
if val.Kind() == reflect.Ptr {
if val.Kind() == reflect.Pointer {
typ = val.Elem().Type()
} else {
typ = val.Type()

2
pkg/authentication/hmacauth/hmacauth_test.go
View File

@ -286,7 +286,7 @@ func TestSendAuthenticatedPostRequestToServer(t *testing.T) {
upstream := httptest.NewServer(
http.HandlerFunc(authenticator.Authenticate))
req, err := http.NewRequest("POST", upstream.URL+"/foo/bar",
req, err := http.NewRequest(http.MethodPost, upstream.URL+"/foo/bar",
io.NopCloser(&fakeNetConn{reqBody: payload}))
if err != nil {
panic(err)

30
pkg/requests/builder_test.go
View File

@ -31,7 +31,7 @@ var _ = Describe("Builder suite", func() {
Context("with a basic request", func() {
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: baseHeaders,
Body: []byte{},
RequestURI: "/json/path",
@ -52,7 +52,7 @@ var _ = Describe("Builder suite", func() {
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: baseHeaders,
Body: []byte{},
RequestURI: "/json/path",
@ -78,7 +78,7 @@ var _ = Describe("Builder suite", func() {
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: header,
Body: []byte(body),
RequestURI: "/json/path",
@ -93,11 +93,11 @@ var _ = Describe("Builder suite", func() {
BeforeEach(func() {
buf := bytes.NewBuffer([]byte(body))
b = b.WithMethod("POST").WithBody(buf)
b = b.WithMethod(http.MethodPost).WithBody(buf)
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "POST",
Method: http.MethodPost,
Header: header,
Body: []byte(body),
RequestURI: "/json/path",
@ -109,11 +109,11 @@ var _ = Describe("Builder suite", func() {
header.Set("Content-Length", "0")
BeforeEach(func() {
b = b.WithMethod("POST")
b = b.WithMethod(http.MethodPost)
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "POST",
Method: http.MethodPost,
Header: header,
Body: []byte{},
RequestURI: "/json/path",
@ -122,11 +122,11 @@ var _ = Describe("Builder suite", func() {
Context("OPTIONS", func() {
BeforeEach(func() {
b = b.WithMethod("OPTIONS")
b = b.WithMethod(http.MethodOptions)
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "OPTIONS",
Method: http.MethodOptions,
Header: baseHeaders,
Body: []byte{},
RequestURI: "/json/path",
@ -152,7 +152,7 @@ var _ = Describe("Builder suite", func() {
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: header,
Body: []byte{},
RequestURI: "/json/path",
@ -170,7 +170,7 @@ var _ = Describe("Builder suite", func() {
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: replacementHeaders,
Body: []byte{},
RequestURI: "/json/path",
@ -190,7 +190,7 @@ var _ = Describe("Builder suite", func() {
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: replacementHeaders,
Body: []byte{},
RequestURI: "/json/path",
@ -205,7 +205,7 @@ var _ = Describe("Builder suite", func() {
})
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: header,
Body: []byte{},
RequestURI: "/json/path",
@ -219,12 +219,12 @@ var _ = Describe("Builder suite", func() {
result := b.Do()
Expect(result.Error()).ToNot(HaveOccurred())
b.WithMethod("POST")
b.WithMethod(http.MethodPost)
})
Context("should not redo the request", func() {
assertSuccessfulRequest(getBuilder, testHTTPRequest{
Method: "GET",
Method: http.MethodGet,
Header: baseHeaders,
Body: []byte{},
RequestURI: "/json/path",

4
providers/azure.go
View File

@ -166,7 +166,7 @@ func (p *AzureProvider) Redeem(ctx context.Context, redirectURL, code, codeVerif
err = requests.New(p.RedeemURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
WithBody(bytes.NewBufferString(params.Encode())).
SetHeader("Content-Type", "application/x-www-form-urlencoded").
Do().
@ -334,7 +334,7 @@ func (p *AzureProvider) redeemRefreshToken(ctx context.Context, s *sessions.Sess
err = requests.New(p.RedeemURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
WithBody(bytes.NewBufferString(params.Encode())).
SetHeader("Content-Type", "application/x-www-form-urlencoded").
Do().

4
providers/google.go
View File

@ -219,7 +219,7 @@ func (p *GoogleProvider) Redeem(ctx context.Context, redirectURL, code, codeVeri
err = requests.New(p.RedeemURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
WithBody(bytes.NewBufferString(params.Encode())).
SetHeader("Content-Type", "application/x-www-form-urlencoded").
Do().
@ -543,7 +543,7 @@ func (p *GoogleProvider) redeemRefreshToken(ctx context.Context, s *sessions.Ses
err = requests.New(p.RedeemURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
WithBody(bytes.NewBufferString(params.Encode())).
SetHeader("Content-Type", "application/x-www-form-urlencoded").
Do().

3
providers/logingov.go
View File

@ -8,6 +8,7 @@ import (
"errors"
"fmt"
"math/big"
"net/http"
"net/url"
"os"
"time"
@ -237,7 +238,7 @@ func (p *LoginGovProvider) Redeem(ctx context.Context, _, code, codeVerifier str
}
err = requests.New(p.RedeemURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
WithBody(bytes.NewBufferString(params.Encode())).
SetHeader("Content-Type", "application/x-www-form-urlencoded").
Do().

3
providers/ms_entra_id.go
View File

@ -5,6 +5,7 @@ import (
"context"
"encoding/json"
"fmt"
"net/http"
"net/url"
"os"
"regexp"
@ -304,7 +305,7 @@ func (p *MicrosoftEntraIDProvider) checkTenantMatchesTenantList(tenant string, a
func (p *MicrosoftEntraIDProvider) fetchToken(ctx context.Context, params url.Values) (*oauth2.Token, error) {
resp := requests.New(p.RedeemURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
WithBody(bytes.NewBufferString(params.Encode())).
SetHeader("Content-Type", "application/x-www-form-urlencoded").
Do()

3
providers/provider_default.go
View File

@ -5,6 +5,7 @@ import (
"context"
"errors"
"fmt"
"net/http"
"net/url"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/middleware"
@ -71,7 +72,7 @@ func (p *ProviderData) Redeem(ctx context.Context, redirectURL, code, codeVerifi
result := requests.New(p.RedeemURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
WithBody(bytes.NewBufferString(params.Encode())).
SetHeader("Content-Type", "application/x-www-form-urlencoded").
Do()

3
providers/srht.go
View File

@ -4,6 +4,7 @@ import (
"bytes"
"context"
"fmt"
"net/http"
"net/url"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions"
@ -75,7 +76,7 @@ func NewSourceHutProvider(p *ProviderData) *SourceHutProvider {
func (p *SourceHutProvider) EnrichSession(ctx context.Context, s *sessions.SessionState) error {
json, err := requests.New(p.ProfileURL.String()).
WithContext(ctx).
WithMethod("POST").
WithMethod(http.MethodPost).
SetHeader("Content-Type", "application/json").
SetHeader("Authorization", "Bearer "+s.AccessToken).
WithBody(bytes.NewBufferString(`{"query": "{ me { username, email } }"}`)).