public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixup providers

This commit is contained in:
Joel Speed 2021-10-06 17:12:25 +01:00
parent 383178073a
commit c24fb1e830
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB
4 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
providers/azure.go
View File

@ -89,7 +89,7 @@ func NewAzureProvider(p *ProviderData) *AzureProvider {
func (p *AzureProvider) Configure(tenant string) { func (p *AzureProvider) Configure(tenant string) {
if tenant == "" || tenant == "common" { if tenant == "" || tenant == "common" {
// tenant is empty or default, remain on the default "common" tenant // tenant is empty or default, remain on the default "common" tenant
infoLogger.Infof("Azure provider configured for common tenant") infoLogger().Infof("Azure provider configured for common tenant")
return return
} }
@ -97,7 +97,7 @@ func (p *AzureProvider) Configure(tenant string) {
p.Tenant = tenant p.Tenant = tenant
overrideTenantURL(p.LoginURL, azureDefaultLoginURL, tenant, "authorize") overrideTenantURL(p.LoginURL, azureDefaultLoginURL, tenant, "authorize")
overrideTenantURL(p.RedeemURL, azureDefaultRedeemURL, tenant, "token") overrideTenantURL(p.RedeemURL, azureDefaultRedeemURL, tenant, "token")
infoLogger.Infof("Azure provider configured for tenant: %s", tenant) infoLogger().Infof("Azure provider configured for tenant: %s", tenant)
} }
func overrideTenantURL(current, defaultURL *url.URL, tenant, path string) { func overrideTenantURL(current, defaultURL *url.URL, tenant, path string) {
@ -161,7 +161,7 @@ func (p *AzureProvider) Redeem(ctx context.Context, redirectURL, code string) (*
if err == nil && email != "" { if err == nil && email != "" {
session.Email = email session.Email = email
} else { } else {
debugLogger.Infof("Unable to get email claim from id_token: %v", err) debugLogger().Infof("Unable to get email claim from id_token: %v", err)
} }
if session.Email == "" { if session.Email == "" {
@ -169,7 +169,7 @@ func (p *AzureProvider) Redeem(ctx context.Context, redirectURL, code string) (*
if err == nil && email != "" { if err == nil && email != "" {
session.Email = email session.Email = email
} else { } else {
debugLogger.Infof("Unable to get email claim from access token: %v", err) debugLogger().Infof("Unable to get email claim from access token: %v", err)
} }
} }
@ -228,10 +228,10 @@ func (p *AzureProvider) verifyTokenAndExtractEmail(ctx context.Context, token st
if err == nil { if err == nil {
email = claims.Email email = claims.Email
} else { } else {
debugLogger.Infof("Unable to get claims from token: %v", err) debugLogger().Infof("Unable to get claims from token: %v", err)
} }
} else { } else {
debugLogger.Infof("Unable to verify token: %v", err) debugLogger().Infof("Unable to verify token: %v", err)
} }
} }
@ -298,7 +298,7 @@ func (p *AzureProvider) redeemRefreshToken(ctx context.Context, s *sessions.Sess
if err == nil && email != "" { if err == nil && email != "" {
s.Email = email s.Email = email
} else { } else {
debugLogger.Infof("Unable to get email claim from id_token: %v", err) debugLogger().Infof("Unable to get email claim from id_token: %v", err)
} }
if s.Email == "" { if s.Email == "" {
@ -306,7 +306,7 @@ func (p *AzureProvider) redeemRefreshToken(ctx context.Context, s *sessions.Sess
if err == nil && email != "" { if err == nil && email != "" {
s.Email = email s.Email = email
} else { } else {
debugLogger.Infof("Unable to get email claim from access token: %v", err) debugLogger().Infof("Unable to get email claim from access token: %v", err)
} }
} }

12
providers/github.go
View File

@ -161,13 +161,13 @@ func (p *GitHubProvider) hasOrg(ctx context.Context, accessToken string) (bool,
presentOrgs := make([]string, 0, len(orgs)) presentOrgs := make([]string, 0, len(orgs))
for _, org := range orgs { for _, org := range orgs {
if p.Org == org.Login { if p.Org == org.Login {
debugLogger.Infof("Found Github Organization: %q", org.Login) debugLogger().Infof("Found Github Organization: %q", org.Login)
return true, nil return true, nil
} }
presentOrgs = append(presentOrgs, org.Login) presentOrgs = append(presentOrgs, org.Login)
} }
debugLogger.Infof("Missing Organization:%q in %v", p.Org, presentOrgs) debugLogger().Infof("Missing Organization:%q in %v", p.Org, presentOrgs)
return false, nil return false, nil
} }
@ -269,7 +269,7 @@ func (p *GitHubProvider) hasOrgAndTeam(ctx context.Context, accessToken string)
ts := strings.Split(p.Team, ",") ts := strings.Split(p.Team, ",")
for _, t := range ts { for _, t := range ts {
if t == team.Slug { if t == team.Slug {
debugLogger.Infof("Found Github Organization:%q Team:%q (Name:%q)", team.Org.Login, team.Slug, team.Name) debugLogger().Infof("Found Github Organization:%q Team:%q (Name:%q)", team.Org.Login, team.Slug, team.Name)
return true, nil return true, nil
} }
} }
@ -277,13 +277,13 @@ func (p *GitHubProvider) hasOrgAndTeam(ctx context.Context, accessToken string)
} }
} }
if hasOrg { if hasOrg {
debugLogger.Infof("Missing Team:%q from Org:%q in teams: %v", p.Team, p.Org, presentTeams) debugLogger().Infof("Missing Team:%q from Org:%q in teams: %v", p.Team, p.Org, presentTeams)
} else { } else {
var allOrgs []string var allOrgs []string
for org := range presentOrgs { for org := range presentOrgs {
allOrgs = append(allOrgs, org) allOrgs = append(allOrgs, org)
} }
debugLogger.Infof("Missing Organization:%q in %#v", p.Org, allOrgs) debugLogger().Infof("Missing Organization:%q in %#v", p.Org, allOrgs)
} }
return false, nil return false, nil
} }
@ -372,7 +372,7 @@ func (p *GitHubProvider) isCollaborator(ctx context.Context, username, accessTok
result.StatusCode(), endpoint.String(), result.Body()) result.StatusCode(), endpoint.String(), result.Body())
} }
traceLogger.Infof("Checking collaborator status: Got %d from %q %s", result.StatusCode(), endpoint.String(), result.Body()) traceLogger().Infof("Checking collaborator status: Got %d from %q %s", result.StatusCode(), endpoint.String(), result.Body())
return true, nil return true, nil
} }

6
providers/internal_util.go
View File

@ -61,12 +61,12 @@ func validateToken(ctx context.Context, p Provider, accessToken string, header h
WithHeaders(header). WithHeaders(header).
Do() Do()
if result.Error() != nil { if result.Error() != nil {
debugLogger.Infof("GET %s", stripToken(endpoint)) debugLogger().Infof("GET %s", stripToken(endpoint))
debugLogger.Infof("token validation request failed: %s", result.Error()) debugLogger().Infof("token validation request failed: %s", result.Error())
return false return false
} }
traceLogger.Infof("%d GET %s %s", result.StatusCode(), stripToken(endpoint), result.Body()) traceLogger().Infof("%d GET %s %s", result.StatusCode(), stripToken(endpoint), result.Body())
if result.StatusCode() == 200 { if result.StatusCode() == 200 {
return true return true

6
providers/logger.go
View File

@ -6,7 +6,7 @@ import (
) )
var ( var (
infoLogger = klog.V(logger.ProviderInfo) infoLogger = func() klog.Verbose { return klog.V(logger.ProviderInfo) }
debugLogger = klog.V(logger.ProviderDebug) debugLogger = func() klog.Verbose { return klog.V(logger.ProviderDebug) }
traceLogger = klog.V(logger.ProviderTrace) traceLogger = func() klog.Verbose { return klog.V(logger.ProviderTrace) }
) )