public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Move azure specific resource parameter handling into azure provider

This commit is contained in:
Alexander Block 2020-09-14 13:48:17 +02:00
parent 97e95fd4ff
commit fde09bea4e
4 changed files with 16 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
providers/azure.go
View File

@ -210,3 +210,12 @@ func (p *AzureProvider) GetEmailAddress(ctx context.Context, s *sessions.Session
return email, err
}
func (p *AzureProvider) GetLoginURL(redirectURI, state string) string {
a, params := DefaultGetLoginURL(p.ProviderData, redirectURI, state)
if p.ProtectedResource != nil && p.ProtectedResource.String() != "" {
params.Add("resource", p.ProtectedResource.String())
}
a.RawQuery = params.Encode()
return a.String()
}

7
providers/azure_test.go
View File

@ -213,3 +213,10 @@ func TestAzureProviderRedeemReturnsIdToken(t *testing.T) {
assert.Equal(t, timestamp, s.ExpiresOn.UTC())
assert.Equal(t, "refresh1234", s.RefreshToken)
}
func TestAzureProviderProtectedResourceConfigured(t *testing.T) {
p := testAzureProvider("")
p.ProtectedResource, _ = url.Parse("http://my.resource.test")
result := p.GetLoginURL("https://my.test.app/oauth", "")
assert.Contains(t, result, "resource="+url.QueryEscape("http://my.resource.test"))
}

3
providers/provider_default.go
View File

@ -89,9 +89,6 @@ func DefaultGetLoginURL(p *ProviderData, redirectURI, state string) (url.URL, ur
params.Set("client_id", p.ClientID)
params.Set("response_type", "code")
params.Add("state", state)
if p.ProtectedResource != nil && p.ProtectedResource.String() != "" {
params.Add("resource", p.ProtectedResource.String())
}
return a, params
}

18
providers/provider_default_test.go
View File

@ -47,21 +47,3 @@ func TestAcrValuesConfigured(t *testing.T) {
result := p.GetLoginURL("https://my.test.app/oauth", "")
assert.Contains(t, result, "acr_values=testValue")
}
func TestProtectedResourceConfigured(t *testing.T) {
p := &ProviderData{
LoginURL: &url.URL{
Scheme: "http",
Host: "my.test.idp",
Path: "/oauth/authorize",
},
AcrValues: "testValue",
ProtectedResource: &url.URL{
Scheme: "http",
Host: "my.resource.test",
},
}
result := p.GetLoginURL("https://my.test.app/oauth", "")
assert.Contains(t, result, "resource="+url.QueryEscape("http://my.resource.test"))
}