Don't infer username from email local part if username not set

This commit is contained in:
Phil Taprogge 2019-05-07 10:36:00 +01:00
parent 3f2d21dde9
commit 15f48fb95e
No known key found for this signature in database
GPG Key ID: 64CEAA06D4D027C8
3 changed files with 9 additions and 10 deletions

View File

@ -291,8 +291,7 @@ func TestBasicAuthPassword(t *testing.T) {
opts.Validate() opts.Validate()
providerURL, _ := url.Parse(providerServer.URL) providerURL, _ := url.Parse(providerServer.URL)
const emailAddress = "michael.bland@gsa.gov" const emailAddress = "john.doe@example.com"
const username = "michael.bland"
opts.provider = NewTestProvider(providerURL, emailAddress) opts.provider = NewTestProvider(providerURL, emailAddress)
proxy := NewOAuthProxy(opts, func(email string) bool { proxy := NewOAuthProxy(opts, func(email string) bool {
@ -335,7 +334,7 @@ func TestBasicAuthPassword(t *testing.T) {
rw = httptest.NewRecorder() rw = httptest.NewRecorder()
proxy.ServeHTTP(rw, req) proxy.ServeHTTP(rw, req)
expectedHeader := "Basic " + base64.StdEncoding.EncodeToString([]byte(username+":"+opts.BasicAuthPassword)) expectedHeader := "Basic " + base64.StdEncoding.EncodeToString([]byte(emailAddress+":"+opts.BasicAuthPassword))
assert.Equal(t, expectedHeader, rw.Body.String()) assert.Equal(t, expectedHeader, rw.Body.String())
providerServer.Close() providerServer.Close()
} }
@ -654,13 +653,13 @@ func (p *ProcessCookieTest) LoadCookiedSession() (*providers.SessionState, time.
func TestLoadCookiedSession(t *testing.T) { func TestLoadCookiedSession(t *testing.T) {
pcTest := NewProcessCookieTestWithDefaults() pcTest := NewProcessCookieTestWithDefaults()
startSession := &providers.SessionState{Email: "michael.bland@gsa.gov", AccessToken: "my_access_token"} startSession := &providers.SessionState{Email: "john.doe@example.com", AccessToken: "my_access_token"}
pcTest.SaveSession(startSession, time.Now()) pcTest.SaveSession(startSession, time.Now())
session, _, err := pcTest.LoadCookiedSession() session, _, err := pcTest.LoadCookiedSession()
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
assert.Equal(t, startSession.Email, session.Email) assert.Equal(t, startSession.Email, session.Email)
assert.Equal(t, "michael.bland", session.User) assert.Equal(t, "john.doe@example.com", session.User)
assert.Equal(t, startSession.AccessToken, session.AccessToken) assert.Equal(t, startSession.AccessToken, session.AccessToken)
} }

View File

@ -218,7 +218,7 @@ func DecodeSessionState(v string, c *cookie.Cipher) (*SessionState, error) {
} }
} }
if ss.User == "" { if ss.User == "" {
ss.User = strings.Split(ss.Email, "@")[0] ss.User = ss.Email
} }
return ss, nil return ss, nil
} }

View File

@ -30,7 +30,7 @@ func TestSessionStateSerialization(t *testing.T) {
ss, err := DecodeSessionState(encoded, c) ss, err := DecodeSessionState(encoded, c)
t.Logf("%#v", ss) t.Logf("%#v", ss)
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
assert.Equal(t, "user", ss.User) assert.Equal(t, "user@domain.com", ss.User)
assert.Equal(t, s.Email, ss.Email) assert.Equal(t, s.Email, ss.Email)
assert.Equal(t, s.AccessToken, ss.AccessToken) assert.Equal(t, s.AccessToken, ss.AccessToken)
assert.Equal(t, s.IDToken, ss.IDToken) assert.Equal(t, s.IDToken, ss.IDToken)
@ -41,7 +41,7 @@ func TestSessionStateSerialization(t *testing.T) {
ss, err = DecodeSessionState(encoded, c2) ss, err = DecodeSessionState(encoded, c2)
t.Logf("%#v", ss) t.Logf("%#v", ss)
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
assert.NotEqual(t, "user", ss.User) assert.NotEqual(t, "user@domain.com", ss.User)
assert.NotEqual(t, s.Email, ss.Email) assert.NotEqual(t, s.Email, ss.Email)
assert.Equal(t, s.ExpiresOn.Unix(), ss.ExpiresOn.Unix()) assert.Equal(t, s.ExpiresOn.Unix(), ss.ExpiresOn.Unix())
assert.NotEqual(t, s.AccessToken, ss.AccessToken) assert.NotEqual(t, s.AccessToken, ss.AccessToken)
@ -97,7 +97,7 @@ func TestSessionStateSerializationNoCipher(t *testing.T) {
// only email should have been serialized // only email should have been serialized
ss, err := DecodeSessionState(encoded, nil) ss, err := DecodeSessionState(encoded, nil)
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
assert.Equal(t, "user", ss.User) assert.Equal(t, "user@domain.com", ss.User)
assert.Equal(t, s.Email, ss.Email) assert.Equal(t, s.Email, ss.Email)
assert.Equal(t, "", ss.AccessToken) assert.Equal(t, "", ss.AccessToken)
assert.Equal(t, "", ss.RefreshToken) assert.Equal(t, "", ss.RefreshToken)
@ -203,7 +203,7 @@ func TestDecodeSessionState(t *testing.T) {
{ {
SessionState: SessionState{ SessionState: SessionState{
Email: "user@domain.com", Email: "user@domain.com",
User: "user", User: "user@domain.com",
}, },
Encoded: `{"Email":"user@domain.com"}`, Encoded: `{"Email":"user@domain.com"}`,
}, },