*: rename Url to URL everywhere

Go coding style says that acronyms should be all lower or all upper. Fix
Url to URL.
This commit is contained in:
Brandon Philips 2015-11-09 00:47:44 +01:00
parent 1b0144ba75
commit 51a2e4e48c
15 changed files with 151 additions and 151 deletions

View File

@ -34,7 +34,7 @@ type OauthProxy struct {
OauthStartPath string OauthStartPath string
OauthCallbackPath string OauthCallbackPath string
redirectUrl *url.URL // the url to receive requests at redirectURL *url.URL // the url to receive requests at
provider providers.Provider provider providers.Provider
ProxyPrefix string ProxyPrefix string
SignInMessage string SignInMessage string
@ -88,7 +88,7 @@ func NewFileServer(path string, filesystemPath string) (proxy http.Handler) {
func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy { func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy {
serveMux := http.NewServeMux() serveMux := http.NewServeMux()
for _, u := range opts.proxyUrls { for _, u := range opts.proxyURLs {
path := u.Path path := u.Path
switch u.Scheme { switch u.Scheme {
case "http", "https": case "http", "https":
@ -116,8 +116,8 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy {
log.Printf("compiled skip-auth-regex => %q", u) log.Printf("compiled skip-auth-regex => %q", u)
} }
redirectUrl := opts.redirectUrl redirectURL := opts.redirectURL
redirectUrl.Path = fmt.Sprintf("%s/callback", opts.ProxyPrefix) redirectURL.Path = fmt.Sprintf("%s/callback", opts.ProxyPrefix)
log.Printf("OauthProxy configured for %s Client ID: %s", opts.provider.Data().ProviderName, opts.ClientID) log.Printf("OauthProxy configured for %s Client ID: %s", opts.provider.Data().ProviderName, opts.ClientID)
domain := opts.CookieDomain domain := opts.CookieDomain
@ -160,7 +160,7 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy {
ProxyPrefix: opts.ProxyPrefix, ProxyPrefix: opts.ProxyPrefix,
provider: opts.provider, provider: opts.provider,
serveMux: serveMux, serveMux: serveMux,
redirectUrl: redirectUrl, redirectURL: redirectURL,
skipAuthRegex: opts.SkipAuthRegex, skipAuthRegex: opts.SkipAuthRegex,
compiledRegex: opts.CompiledRegex, compiledRegex: opts.CompiledRegex,
PassBasicAuth: opts.PassBasicAuth, PassBasicAuth: opts.PassBasicAuth,
@ -173,11 +173,11 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy {
func (p *OauthProxy) GetRedirectURI(host string) string { func (p *OauthProxy) GetRedirectURI(host string) string {
// default to the request Host if not set // default to the request Host if not set
if p.redirectUrl.Host != "" { if p.redirectURL.Host != "" {
return p.redirectUrl.String() return p.redirectURL.String()
} }
var u url.URL var u url.URL
u = *p.redirectUrl u = *p.redirectURL
if u.Scheme == "" { if u.Scheme == "" {
if p.CookieSecure { if p.CookieSecure {
u.Scheme = "https" u.Scheme = "https"

View File

@ -124,17 +124,17 @@ func TestBasicAuthPassword(t *testing.T) {
opts.provider = &TestProvider{ opts.provider = &TestProvider{
ProviderData: &providers.ProviderData{ ProviderData: &providers.ProviderData{
ProviderName: "Test Provider", ProviderName: "Test Provider",
LoginUrl: &url.URL{ LoginURL: &url.URL{
Scheme: "http", Scheme: "http",
Host: provider_url.Host, Host: provider_url.Host,
Path: "/oauth/authorize", Path: "/oauth/authorize",
}, },
RedeemUrl: &url.URL{ RedeemURL: &url.URL{
Scheme: "http", Scheme: "http",
Host: provider_url.Host, Host: provider_url.Host,
Path: "/oauth/token", Path: "/oauth/token",
}, },
ProfileUrl: &url.URL{ ProfileURL: &url.URL{
Scheme: "http", Scheme: "http",
Host: provider_url.Host, Host: provider_url.Host,
Path: "/api/v1/profile", Path: "/api/v1/profile",
@ -245,17 +245,17 @@ func NewPassAccessTokenTest(opts PassAccessTokenTestOptions) *PassAccessTokenTes
t.opts.provider = &TestProvider{ t.opts.provider = &TestProvider{
ProviderData: &providers.ProviderData{ ProviderData: &providers.ProviderData{
ProviderName: "Test Provider", ProviderName: "Test Provider",
LoginUrl: &url.URL{ LoginURL: &url.URL{
Scheme: "http", Scheme: "http",
Host: provider_url.Host, Host: provider_url.Host,
Path: "/oauth/authorize", Path: "/oauth/authorize",
}, },
RedeemUrl: &url.URL{ RedeemURL: &url.URL{
Scheme: "http", Scheme: "http",
Host: provider_url.Host, Host: provider_url.Host,
Path: "/oauth/token", Path: "/oauth/token",
}, },
ProfileUrl: &url.URL{ ProfileURL: &url.URL{
Scheme: "http", Scheme: "http",
Host: provider_url.Host, Host: provider_url.Host,
Path: "/api/v1/profile", Path: "/api/v1/profile",

View File

@ -16,7 +16,7 @@ type Options struct {
ProxyPrefix string `flag:"proxy-prefix" cfg:"proxy-prefix"` ProxyPrefix string `flag:"proxy-prefix" cfg:"proxy-prefix"`
HttpAddress string `flag:"http-address" cfg:"http_address"` HttpAddress string `flag:"http-address" cfg:"http_address"`
HttpsAddress string `flag:"https-address" cfg:"https_address"` HttpsAddress string `flag:"https-address" cfg:"https_address"`
RedirectUrl string `flag:"redirect-url" cfg:"redirect_url"` RedirectURL string `flag:"redirect-url" cfg:"redirect_url"`
ClientID string `flag:"client-id" cfg:"client_id" env:"OAUTH2_PROXY_CLIENT_ID"` ClientID string `flag:"client-id" cfg:"client_id" env:"OAUTH2_PROXY_CLIENT_ID"`
ClientSecret string `flag:"client-secret" cfg:"client_secret" env:"OAUTH2_PROXY_CLIENT_SECRET"` ClientSecret string `flag:"client-secret" cfg:"client_secret" env:"OAUTH2_PROXY_CLIENT_SECRET"`
TLSCertFile string `flag:"tls-cert" cfg:"tls_cert_file"` TLSCertFile string `flag:"tls-cert" cfg:"tls_cert_file"`
@ -51,18 +51,18 @@ type Options struct {
// These options allow for other providers besides Google, with // These options allow for other providers besides Google, with
// potential overrides. // potential overrides.
Provider string `flag:"provider" cfg:"provider"` Provider string `flag:"provider" cfg:"provider"`
LoginUrl string `flag:"login-url" cfg:"login_url"` LoginURL string `flag:"login-url" cfg:"login_url"`
RedeemUrl string `flag:"redeem-url" cfg:"redeem_url"` RedeemURL string `flag:"redeem-url" cfg:"redeem_url"`
ProfileUrl string `flag:"profile-url" cfg:"profile_url"` ProfileURL string `flag:"profile-url" cfg:"profile_url"`
ValidateUrl string `flag:"validate-url" cfg:"validate_url"` ValidateURL string `flag:"validate-url" cfg:"validate_url"`
Scope string `flag:"scope" cfg:"scope"` Scope string `flag:"scope" cfg:"scope"`
ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"` ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`
RequestLogging bool `flag:"request-logging" cfg:"request_logging"` RequestLogging bool `flag:"request-logging" cfg:"request_logging"`
// internal values that are set after config validation // internal values that are set after config validation
redirectUrl *url.URL redirectURL *url.URL
proxyUrls []*url.URL proxyURLs []*url.URL
CompiledRegex []*regexp.Regexp CompiledRegex []*regexp.Regexp
provider providers.Provider provider providers.Provider
} }
@ -86,7 +86,7 @@ func NewOptions() *Options {
} }
} }
func parseUrl(to_parse string, urltype string, msgs []string) (*url.URL, []string) { func parseURL(to_parse string, urltype string, msgs []string) (*url.URL, []string) {
parsed, err := url.Parse(to_parse) parsed, err := url.Parse(to_parse)
if err != nil { if err != nil {
return nil, append(msgs, fmt.Sprintf( return nil, append(msgs, fmt.Sprintf(
@ -113,19 +113,19 @@ func (o *Options) Validate() error {
msgs = append(msgs, "missing setting for email validation: email-domain or authenticated-emails-file required.\n use email-domain=* to authorize all email addresses") msgs = append(msgs, "missing setting for email validation: email-domain or authenticated-emails-file required.\n use email-domain=* to authorize all email addresses")
} }
o.redirectUrl, msgs = parseUrl(o.RedirectUrl, "redirect", msgs) o.redirectURL, msgs = parseURL(o.RedirectURL, "redirect", msgs)
for _, u := range o.Upstreams { for _, u := range o.Upstreams {
upstreamUrl, err := url.Parse(u) upstreamURL, err := url.Parse(u)
if err != nil { if err != nil {
msgs = append(msgs, fmt.Sprintf( msgs = append(msgs, fmt.Sprintf(
"error parsing upstream=%q %s", "error parsing upstream=%q %s",
upstreamUrl, err)) upstreamURL, err))
} }
if upstreamUrl.Path == "" { if upstreamURL.Path == "" {
upstreamUrl.Path = "/" upstreamURL.Path = "/"
} }
o.proxyUrls = append(o.proxyUrls, upstreamUrl) o.proxyURLs = append(o.proxyURLs, upstreamURL)
} }
for _, u := range o.SkipAuthRegex { for _, u := range o.SkipAuthRegex {
@ -189,10 +189,10 @@ func parseProviderInfo(o *Options, msgs []string) []string {
ClientSecret: o.ClientSecret, ClientSecret: o.ClientSecret,
ApprovalPrompt: o.ApprovalPrompt, ApprovalPrompt: o.ApprovalPrompt,
} }
p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs) p.LoginURL, msgs = parseURL(o.LoginURL, "login", msgs)
p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs) p.RedeemURL, msgs = parseURL(o.RedeemURL, "redeem", msgs)
p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs) p.ProfileURL, msgs = parseURL(o.ProfileURL, "profile", msgs)
p.ValidateUrl, msgs = parseUrl(o.ValidateUrl, "validate", msgs) p.ValidateURL, msgs = parseURL(o.ValidateURL, "validate", msgs)
o.provider = providers.New(o.Provider, p) o.provider = providers.New(o.Provider, p)
switch p := o.provider.(type) { switch p := o.provider.(type) {

View File

@ -73,16 +73,16 @@ func TestInitializedOptions(t *testing.T) {
// Note that it's not worth testing nonparseable URLs, since url.Parse() // Note that it's not worth testing nonparseable URLs, since url.Parse()
// seems to parse damn near anything. // seems to parse damn near anything.
func TestRedirectUrl(t *testing.T) { func TestRedirectURL(t *testing.T) {
o := testOptions() o := testOptions()
o.RedirectUrl = "https://myhost.com/oauth2/callback" o.RedirectURL = "https://myhost.com/oauth2/callback"
assert.Equal(t, nil, o.Validate()) assert.Equal(t, nil, o.Validate())
expected := &url.URL{ expected := &url.URL{
Scheme: "https", Host: "myhost.com", Path: "/oauth2/callback"} Scheme: "https", Host: "myhost.com", Path: "/oauth2/callback"}
assert.Equal(t, expected, o.redirectUrl) assert.Equal(t, expected, o.redirectURL)
} }
func TestProxyUrls(t *testing.T) { func TestProxyURLs(t *testing.T) {
o := testOptions() o := testOptions()
o.Upstreams = append(o.Upstreams, "http://127.0.0.1:8081") o.Upstreams = append(o.Upstreams, "http://127.0.0.1:8081")
assert.Equal(t, nil, o.Validate()) assert.Equal(t, nil, o.Validate())
@ -91,7 +91,7 @@ func TestProxyUrls(t *testing.T) {
// note the '/' was added // note the '/' was added
&url.URL{Scheme: "http", Host: "127.0.0.1:8081", Path: "/"}, &url.URL{Scheme: "http", Host: "127.0.0.1:8081", Path: "/"},
} }
assert.Equal(t, expected, o.proxyUrls) assert.Equal(t, expected, o.proxyURLs)
} }
func TestCompiledRegex(t *testing.T) { func TestCompiledRegex(t *testing.T) {
@ -125,10 +125,10 @@ func TestDefaultProviderApiSettings(t *testing.T) {
assert.Equal(t, nil, o.Validate()) assert.Equal(t, nil, o.Validate())
p := o.provider.Data() p := o.provider.Data()
assert.Equal(t, "https://accounts.google.com/o/oauth2/auth?access_type=offline", assert.Equal(t, "https://accounts.google.com/o/oauth2/auth?access_type=offline",
p.LoginUrl.String()) p.LoginURL.String())
assert.Equal(t, "https://www.googleapis.com/oauth2/v3/token", assert.Equal(t, "https://www.googleapis.com/oauth2/v3/token",
p.RedeemUrl.String()) p.RedeemURL.String())
assert.Equal(t, "", p.ProfileUrl.String()) assert.Equal(t, "", p.ProfileURL.String())
assert.Equal(t, "profile email", p.Scope) assert.Equal(t, "profile email", p.Scope)
} }

View File

@ -17,22 +17,22 @@ type GitHubProvider struct {
func NewGitHubProvider(p *ProviderData) *GitHubProvider { func NewGitHubProvider(p *ProviderData) *GitHubProvider {
p.ProviderName = "GitHub" p.ProviderName = "GitHub"
if p.LoginUrl == nil || p.LoginUrl.String() == "" { if p.LoginURL == nil || p.LoginURL.String() == "" {
p.LoginUrl = &url.URL{ p.LoginURL = &url.URL{
Scheme: "https", Scheme: "https",
Host: "github.com", Host: "github.com",
Path: "/login/oauth/authorize", Path: "/login/oauth/authorize",
} }
} }
if p.RedeemUrl == nil || p.RedeemUrl.String() == "" { if p.RedeemURL == nil || p.RedeemURL.String() == "" {
p.RedeemUrl = &url.URL{ p.RedeemURL = &url.URL{
Scheme: "https", Scheme: "https",
Host: "github.com", Host: "github.com",
Path: "/login/oauth/access_token", Path: "/login/oauth/access_token",
} }
} }
if p.ValidateUrl == nil || p.ValidateUrl.String() == "" { if p.ValidateURL == nil || p.ValidateURL.String() == "" {
p.ValidateUrl = &url.URL{ p.ValidateURL = &url.URL{
Scheme: "https", Scheme: "https",
Host: "api.github.com", Host: "api.github.com",
Path: "/user/emails", Path: "/user/emails",

View File

@ -21,7 +21,7 @@ import (
type GoogleProvider struct { type GoogleProvider struct {
*ProviderData *ProviderData
RedeemRefreshUrl *url.URL RedeemRefreshURL *url.URL
// GroupValidator is a function that determines if the passed email is in // GroupValidator is a function that determines if the passed email is in
// the configured Google group. // the configured Google group.
GroupValidator func(string) bool GroupValidator func(string) bool
@ -29,21 +29,21 @@ type GoogleProvider struct {
func NewGoogleProvider(p *ProviderData) *GoogleProvider { func NewGoogleProvider(p *ProviderData) *GoogleProvider {
p.ProviderName = "Google" p.ProviderName = "Google"
if p.LoginUrl.String() == "" { if p.LoginURL.String() == "" {
p.LoginUrl = &url.URL{Scheme: "https", p.LoginURL = &url.URL{Scheme: "https",
Host: "accounts.google.com", Host: "accounts.google.com",
Path: "/o/oauth2/auth", Path: "/o/oauth2/auth",
// to get a refresh token. see https://developers.google.com/identity/protocols/OAuth2WebServer#offline // to get a refresh token. see https://developers.google.com/identity/protocols/OAuth2WebServer#offline
RawQuery: "access_type=offline", RawQuery: "access_type=offline",
} }
} }
if p.RedeemUrl.String() == "" { if p.RedeemURL.String() == "" {
p.RedeemUrl = &url.URL{Scheme: "https", p.RedeemURL = &url.URL{Scheme: "https",
Host: "www.googleapis.com", Host: "www.googleapis.com",
Path: "/oauth2/v3/token"} Path: "/oauth2/v3/token"}
} }
if p.ValidateUrl.String() == "" { if p.ValidateURL.String() == "" {
p.ValidateUrl = &url.URL{Scheme: "https", p.ValidateURL = &url.URL{Scheme: "https",
Host: "www.googleapis.com", Host: "www.googleapis.com",
Path: "/oauth2/v1/tokeninfo"} Path: "/oauth2/v1/tokeninfo"}
} }
@ -96,20 +96,20 @@ func jwtDecodeSegment(seg string) ([]byte, error) {
return base64.URLEncoding.DecodeString(seg) return base64.URLEncoding.DecodeString(seg)
} }
func (p *GoogleProvider) Redeem(redirectUrl, code string) (s *SessionState, err error) { func (p *GoogleProvider) Redeem(redirectURL, code string) (s *SessionState, err error) {
if code == "" { if code == "" {
err = errors.New("missing code") err = errors.New("missing code")
return return
} }
params := url.Values{} params := url.Values{}
params.Add("redirect_uri", redirectUrl) params.Add("redirect_uri", redirectURL)
params.Add("client_id", p.ClientID) params.Add("client_id", p.ClientID)
params.Add("client_secret", p.ClientSecret) params.Add("client_secret", p.ClientSecret)
params.Add("code", code) params.Add("code", code)
params.Add("grant_type", "authorization_code") params.Add("grant_type", "authorization_code")
var req *http.Request var req *http.Request
req, err = http.NewRequest("POST", p.RedeemUrl.String(), bytes.NewBufferString(params.Encode())) req, err = http.NewRequest("POST", p.RedeemURL.String(), bytes.NewBufferString(params.Encode()))
if err != nil { if err != nil {
return return
} }
@ -127,7 +127,7 @@ func (p *GoogleProvider) Redeem(redirectUrl, code string) (s *SessionState, err
} }
if resp.StatusCode != 200 { if resp.StatusCode != 200 {
err = fmt.Errorf("got %d from %q %s", resp.StatusCode, p.RedeemUrl.String(), body) err = fmt.Errorf("got %d from %q %s", resp.StatusCode, p.RedeemURL.String(), body)
return return
} }
@ -281,7 +281,7 @@ func (p *GoogleProvider) redeemRefreshToken(refreshToken string) (token string,
params.Add("refresh_token", refreshToken) params.Add("refresh_token", refreshToken)
params.Add("grant_type", "refresh_token") params.Add("grant_type", "refresh_token")
var req *http.Request var req *http.Request
req, err = http.NewRequest("POST", p.RedeemUrl.String(), bytes.NewBufferString(params.Encode())) req, err = http.NewRequest("POST", p.RedeemURL.String(), bytes.NewBufferString(params.Encode()))
if err != nil { if err != nil {
return return
} }
@ -299,7 +299,7 @@ func (p *GoogleProvider) redeemRefreshToken(refreshToken string) (token string,
} }
if resp.StatusCode != 200 { if resp.StatusCode != 200 {
err = fmt.Errorf("got %d from %q %s", resp.StatusCode, p.RedeemUrl.String(), body) err = fmt.Errorf("got %d from %q %s", resp.StatusCode, p.RedeemURL.String(), body)
return return
} }

View File

@ -23,10 +23,10 @@ func newGoogleProvider() *GoogleProvider {
return NewGoogleProvider( return NewGoogleProvider(
&ProviderData{ &ProviderData{
ProviderName: "", ProviderName: "",
LoginUrl: &url.URL{}, LoginURL: &url.URL{},
RedeemUrl: &url.URL{}, RedeemURL: &url.URL{},
ProfileUrl: &url.URL{}, ProfileURL: &url.URL{},
ValidateUrl: &url.URL{}, ValidateURL: &url.URL{},
Scope: ""}) Scope: ""})
} }
@ -35,31 +35,31 @@ func TestGoogleProviderDefaults(t *testing.T) {
assert.NotEqual(t, nil, p) assert.NotEqual(t, nil, p)
assert.Equal(t, "Google", p.Data().ProviderName) assert.Equal(t, "Google", p.Data().ProviderName)
assert.Equal(t, "https://accounts.google.com/o/oauth2/auth?access_type=offline", assert.Equal(t, "https://accounts.google.com/o/oauth2/auth?access_type=offline",
p.Data().LoginUrl.String()) p.Data().LoginURL.String())
assert.Equal(t, "https://www.googleapis.com/oauth2/v3/token", assert.Equal(t, "https://www.googleapis.com/oauth2/v3/token",
p.Data().RedeemUrl.String()) p.Data().RedeemURL.String())
assert.Equal(t, "https://www.googleapis.com/oauth2/v1/tokeninfo", assert.Equal(t, "https://www.googleapis.com/oauth2/v1/tokeninfo",
p.Data().ValidateUrl.String()) p.Data().ValidateURL.String())
assert.Equal(t, "", p.Data().ProfileUrl.String()) assert.Equal(t, "", p.Data().ProfileURL.String())
assert.Equal(t, "profile email", p.Data().Scope) assert.Equal(t, "profile email", p.Data().Scope)
} }
func TestGoogleProviderOverrides(t *testing.T) { func TestGoogleProviderOverrides(t *testing.T) {
p := NewGoogleProvider( p := NewGoogleProvider(
&ProviderData{ &ProviderData{
LoginUrl: &url.URL{ LoginURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/auth"}, Path: "/oauth/auth"},
RedeemUrl: &url.URL{ RedeemURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/token"}, Path: "/oauth/token"},
ProfileUrl: &url.URL{ ProfileURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/profile"}, Path: "/oauth/profile"},
ValidateUrl: &url.URL{ ValidateURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/tokeninfo"}, Path: "/oauth/tokeninfo"},
@ -67,13 +67,13 @@ func TestGoogleProviderOverrides(t *testing.T) {
assert.NotEqual(t, nil, p) assert.NotEqual(t, nil, p)
assert.Equal(t, "Google", p.Data().ProviderName) assert.Equal(t, "Google", p.Data().ProviderName)
assert.Equal(t, "https://example.com/oauth/auth", assert.Equal(t, "https://example.com/oauth/auth",
p.Data().LoginUrl.String()) p.Data().LoginURL.String())
assert.Equal(t, "https://example.com/oauth/token", assert.Equal(t, "https://example.com/oauth/token",
p.Data().RedeemUrl.String()) p.Data().RedeemURL.String())
assert.Equal(t, "https://example.com/oauth/profile", assert.Equal(t, "https://example.com/oauth/profile",
p.Data().ProfileUrl.String()) p.Data().ProfileURL.String())
assert.Equal(t, "https://example.com/oauth/tokeninfo", assert.Equal(t, "https://example.com/oauth/tokeninfo",
p.Data().ValidateUrl.String()) p.Data().ValidateURL.String())
assert.Equal(t, "profile", p.Data().Scope) assert.Equal(t, "profile", p.Data().Scope)
} }
@ -94,7 +94,7 @@ func TestGoogleProviderGetEmailAddress(t *testing.T) {
}) })
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
var server *httptest.Server var server *httptest.Server
p.RedeemUrl, server = newRedeemServer(body) p.RedeemURL, server = newRedeemServer(body)
defer server.Close() defer server.Close()
session, err := p.Redeem("http://redirect/", "code1234") session, err := p.Redeem("http://redirect/", "code1234")
@ -131,7 +131,7 @@ func TestGoogleProviderGetEmailAddressInvalidEncoding(t *testing.T) {
}) })
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
var server *httptest.Server var server *httptest.Server
p.RedeemUrl, server = newRedeemServer(body) p.RedeemURL, server = newRedeemServer(body)
defer server.Close() defer server.Close()
session, err := p.Redeem("http://redirect/", "code1234") session, err := p.Redeem("http://redirect/", "code1234")
@ -150,7 +150,7 @@ func TestGoogleProviderGetEmailAddressInvalidJson(t *testing.T) {
}) })
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
var server *httptest.Server var server *httptest.Server
p.RedeemUrl, server = newRedeemServer(body) p.RedeemURL, server = newRedeemServer(body)
defer server.Close() defer server.Close()
session, err := p.Redeem("http://redirect/", "code1234") session, err := p.Redeem("http://redirect/", "code1234")
@ -169,7 +169,7 @@ func TestGoogleProviderGetEmailAddressEmailMissing(t *testing.T) {
}) })
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
var server *httptest.Server var server *httptest.Server
p.RedeemUrl, server = newRedeemServer(body) p.RedeemURL, server = newRedeemServer(body)
defer server.Close() defer server.Close()
session, err := p.Redeem("http://redirect/", "code1234") session, err := p.Redeem("http://redirect/", "code1234")

View File

@ -11,10 +11,10 @@ import (
// validateToken returns true if token is valid // validateToken returns true if token is valid
func validateToken(p Provider, access_token string, header http.Header) bool { func validateToken(p Provider, access_token string, header http.Header) bool {
if access_token == "" || p.Data().ValidateUrl == nil { if access_token == "" || p.Data().ValidateURL == nil {
return false return false
} }
endpoint := p.Data().ValidateUrl.String() endpoint := p.Data().ValidateURL.String()
if len(header) == 0 { if len(header) == 0 {
params := url.Values{"access_token": {access_token}} params := url.Values{"access_token": {access_token}}
endpoint = endpoint + "?" + params.Encode() endpoint = endpoint + "?" + params.Encode()

View File

@ -63,7 +63,7 @@ func NewValidateSessionStateTest() *ValidateSessionStateTest {
backend_url, _ := url.Parse(vt_test.backend.URL) backend_url, _ := url.Parse(vt_test.backend.URL)
vt_test.provider = &ValidateSessionStateTestProvider{ vt_test.provider = &ValidateSessionStateTestProvider{
ProviderData: &ProviderData{ ProviderData: &ProviderData{
ValidateUrl: &url.URL{ ValidateURL: &url.URL{
Scheme: "http", Scheme: "http",
Host: backend_url.Host, Host: backend_url.Host,
Path: "/oauth/tokeninfo", Path: "/oauth/tokeninfo",
@ -99,10 +99,10 @@ func TestValidateSessionStateEmptyToken(t *testing.T) {
assert.Equal(t, false, validateToken(vt_test.provider, "", nil)) assert.Equal(t, false, validateToken(vt_test.provider, "", nil))
} }
func TestValidateSessionStateEmptyValidateUrl(t *testing.T) { func TestValidateSessionStateEmptyValidateURL(t *testing.T) {
vt_test := NewValidateSessionStateTest() vt_test := NewValidateSessionStateTest()
defer vt_test.Close() defer vt_test.Close()
vt_test.provider.Data().ValidateUrl = nil vt_test.provider.Data().ValidateURL = nil
assert.Equal(t, false, validateToken(vt_test.provider, "foobar", nil)) assert.Equal(t, false, validateToken(vt_test.provider, "foobar", nil))
} }

View File

@ -15,23 +15,23 @@ type LinkedInProvider struct {
func NewLinkedInProvider(p *ProviderData) *LinkedInProvider { func NewLinkedInProvider(p *ProviderData) *LinkedInProvider {
p.ProviderName = "LinkedIn" p.ProviderName = "LinkedIn"
if p.LoginUrl.String() == "" { if p.LoginURL.String() == "" {
p.LoginUrl = &url.URL{Scheme: "https", p.LoginURL = &url.URL{Scheme: "https",
Host: "www.linkedin.com", Host: "www.linkedin.com",
Path: "/uas/oauth2/authorization"} Path: "/uas/oauth2/authorization"}
} }
if p.RedeemUrl.String() == "" { if p.RedeemURL.String() == "" {
p.RedeemUrl = &url.URL{Scheme: "https", p.RedeemURL = &url.URL{Scheme: "https",
Host: "www.linkedin.com", Host: "www.linkedin.com",
Path: "/uas/oauth2/accessToken"} Path: "/uas/oauth2/accessToken"}
} }
if p.ProfileUrl.String() == "" { if p.ProfileURL.String() == "" {
p.ProfileUrl = &url.URL{Scheme: "https", p.ProfileURL = &url.URL{Scheme: "https",
Host: "www.linkedin.com", Host: "www.linkedin.com",
Path: "/v1/people/~/email-address"} Path: "/v1/people/~/email-address"}
} }
if p.ValidateUrl.String() == "" { if p.ValidateURL.String() == "" {
p.ValidateUrl = p.ProfileUrl p.ValidateURL = p.ProfileURL
} }
if p.Scope == "" { if p.Scope == "" {
p.Scope = "r_emailaddress r_basicprofile" p.Scope = "r_emailaddress r_basicprofile"
@ -51,7 +51,7 @@ func (p *LinkedInProvider) GetEmailAddress(s *SessionState) (string, error) {
if s.AccessToken == "" { if s.AccessToken == "" {
return "", errors.New("missing access token") return "", errors.New("missing access token")
} }
req, err := http.NewRequest("GET", p.ProfileUrl.String()+"?format=json", nil) req, err := http.NewRequest("GET", p.ProfileURL.String()+"?format=json", nil)
if err != nil { if err != nil {
return "", err return "", err
} }

View File

@ -12,15 +12,15 @@ func testLinkedInProvider(hostname string) *LinkedInProvider {
p := NewLinkedInProvider( p := NewLinkedInProvider(
&ProviderData{ &ProviderData{
ProviderName: "", ProviderName: "",
LoginUrl: &url.URL{}, LoginURL: &url.URL{},
RedeemUrl: &url.URL{}, RedeemURL: &url.URL{},
ProfileUrl: &url.URL{}, ProfileURL: &url.URL{},
ValidateUrl: &url.URL{}, ValidateURL: &url.URL{},
Scope: ""}) Scope: ""})
if hostname != "" { if hostname != "" {
updateUrl(p.Data().LoginUrl, hostname) updateURL(p.Data().LoginURL, hostname)
updateUrl(p.Data().RedeemUrl, hostname) updateURL(p.Data().RedeemURL, hostname)
updateUrl(p.Data().ProfileUrl, hostname) updateURL(p.Data().ProfileURL, hostname)
} }
return p return p
} }
@ -47,32 +47,32 @@ func TestLinkedInProviderDefaults(t *testing.T) {
assert.NotEqual(t, nil, p) assert.NotEqual(t, nil, p)
assert.Equal(t, "LinkedIn", p.Data().ProviderName) assert.Equal(t, "LinkedIn", p.Data().ProviderName)
assert.Equal(t, "https://www.linkedin.com/uas/oauth2/authorization", assert.Equal(t, "https://www.linkedin.com/uas/oauth2/authorization",
p.Data().LoginUrl.String()) p.Data().LoginURL.String())
assert.Equal(t, "https://www.linkedin.com/uas/oauth2/accessToken", assert.Equal(t, "https://www.linkedin.com/uas/oauth2/accessToken",
p.Data().RedeemUrl.String()) p.Data().RedeemURL.String())
assert.Equal(t, "https://www.linkedin.com/v1/people/~/email-address", assert.Equal(t, "https://www.linkedin.com/v1/people/~/email-address",
p.Data().ProfileUrl.String()) p.Data().ProfileURL.String())
assert.Equal(t, "https://www.linkedin.com/v1/people/~/email-address", assert.Equal(t, "https://www.linkedin.com/v1/people/~/email-address",
p.Data().ValidateUrl.String()) p.Data().ValidateURL.String())
assert.Equal(t, "r_emailaddress r_basicprofile", p.Data().Scope) assert.Equal(t, "r_emailaddress r_basicprofile", p.Data().Scope)
} }
func TestLinkedInProviderOverrides(t *testing.T) { func TestLinkedInProviderOverrides(t *testing.T) {
p := NewLinkedInProvider( p := NewLinkedInProvider(
&ProviderData{ &ProviderData{
LoginUrl: &url.URL{ LoginURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/auth"}, Path: "/oauth/auth"},
RedeemUrl: &url.URL{ RedeemURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/token"}, Path: "/oauth/token"},
ProfileUrl: &url.URL{ ProfileURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/profile"}, Path: "/oauth/profile"},
ValidateUrl: &url.URL{ ValidateURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/tokeninfo"}, Path: "/oauth/tokeninfo"},
@ -80,13 +80,13 @@ func TestLinkedInProviderOverrides(t *testing.T) {
assert.NotEqual(t, nil, p) assert.NotEqual(t, nil, p)
assert.Equal(t, "LinkedIn", p.Data().ProviderName) assert.Equal(t, "LinkedIn", p.Data().ProviderName)
assert.Equal(t, "https://example.com/oauth/auth", assert.Equal(t, "https://example.com/oauth/auth",
p.Data().LoginUrl.String()) p.Data().LoginURL.String())
assert.Equal(t, "https://example.com/oauth/token", assert.Equal(t, "https://example.com/oauth/token",
p.Data().RedeemUrl.String()) p.Data().RedeemURL.String())
assert.Equal(t, "https://example.com/oauth/profile", assert.Equal(t, "https://example.com/oauth/profile",
p.Data().ProfileUrl.String()) p.Data().ProfileURL.String())
assert.Equal(t, "https://example.com/oauth/tokeninfo", assert.Equal(t, "https://example.com/oauth/tokeninfo",
p.Data().ValidateUrl.String()) p.Data().ValidateURL.String())
assert.Equal(t, "profile", p.Data().Scope) assert.Equal(t, "profile", p.Data().Scope)
} }

View File

@ -16,23 +16,23 @@ func NewMyUsaProvider(p *ProviderData) *MyUsaProvider {
const myUsaHost string = "alpha.my.usa.gov" const myUsaHost string = "alpha.my.usa.gov"
p.ProviderName = "MyUSA" p.ProviderName = "MyUSA"
if p.LoginUrl.String() == "" { if p.LoginURL.String() == "" {
p.LoginUrl = &url.URL{Scheme: "https", p.LoginURL = &url.URL{Scheme: "https",
Host: myUsaHost, Host: myUsaHost,
Path: "/oauth/authorize"} Path: "/oauth/authorize"}
} }
if p.RedeemUrl.String() == "" { if p.RedeemURL.String() == "" {
p.RedeemUrl = &url.URL{Scheme: "https", p.RedeemURL = &url.URL{Scheme: "https",
Host: myUsaHost, Host: myUsaHost,
Path: "/oauth/token"} Path: "/oauth/token"}
} }
if p.ProfileUrl.String() == "" { if p.ProfileURL.String() == "" {
p.ProfileUrl = &url.URL{Scheme: "https", p.ProfileURL = &url.URL{Scheme: "https",
Host: myUsaHost, Host: myUsaHost,
Path: "/api/v1/profile"} Path: "/api/v1/profile"}
} }
if p.ValidateUrl.String() == "" { if p.ValidateURL.String() == "" {
p.ValidateUrl = &url.URL{Scheme: "https", p.ValidateURL = &url.URL{Scheme: "https",
Host: myUsaHost, Host: myUsaHost,
Path: "/api/v1/tokeninfo"} Path: "/api/v1/tokeninfo"}
} }
@ -44,7 +44,7 @@ func NewMyUsaProvider(p *ProviderData) *MyUsaProvider {
func (p *MyUsaProvider) GetEmailAddress(s *SessionState) (string, error) { func (p *MyUsaProvider) GetEmailAddress(s *SessionState) (string, error) {
req, err := http.NewRequest("GET", req, err := http.NewRequest("GET",
p.ProfileUrl.String()+"?access_token="+s.AccessToken, nil) p.ProfileURL.String()+"?access_token="+s.AccessToken, nil)
if err != nil { if err != nil {
log.Printf("failed building request %s", err) log.Printf("failed building request %s", err)
return "", err return "", err

View File

@ -9,7 +9,7 @@ import (
"github.com/bmizerany/assert" "github.com/bmizerany/assert"
) )
func updateUrl(url *url.URL, hostname string) { func updateURL(url *url.URL, hostname string) {
url.Scheme = "http" url.Scheme = "http"
url.Host = hostname url.Host = hostname
} }
@ -18,16 +18,16 @@ func testMyUsaProvider(hostname string) *MyUsaProvider {
p := NewMyUsaProvider( p := NewMyUsaProvider(
&ProviderData{ &ProviderData{
ProviderName: "", ProviderName: "",
LoginUrl: &url.URL{}, LoginURL: &url.URL{},
RedeemUrl: &url.URL{}, RedeemURL: &url.URL{},
ProfileUrl: &url.URL{}, ProfileURL: &url.URL{},
ValidateUrl: &url.URL{}, ValidateURL: &url.URL{},
Scope: ""}) Scope: ""})
if hostname != "" { if hostname != "" {
updateUrl(p.Data().LoginUrl, hostname) updateURL(p.Data().LoginURL, hostname)
updateUrl(p.Data().RedeemUrl, hostname) updateURL(p.Data().RedeemURL, hostname)
updateUrl(p.Data().ProfileUrl, hostname) updateURL(p.Data().ProfileURL, hostname)
updateUrl(p.Data().ValidateUrl, hostname) updateURL(p.Data().ValidateURL, hostname)
} }
return p return p
} }
@ -53,32 +53,32 @@ func TestMyUsaProviderDefaults(t *testing.T) {
assert.NotEqual(t, nil, p) assert.NotEqual(t, nil, p)
assert.Equal(t, "MyUSA", p.Data().ProviderName) assert.Equal(t, "MyUSA", p.Data().ProviderName)
assert.Equal(t, "https://alpha.my.usa.gov/oauth/authorize", assert.Equal(t, "https://alpha.my.usa.gov/oauth/authorize",
p.Data().LoginUrl.String()) p.Data().LoginURL.String())
assert.Equal(t, "https://alpha.my.usa.gov/oauth/token", assert.Equal(t, "https://alpha.my.usa.gov/oauth/token",
p.Data().RedeemUrl.String()) p.Data().RedeemURL.String())
assert.Equal(t, "https://alpha.my.usa.gov/api/v1/profile", assert.Equal(t, "https://alpha.my.usa.gov/api/v1/profile",
p.Data().ProfileUrl.String()) p.Data().ProfileURL.String())
assert.Equal(t, "https://alpha.my.usa.gov/api/v1/tokeninfo", assert.Equal(t, "https://alpha.my.usa.gov/api/v1/tokeninfo",
p.Data().ValidateUrl.String()) p.Data().ValidateURL.String())
assert.Equal(t, "profile.email", p.Data().Scope) assert.Equal(t, "profile.email", p.Data().Scope)
} }
func TestMyUsaProviderOverrides(t *testing.T) { func TestMyUsaProviderOverrides(t *testing.T) {
p := NewMyUsaProvider( p := NewMyUsaProvider(
&ProviderData{ &ProviderData{
LoginUrl: &url.URL{ LoginURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/auth"}, Path: "/oauth/auth"},
RedeemUrl: &url.URL{ RedeemURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/token"}, Path: "/oauth/token"},
ProfileUrl: &url.URL{ ProfileURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/profile"}, Path: "/oauth/profile"},
ValidateUrl: &url.URL{ ValidateURL: &url.URL{
Scheme: "https", Scheme: "https",
Host: "example.com", Host: "example.com",
Path: "/oauth/tokeninfo"}, Path: "/oauth/tokeninfo"},
@ -86,13 +86,13 @@ func TestMyUsaProviderOverrides(t *testing.T) {
assert.NotEqual(t, nil, p) assert.NotEqual(t, nil, p)
assert.Equal(t, "MyUSA", p.Data().ProviderName) assert.Equal(t, "MyUSA", p.Data().ProviderName)
assert.Equal(t, "https://example.com/oauth/auth", assert.Equal(t, "https://example.com/oauth/auth",
p.Data().LoginUrl.String()) p.Data().LoginURL.String())
assert.Equal(t, "https://example.com/oauth/token", assert.Equal(t, "https://example.com/oauth/token",
p.Data().RedeemUrl.String()) p.Data().RedeemURL.String())
assert.Equal(t, "https://example.com/oauth/profile", assert.Equal(t, "https://example.com/oauth/profile",
p.Data().ProfileUrl.String()) p.Data().ProfileURL.String())
assert.Equal(t, "https://example.com/oauth/tokeninfo", assert.Equal(t, "https://example.com/oauth/tokeninfo",
p.Data().ValidateUrl.String()) p.Data().ValidateURL.String())
assert.Equal(t, "profile", p.Data().Scope) assert.Equal(t, "profile", p.Data().Scope)
} }

View File

@ -8,10 +8,10 @@ type ProviderData struct {
ProviderName string ProviderName string
ClientID string ClientID string
ClientSecret string ClientSecret string
LoginUrl *url.URL LoginURL *url.URL
RedeemUrl *url.URL RedeemURL *url.URL
ProfileUrl *url.URL ProfileURL *url.URL
ValidateUrl *url.URL ValidateURL *url.URL
Scope string Scope string
ApprovalPrompt string ApprovalPrompt string
} }

View File

@ -13,20 +13,20 @@ import (
"github.com/bitly/oauth2_proxy/cookie" "github.com/bitly/oauth2_proxy/cookie"
) )
func (p *ProviderData) Redeem(redirectUrl, code string) (s *SessionState, err error) { func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error) {
if code == "" { if code == "" {
err = errors.New("missing code") err = errors.New("missing code")
return return
} }
params := url.Values{} params := url.Values{}
params.Add("redirect_uri", redirectUrl) params.Add("redirect_uri", redirectURL)
params.Add("client_id", p.ClientID) params.Add("client_id", p.ClientID)
params.Add("client_secret", p.ClientSecret) params.Add("client_secret", p.ClientSecret)
params.Add("code", code) params.Add("code", code)
params.Add("grant_type", "authorization_code") params.Add("grant_type", "authorization_code")
var req *http.Request var req *http.Request
req, err = http.NewRequest("POST", p.RedeemUrl.String(), bytes.NewBufferString(params.Encode())) req, err = http.NewRequest("POST", p.RedeemURL.String(), bytes.NewBufferString(params.Encode()))
if err != nil { if err != nil {
return return
} }
@ -45,7 +45,7 @@ func (p *ProviderData) Redeem(redirectUrl, code string) (s *SessionState, err er
} }
if resp.StatusCode != 200 { if resp.StatusCode != 200 {
err = fmt.Errorf("got %d from %q %s", resp.StatusCode, p.RedeemUrl.String(), body) err = fmt.Errorf("got %d from %q %s", resp.StatusCode, p.RedeemURL.String(), body)
return return
} }
@ -77,7 +77,7 @@ func (p *ProviderData) Redeem(redirectUrl, code string) (s *SessionState, err er
// GetLoginURL with typical oauth parameters // GetLoginURL with typical oauth parameters
func (p *ProviderData) GetLoginURL(redirectURI, finalRedirect string) string { func (p *ProviderData) GetLoginURL(redirectURI, finalRedirect string) string {
var a url.URL var a url.URL
a = *p.LoginUrl a = *p.LoginURL
params, _ := url.ParseQuery(a.RawQuery) params, _ := url.ParseQuery(a.RawQuery)
params.Set("redirect_uri", redirectURI) params.Set("redirect_uri", redirectURI)
params.Set("approval_prompt", p.ApprovalPrompt) params.Set("approval_prompt", p.ApprovalPrompt)