Get rid of dependencies on bitly/oauth2_proxy/api
This commit is contained in:
parent
800a3694c2
commit
53524875d1
@ -1,12 +1,12 @@
|
|||||||
package providers
|
package providers
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/pusher/oauth2_proxy/pkg/apis/sessions"
|
|
||||||
"log"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
|
||||||
"github.com/bitly/oauth2_proxy/api"
|
"github.com/pusher/oauth2_proxy/pkg/apis/sessions"
|
||||||
|
"github.com/pusher/oauth2_proxy/pkg/logger"
|
||||||
|
"github.com/pusher/oauth2_proxy/pkg/requests"
|
||||||
)
|
)
|
||||||
|
|
||||||
type KeycloakProvider struct {
|
type KeycloakProvider struct {
|
||||||
@ -52,19 +52,19 @@ func (p *KeycloakProvider) GetEmailAddress(s *sessions.SessionState) (string, er
|
|||||||
req, err := http.NewRequest("GET", p.ValidateURL.String(), nil)
|
req, err := http.NewRequest("GET", p.ValidateURL.String(), nil)
|
||||||
req.Header.Set("Authorization", "Bearer "+s.AccessToken)
|
req.Header.Set("Authorization", "Bearer "+s.AccessToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("failed building request %s", err)
|
logger.Printf("failed building request %s", err)
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
json, err := api.Request(req)
|
json, err := requests.Request(req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("failed making request %s", err)
|
logger.Printf("failed making request %s", err)
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
if p.Group != "" {
|
if p.Group != "" {
|
||||||
var groups, err = json.Get("groups").Array()
|
var groups, err = json.Get("groups").Array()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("groups not found %s", err)
|
logger.Printf("groups not found %s", err)
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -77,7 +77,7 @@ func (p *KeycloakProvider) GetEmailAddress(s *sessions.SessionState) (string, er
|
|||||||
}
|
}
|
||||||
|
|
||||||
if found != true {
|
if found != true {
|
||||||
log.Printf("group not found, access denied")
|
logger.Printf("group not found, access denied")
|
||||||
return "", nil
|
return "", nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -94,8 +94,8 @@ func TestKeycloakProviderGetEmailAddress(t *testing.T) {
|
|||||||
b := testKeycloakBackend("{\"email\": \"michael.bland@gsa.gov\"}")
|
b := testKeycloakBackend("{\"email\": \"michael.bland@gsa.gov\"}")
|
||||||
defer b.Close()
|
defer b.Close()
|
||||||
|
|
||||||
b_url, _ := url.Parse(b.URL)
|
bUrl, _ := url.Parse(b.URL)
|
||||||
p := testKeycloakProvider(b_url.Host, "")
|
p := testKeycloakProvider(bUrl.Host, "")
|
||||||
|
|
||||||
session := &sessions.SessionState{AccessToken: "imaginary_access_token"}
|
session := &sessions.SessionState{AccessToken: "imaginary_access_token"}
|
||||||
email, err := p.GetEmailAddress(session)
|
email, err := p.GetEmailAddress(session)
|
||||||
@ -107,8 +107,8 @@ func TestKeycloakProviderGetEmailAddressAndGroup(t *testing.T) {
|
|||||||
b := testKeycloakBackend("{\"email\": \"michael.bland@gsa.gov\", \"groups\": [\"test-grp1\", \"test-grp2\"]}")
|
b := testKeycloakBackend("{\"email\": \"michael.bland@gsa.gov\", \"groups\": [\"test-grp1\", \"test-grp2\"]}")
|
||||||
defer b.Close()
|
defer b.Close()
|
||||||
|
|
||||||
b_url, _ := url.Parse(b.URL)
|
bUrl, _ := url.Parse(b.URL)
|
||||||
p := testKeycloakProvider(b_url.Host, "test-grp1")
|
p := testKeycloakProvider(bUrl.Host, "test-grp1")
|
||||||
|
|
||||||
session := &sessions.SessionState{AccessToken: "imaginary_access_token"}
|
session := &sessions.SessionState{AccessToken: "imaginary_access_token"}
|
||||||
email, err := p.GetEmailAddress(session)
|
email, err := p.GetEmailAddress(session)
|
||||||
@ -122,8 +122,8 @@ func TestKeycloakProviderGetEmailAddressFailedRequest(t *testing.T) {
|
|||||||
b := testKeycloakBackend("unused payload")
|
b := testKeycloakBackend("unused payload")
|
||||||
defer b.Close()
|
defer b.Close()
|
||||||
|
|
||||||
b_url, _ := url.Parse(b.URL)
|
bUrl, _ := url.Parse(b.URL)
|
||||||
p := testKeycloakProvider(b_url.Host, "")
|
p := testKeycloakProvider(bUrl.Host, "")
|
||||||
|
|
||||||
// We'll trigger a request failure by using an unexpected access
|
// We'll trigger a request failure by using an unexpected access
|
||||||
// token. Alternatively, we could allow the parsing of the payload as
|
// token. Alternatively, we could allow the parsing of the payload as
|
||||||
@ -138,8 +138,8 @@ func TestKeycloakProviderGetEmailAddressEmailNotPresentInPayload(t *testing.T) {
|
|||||||
b := testKeycloakBackend("{\"foo\": \"bar\"}")
|
b := testKeycloakBackend("{\"foo\": \"bar\"}")
|
||||||
defer b.Close()
|
defer b.Close()
|
||||||
|
|
||||||
b_url, _ := url.Parse(b.URL)
|
bUrl, _ := url.Parse(b.URL)
|
||||||
p := testKeycloakProvider(b_url.Host, "")
|
p := testKeycloakProvider(bUrl.Host, "")
|
||||||
|
|
||||||
session := &sessions.SessionState{AccessToken: "imaginary_access_token"}
|
session := &sessions.SessionState{AccessToken: "imaginary_access_token"}
|
||||||
email, err := p.GetEmailAddress(session)
|
email, err := p.GetEmailAddress(session)
|
||||||
|
Loading…
Reference in New Issue
Block a user