meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #392 from arnottcr/master

Browse Source 
[github provider] use Authorization header, not access_token query parameter
This commit is contained in:
Jehiah Czebotar 2017-05-26 08:42:07 -04:00 committed by GitHub
commit 6d6cb7e1f8
1 changed files with 14 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
providers/github.go
View File

@ -62,7 +62,6 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
} }
params := url.Values{ params := url.Values{
"access_token": {accessToken},
"limit": {"100"}, "limit": {"100"},
} }
@ -74,6 +73,7 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
} }
req, _ := http.NewRequest("GET", endpoint.String(), nil) req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Accept", "application/vnd.github.v3+json") req.Header.Set("Accept", "application/vnd.github.v3+json")
req.Header.Set("Authorization", fmt.Sprintf("token %s", accessToken))
resp, err := http.DefaultClient.Do(req) resp, err := http.DefaultClient.Do(req)
if err != nil { if err != nil {
return false, err return false, err
@ -86,7 +86,7 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
} }
if resp.StatusCode != 200 { if resp.StatusCode != 200 {
return false, fmt.Errorf( return false, fmt.Errorf(
"got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body) "got %d from %q %s", resp.StatusCode, endpoint.String(), body)
} }
if err := json.Unmarshal(body, &orgs); err != nil { if err := json.Unmarshal(body, &orgs); err != nil {
@ -118,7 +118,6 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
} }
params := url.Values{ params := url.Values{
"access_token": {accessToken},
"limit": {"100"}, "limit": {"100"},
} }
@ -130,6 +129,7 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
} }
req, _ := http.NewRequest("GET", endpoint.String(), nil) req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Accept", "application/vnd.github.v3+json") req.Header.Set("Accept", "application/vnd.github.v3+json")
req.Header.Set("Authorization", fmt.Sprintf("token %s", accessToken))
resp, err := http.DefaultClient.Do(req) resp, err := http.DefaultClient.Do(req)
if err != nil { if err != nil {
return false, err return false, err
@ -142,7 +142,7 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
} }
if resp.StatusCode != 200 { if resp.StatusCode != 200 {
return false, fmt.Errorf( return false, fmt.Errorf(
"got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body) "got %d from %q %s", resp.StatusCode, endpoint.String(), body)
} }
if err := json.Unmarshal(body, &teams); err != nil { if err := json.Unmarshal(body, &teams); err != nil {
@ -198,17 +198,14 @@ func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
} }
} }
params := url.Values{
"access_token": {s.AccessToken},
}
endpoint := &url.URL{ endpoint := &url.URL{
Scheme: p.ValidateURL.Scheme, Scheme: p.ValidateURL.Scheme,
Host: p.ValidateURL.Host, Host: p.ValidateURL.Host,
Path: path.Join(p.ValidateURL.Path, "/user/emails"), Path: path.Join(p.ValidateURL.Path, "/user/emails"),
RawQuery: params.Encode(),
} }
resp, err := http.DefaultClient.Get(endpoint.String()) req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Authorization", fmt.Sprintf("token %s", s.AccessToken))
resp, err := http.DefaultClient.Do(req)
if err != nil { if err != nil {
return "", err return "", err
} }
@ -220,9 +217,9 @@ func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
if resp.StatusCode != 200 { if resp.StatusCode != 200 {
return "", fmt.Errorf("got %d from %q %s", return "", fmt.Errorf("got %d from %q %s",
resp.StatusCode, stripToken(endpoint.String()), body) resp.StatusCode, endpoint.String(), body)
} else { } else {
log.Printf("got %d from %q %s", resp.StatusCode, stripToken(endpoint.String()), body) log.Printf("got %d from %q %s", resp.StatusCode, endpoint.String(), body)
} }
if err := json.Unmarshal(body, &emails); err != nil { if err := json.Unmarshal(body, &emails); err != nil {