Skip to content

Commit f862651

Browse files
code-ashercode-asher
committed
Extract state from authURL
1 parent d530bb0 commit f862651

File tree

3 files changed

+9
-6
lines changed

3 files changed

+9
-6
lines changed

coderd/coderdtest/oidctest/helper.go

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -122,10 +122,13 @@ func (h *LoginHelper) ForceRefresh(t *testing.T, db database.Store, user *coders
122122
// unit tests, it's easier to skip this step sometimes. It does make an actual
123123
// request to the IDP, so it should be equivalent to doing this "manually" with
124124
// actual requests.
125-
//
126-
// TODO: Is state param optional? Can we grab it from the authURL?
127-
func OAuth2GetCode(authURL string, state string, doRequest func(req *http.Request) (*http.Response, error)) (string, error) {
128-
r, err := http.NewRequestWithContext(context.Background(), http.MethodGet, authURL, nil)
125+
func OAuth2GetCode(rawAuthURL string, doRequest func(req *http.Request) (*http.Response, error)) (string, error) {
126+
authURL, err := url.Parse(rawAuthURL)
127+
if err != nil {
128+
return "", xerrors.Errorf("failed to parse auth URL: %w", err)
129+
}
130+
131+
r, err := http.NewRequestWithContext(context.Background(), http.MethodGet, rawAuthURL, nil)
129132
if err != nil {
130133
return "", xerrors.Errorf("failed to create auth request: %w", err)
131134
}
@@ -156,6 +159,7 @@ func OAuth2GetCode(authURL string, state string, doRequest func(req *http.Reques
156159
return "", xerrors.Errorf("expected code in redirect location")
157160
}
158161

162+
state := authURL.Query().Get("state")
159163
newState := toURL.Query().Get("state")
160164
if newState != state {
161165
return "", xerrors.Errorf("expected state %q, got %q", state, newState)

coderd/coderdtest/oidctest/idp.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -539,7 +539,7 @@ func (f *FakeIDP) CreateAuthCode(t testing.TB, state string) string {
539539
// it expects some claims to be present.
540540
f.stateToIDTokenClaims.Store(state, jwt.MapClaims{})
541541

542-
code, err := OAuth2GetCode(f.cfg.AuthCodeURL(state), state, func(req *http.Request) (*http.Response, error) {
542+
code, err := OAuth2GetCode(f.cfg.AuthCodeURL(state), func(req *http.Request) (*http.Response, error) {
543543
rw := httptest.NewRecorder()
544544
f.handler.ServeHTTP(rw, req)
545545
resp := rw.Result()

enterprise/coderd/oauth2_test.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -945,7 +945,6 @@ func authorizationFlow(ctx context.Context, client *codersdk.Client, cfg *oauth2
945945
state := uuid.NewString()
946946
return oidctest.OAuth2GetCode(
947947
cfg.AuthCodeURL(state),
948-
state,
949948
func(req *http.Request) (*http.Response, error) {
950949
// TODO: Would be better if client had a .Do() method.
951950
// TODO: Is this the best way to handle redirects?

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy