From 4bad945bc8dfe50b9d75f4e129115a23938bc6d4 Mon Sep 17 00:00:00 2001 From: barco Date: Thu, 26 Sep 2024 16:41:24 +0200 Subject: [PATCH] refactor: don't request audience in login request + adjust tests --- pkg/authentication/handlers_test.go | 2 +- pkg/authentication/oidc.go | 3 +-- pkg/authentication/oidc_test.go | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/pkg/authentication/handlers_test.go b/pkg/authentication/handlers_test.go index eae5b38f5..10c3f064f 100644 --- a/pkg/authentication/handlers_test.go +++ b/pkg/authentication/handlers_test.go @@ -77,7 +77,7 @@ func TestHandleLogin(t *testing.T) { t.Fatalf("response code error, expected %d, got %d", http.StatusFound, mockResponse.Code) } - expectedLocation := "/api/v0/?audience=mock-client-id&client_id=mock-client-id&nonce=mock-nonce&redirect_uri=http%3A%2F%2Flocalhost%2Fredirect&response_type=code&scope=openid+offline_access&state=mock-state" + expectedLocation := "/api/v0/?client_id=mock-client-id&nonce=mock-nonce&redirect_uri=http%3A%2F%2Flocalhost%2Fredirect&response_type=code&scope=openid+offline_access&state=mock-state" location := mockResponse.Header().Get("Location") if !strings.HasPrefix(location, expectedLocation) { t.Fatalf("location header error, expected %s, got %s", expectedLocation, location) diff --git a/pkg/authentication/oidc.go b/pkg/authentication/oidc.go index f51130d0b..da7998c9d 100644 --- a/pkg/authentication/oidc.go +++ b/pkg/authentication/oidc.go @@ -50,8 +50,7 @@ func (o *OAuth2Context) LoginRedirect(ctx context.Context, nonce, state string) _, span := o.tracer.Start(ctx, "authentication.OAuth2Context.LoginRedirect") defer span.End() - // TODO: remove `audience` parameter when https://github.com/canonical/identity-platform-login-ui/issues/244 is addressed - return o.client.AuthCodeURL(state, oidc.Nonce(nonce), oauth2.SetAuthURLParam("audience", o.client.ClientID)) + return o.client.AuthCodeURL(state, oidc.Nonce(nonce)) } func (o *OAuth2Context) RetrieveTokens(ctx context.Context, code string) (*oauth2.Token, error) { diff --git a/pkg/authentication/oidc_test.go b/pkg/authentication/oidc_test.go index 6d9ad5ee7..15ba2524d 100644 --- a/pkg/authentication/oidc_test.go +++ b/pkg/authentication/oidc_test.go @@ -140,7 +140,7 @@ func TestOAuth2Context_LoginRedirect(t *testing.T) { location := oauth2Context.LoginRedirect(mockRequest.Context(), "mock-nonce", "mock-state") - expectedLocation := "?audience=mock-client-id&client_id=mock-client-id&nonce=mock-nonce&redirect_uri=http%3A%2F%2Flocalhost%2Fapi%2Fv0%2Fauth%2Fcallback&response_type=code&scope=openid+offline_access&state=mock-state" + expectedLocation := "?client_id=mock-client-id&nonce=mock-nonce&redirect_uri=http%3A%2F%2Flocalhost%2Fapi%2Fv0%2Fauth%2Fcallback&response_type=code&scope=openid+offline_access&state=mock-state" if location != expectedLocation { t.Fatalf("location header error, expected %s, got %s", expectedLocation, location)