diff --git a/source/extensions/filters/http/oauth2/filter.cc b/source/extensions/filters/http/oauth2/filter.cc index d1b3654457be..aa1396ec9302 100644 --- a/source/extensions/filters/http/oauth2/filter.cc +++ b/source/extensions/filters/http/oauth2/filter.cc @@ -212,12 +212,12 @@ Http::FilterHeadersStatus OAuth2Filter::decodeHeaders(Http::RequestHeaderMap& he Http::Utility::Url state_url; if (!state_url.initialize(state, false)) { sendUnauthorizedResponse(); - return Http::FilterHeadersStatus::StopAllIterationAndBuffer; + return Http::FilterHeadersStatus::StopIteration; } // Avoid infinite redirect storm if (config_->redirectPathMatcher().match(state_url.pathAndQueryParams())) { sendUnauthorizedResponse(); - return Http::FilterHeadersStatus::StopAllIterationAndBuffer; + return Http::FilterHeadersStatus::StopIteration; } Http::ResponseHeaderMapPtr response_headers{ Http::createHeaderMap( @@ -283,7 +283,7 @@ Http::FilterHeadersStatus OAuth2Filter::decodeHeaders(Http::RequestHeaderMap& he config_->stats().oauth_unauthorized_rq_.inc(); - return Http::FilterHeadersStatus::StopAllIterationAndBuffer; + return Http::FilterHeadersStatus::StopIteration; } // At this point, we *are* on /_oauth. We believe this request comes from the authorization @@ -292,14 +292,14 @@ Http::FilterHeadersStatus OAuth2Filter::decodeHeaders(Http::RequestHeaderMap& he const auto query_parameters = Http::Utility::parseQueryString(path_str); if (query_parameters.find(queryParamsError()) != query_parameters.end()) { sendUnauthorizedResponse(); - return Http::FilterHeadersStatus::StopAllIterationAndBuffer; + return Http::FilterHeadersStatus::StopIteration; } // if the data we need is not present on the URL, stop execution if (query_parameters.find(queryParamsCode()) == query_parameters.end() || query_parameters.find(queryParamsState()) == query_parameters.end()) { sendUnauthorizedResponse(); - return Http::FilterHeadersStatus::StopAllIterationAndBuffer; + return Http::FilterHeadersStatus::StopIteration; } auth_code_ = query_parameters.at(queryParamsCode()); @@ -308,7 +308,7 @@ Http::FilterHeadersStatus OAuth2Filter::decodeHeaders(Http::RequestHeaderMap& he Http::Utility::Url state_url; if (!state_url.initialize(state_, false)) { sendUnauthorizedResponse(); - return Http::FilterHeadersStatus::StopAllIterationAndBuffer; + return Http::FilterHeadersStatus::StopIteration; } Formatter::FormatterImpl formatter(config_->redirectUri()); @@ -359,7 +359,7 @@ Http::FilterHeadersStatus OAuth2Filter::signOutUser(const Http::RequestHeaderMap response_headers->setLocation(new_path); decoder_callbacks_->encodeHeaders(std::move(response_headers), true, SIGN_OUT); - return Http::FilterHeadersStatus::StopAllIterationAndBuffer; + return Http::FilterHeadersStatus::StopIteration; } void OAuth2Filter::onGetAccessTokenSuccess(const std::string& access_code, diff --git a/test/extensions/filters/http/oauth2/filter_test.cc b/test/extensions/filters/http/oauth2/filter_test.cc index fae1d1676efb..bac0b139ac4c 100644 --- a/test/extensions/filters/http/oauth2/filter_test.cc +++ b/test/extensions/filters/http/oauth2/filter_test.cc @@ -174,7 +174,7 @@ TEST_F(OAuth2Test, RequestSignout) { }; EXPECT_CALL(decoder_callbacks_, encodeHeaders_(HeaderMapEqualRef(&response_headers), true)); - EXPECT_EQ(Http::FilterHeadersStatus::StopAllIterationAndBuffer, + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_->decodeHeaders(request_headers, false)); } @@ -255,7 +255,7 @@ TEST_F(OAuth2Test, OAuthErrorNonOAuthHttpCallback) { EXPECT_CALL(decoder_callbacks_, encodeHeaders_(HeaderMapEqualRef(&response_headers), true)); - EXPECT_EQ(Http::FilterHeadersStatus::StopAllIterationAndBuffer, + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_->decodeHeaders(request_headers, false)); } @@ -281,7 +281,7 @@ TEST_F(OAuth2Test, OAuthErrorQueryString) { EXPECT_CALL(decoder_callbacks_, encodeHeaders_(HeaderMapEqualRef(&response_headers), false)); EXPECT_CALL(decoder_callbacks_, encodeData(_, true)); - EXPECT_EQ(Http::FilterHeadersStatus::StopAllIterationAndBuffer, + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_->decodeHeaders(request_headers, false)); EXPECT_EQ(scope_.counterFromString("test.oauth_failure").value(), 1); @@ -421,7 +421,7 @@ TEST_F(OAuth2Test, OAuthTestInvalidUrlInStateQueryParam) { EXPECT_CALL(*validator_, token()).WillRepeatedly(ReturnRef(legit_token)); EXPECT_CALL(decoder_callbacks_, encodeHeaders_(HeaderMapEqualRef(&expected_headers), false)); - EXPECT_EQ(Http::FilterHeadersStatus::StopAllIterationAndBuffer, + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_->decodeHeaders(request_headers, false)); } @@ -455,7 +455,7 @@ TEST_F(OAuth2Test, OAuthTestCallbackUrlInStateQueryParam) { EXPECT_CALL(decoder_callbacks_, encodeHeaders_(HeaderMapEqualRef(&expected_response_headers), false)); - EXPECT_EQ(Http::FilterHeadersStatus::StopAllIterationAndBuffer, + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_->decodeHeaders(request_headers, false)); Http::TestRequestHeaderMapImpl final_request_headers{ @@ -564,7 +564,7 @@ TEST_F(OAuth2Test, OAuthTestFullFlowPostWithParameters) { EXPECT_CALL(decoder_callbacks_, encodeHeaders_(HeaderMapEqualRef(&first_response_headers), true)); // This represents the beginning of the OAuth filter. - EXPECT_EQ(Http::FilterHeadersStatus::StopAllIterationAndBuffer, + EXPECT_EQ(Http::FilterHeadersStatus::StopIteration, filter_->decodeHeaders(first_request_headers, false)); // This represents the callback request from the authorization server.