Skip to content

Commit

Permalink
fix: handle token hook auth config (#3677)
Browse files Browse the repository at this point in the history
* fix: handle token hook auth config

* fix: bump golangci-lint

---------

Co-authored-by: Arne Luenser <arne.luenser@ory.sh>
  • Loading branch information
hperl and alnr authored Dec 18, 2023
1 parent ce00a42 commit 1a40833
Show file tree
Hide file tree
Showing 9 changed files with 42 additions and 30 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ jobs:
GOGC: 100
with:
args: --timeout 10m0s
version: v1.53.2
version: v1.55.2
skip-pkg-cache: true
- name: Run go-acc (tests)
run: |
Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ export PATH := .bin:${PATH}
export PWD := $(shell pwd)
export IMAGE_TAG := $(if $(IMAGE_TAG),$(IMAGE_TAG),latest)

GOLANGCI_LINT_VERSION = 1.53.3
GOLANGCI_LINT_VERSION = 1.55.2

GO_DEPENDENCIES = github.com/ory/go-acc \
github.com/golang/mock/mockgen \
Expand Down
10 changes: 7 additions & 3 deletions driver/config/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ package config

import (
"context"
"encoding/json"
"fmt"
"net/http"
"net/url"
Expand Down Expand Up @@ -482,8 +481,13 @@ func (p *DefaultProvider) AccessTokenStrategy(ctx context.Context, additionalSou

type (
Auth struct {
Type string `json:"type"`
Config json.RawMessage `json:"config"`
Type string `json:"type"`
Config AuthConfig `json:"config"`
}
AuthConfig struct {
In string `json:"in"`
Name string `json:"name"`
Value string `json:"value"`
}
HookConfig struct {
URL string `json:"url"`
Expand Down
23 changes: 15 additions & 8 deletions driver/config/provider_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -443,18 +443,25 @@ func TestHookConfigs(t *testing.T) {
require.NotNil(t, hc)
assert.EqualValues(t, "http://localhost:8080/hook", hc.URL)

c.MustSet(ctx, key, map[string]any{
"url": "http://localhost:8080/hook2",
"auth": map[string]any{
"type": "api_key",
"config": json.RawMessage(`{"in":"header","name":"my-header","value":"my-value"}`),
},
})
c.MustSet(ctx, key, `
{
"url": "http://localhost:8080/hook2",
"auth": {
"type": "api_key",
"config": {
"in": "header",
"name": "my-header",
"value": "my-value"
}
}
}`)
hc = getFunc(ctx)
require.NotNil(t, hc)
assert.EqualValues(t, "http://localhost:8080/hook2", hc.URL)
assert.EqualValues(t, "api_key", hc.Auth.Type)
assert.JSONEq(t, `{"in":"header","name":"my-header","value":"my-value"}`, string(hc.Auth.Config))
rawConfig, err := json.Marshal(hc.Auth.Config)
require.NoError(t, err)
assert.JSONEq(t, `{"in":"header","name":"my-header","value":"my-value"}`, string(rawConfig))
}
}

Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ require (
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
github.com/oleiade/reflections v1.0.1
github.com/ory/analytics-go/v5 v5.0.1
github.com/ory/fosite v0.44.1-0.20231213153202-0d631f345034
github.com/ory/fosite v0.44.1-0.20231218095112-ac9ae4bd99d7
github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe
github.com/ory/graceful v0.1.3
github.com/ory/herodot v0.10.3-0.20230626083119-d7e5192f0d88
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -591,6 +591,8 @@ github.com/ory/fosite v0.44.1-0.20230807113540-d4605bb2b3a6 h1:pJLf9Gx4CfhE+M0lP
github.com/ory/fosite v0.44.1-0.20230807113540-d4605bb2b3a6/go.mod h1:fkMPsnm/UjiefE9dE9CdZQGOH48TWJLIzUcdGIXg8Kk=
github.com/ory/fosite v0.44.1-0.20231213153202-0d631f345034 h1:0afOTtuICtxga4Ni/PLQwsr45I0jAzsYXg/MaCoXFQs=
github.com/ory/fosite v0.44.1-0.20231213153202-0d631f345034/go.mod h1:fkMPsnm/UjiefE9dE9CdZQGOH48TWJLIzUcdGIXg8Kk=
github.com/ory/fosite v0.44.1-0.20231218095112-ac9ae4bd99d7 h1:EZEUk9sdC9cIKSqXipBz4eO84byOLLeVUnptgX7QFvM=
github.com/ory/fosite v0.44.1-0.20231218095112-ac9ae4bd99d7/go.mod h1:fkMPsnm/UjiefE9dE9CdZQGOH48TWJLIzUcdGIXg8Kk=
github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe h1:rvu4obdvqR0fkSIJ8IfgzKOWwZ5kOT2UNfLq81Qk7rc=
github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe/go.mod h1:z4n3u6as84LbV4YmgjHhnwtccQqzf4cZlSk9f1FhygI=
github.com/ory/go-convenience v0.1.0 h1:zouLKfF2GoSGnJwGq+PE/nJAE6dj2Zj5QlTgmMTsTS8=
Expand Down
8 changes: 6 additions & 2 deletions oauth2/oauth2_auth_code_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1006,8 +1006,12 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) {
reg.Config().MustSet(ctx, config.KeyTokenHook, &config.HookConfig{
URL: hs.URL,
Auth: &config.Auth{
Type: "api_key",
Config: json.RawMessage(`{"in": "header", "name": "Authorization", "value": "Bearer secret value"}`),
Type: "api_key",
Config: config.AuthConfig{
In: "header",
Name: "Authorization",
Value: "Bearer secret value",
},
},
})

Expand Down
8 changes: 6 additions & 2 deletions oauth2/oauth2_client_credentials_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -290,8 +290,12 @@ func TestClientCredentials(t *testing.T) {
reg.Config().MustSet(ctx, config.KeyTokenHook, &config.HookConfig{
URL: hs.URL,
Auth: &config.Auth{
Type: "api_key",
Config: json.RawMessage(`{"in": "header", "name": "Authorization", "value": "Bearer secret value"}`),
Type: "api_key",
Config: config.AuthConfig{
In: "header",
Name: "Authorization",
Value: "Bearer secret value",
},
},
})

Expand Down
15 changes: 3 additions & 12 deletions oauth2/token_hook.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,20 +71,11 @@ func applyAuth(req *retryablehttp.Request, auth *config.Auth) error {

switch auth.Type {
case "api_key":
c := struct {
In string `json:"in"`
Name string `json:"name"`
Value string `json:"value"`
}{}
if err := json.Unmarshal(auth.Config, &c); err != nil {
return err
}

switch c.In {
switch auth.Config.In {
case "header":
req.Header.Set(c.Name, c.Value)
req.Header.Set(auth.Config.Name, auth.Config.Value)
case "cookie":
req.AddCookie(&http.Cookie{Name: c.Name, Value: c.Value})
req.AddCookie(&http.Cookie{Name: auth.Config.Name, Value: auth.Config.Value})
}
default:
return errors.Errorf("unsupported auth type %q", auth.Type)
Expand Down

0 comments on commit 1a40833

Please sign in to comment.