Skip to content

Commit

Permalink
Merge pull request dexidp#1584 from alrs/remove-deprecated-register-b…
Browse files Browse the repository at this point in the history 
…roken-auth-header-provider

Deprecated oauth2.RegisterBrokenAuthHeaderProvider
  • Loading branch information
@sagikazarmark
sagikazarmark authored Dec 18, 2019
2 parents e0f927c + 8e0ae82 commit ff4dee5
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 16 deletions.
21 changes: 5 additions & 16 deletions connector/oidc/oidc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ import (
"net/http"
"net/url"
"strings"
"sync"
"time"

"github.com/coreos/go-oidc"
Expand Down Expand Up @@ -85,18 +84,6 @@ func knownBrokenAuthHeaderProvider(issuerURL string) bool {
return false
}

// golang.org/x/oauth2 doesn't do internal locking. Need to do it in this
// package ourselves and hope that other packages aren't calling it at the
// same time.
var registerMu = new(sync.Mutex)

func registerBrokenAuthHeaderProvider(url string) {
registerMu.Lock()
defer registerMu.Unlock()

oauth2.RegisterBrokenAuthHeaderProvider(url)
}

// Open returns a connector which can be used to login users through an upstream
// OpenID Connect provider.
func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, err error) {
Expand All @@ -108,13 +95,15 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e
return nil, fmt.Errorf("failed to get provider: %v", err)
}

endpoint := provider.Endpoint()

if c.BasicAuthUnsupported != nil {
// Setting "basicAuthUnsupported" always overrides our detection.
if *c.BasicAuthUnsupported {
registerBrokenAuthHeaderProvider(provider.Endpoint().TokenURL)
endpoint.AuthStyle = oauth2.AuthStyleInParams
}
} else if knownBrokenAuthHeaderProvider(c.Issuer) {
registerBrokenAuthHeaderProvider(provider.Endpoint().TokenURL)
endpoint.AuthStyle = oauth2.AuthStyleInParams
}

scopes := []string{oidc.ScopeOpenID}
Expand All @@ -131,7 +120,7 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e
oauth2Config: &oauth2.Config{
ClientID: clientID,
ClientSecret: c.ClientSecret,
Endpoint: provider.Endpoint(),
Endpoint: endpoint,
Scopes: scopes,
RedirectURL: c.RedirectURI,
},
Expand Down
2 changes: 2 additions & 0 deletions connector/oidc/oidc_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@ func TestHandleCallback(t *testing.T) {
}
defer testServer.Close()
serverURL := testServer.URL
basicAuth := true
config := Config{
Issuer: serverURL,
ClientID: "clientID",
Expand All @@ -120,6 +121,7 @@ func TestHandleCallback(t *testing.T) {
UserIDKey: tc.userIDKey,
UserNameKey: tc.userNameKey,
InsecureSkipEmailVerified: tc.insecureSkipEmailVerified,
BasicAuthUnsupported: &basicAuth,
}

conn, err := newConnector(config)
Expand Down

0 comments on commit ff4dee5

Please sign in to comment.