mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-06-09 13:00:14 +00:00
fix: support for oidc post (forgot that)
This commit is contained in:
Stavros
@@ -115,13 +115,13 @@ func (controller *OIDCController) authorize(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
var req service.AuthorizeRequest
|
|
||||||
|
|
||||||
reqQueries := c.Request.URL.Query()
|
reqQueries := c.Request.URL.Query()
|
||||||
|
|
||||||
if reqQueries.Get("request") != "" {
|
var req service.AuthorizeRequest
|
||||||
requestObject, err := controller.oidc.DecodeAuthorizeJWT(reqQueries.Get("request"))
|
|
||||||
|
|
||||||
|
// step 1: if we have a request object, decode it and ignore other params. If not, bind the params as usual
|
||||||
|
if raw := reqQueries.Get("request"); raw != "" {
|
||||||
|
requestObject, err := controller.oidc.DecodeAuthorizeJWT(raw)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
controller.authorizeError(c, authorizeErrorParams{
|
controller.authorizeError(c, authorizeErrorParams{
|
||||||
err: err,
|
err: err,
|
||||||
@@ -130,23 +130,22 @@ func (controller *OIDCController) authorize(c *gin.Context) {
|
|||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
req = *requestObject
|
req = *requestObject
|
||||||
} else {
|
} else {
|
||||||
var queryReq service.AuthorizeRequest
|
// step 2: by default we assume normal GET query parameters
|
||||||
|
bind := binding.Query
|
||||||
err := c.ShouldBindWith(&queryReq, binding.Query)
|
// step 3: if it's a POST request, we try form parameters
|
||||||
|
if c.Request.Method == http.MethodPost {
|
||||||
if err != nil {
|
bind = binding.Form
|
||||||
|
}
|
||||||
|
if err := c.ShouldBindWith(&req, bind); err != nil {
|
||||||
controller.authorizeError(c, authorizeErrorParams{
|
controller.authorizeError(c, authorizeErrorParams{
|
||||||
err: err,
|
err: err,
|
||||||
reason: "Failed to bind query parameters",
|
reason: "Failed to bind request parameters",
|
||||||
reasonPublic: "The client provided invalid query parameters",
|
reasonPublic: "The client provided invalid parameters",
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
req = queryReq
|
|
||||||
}
|
}
|
||||||
|
|
||||||
client, ok := controller.oidc.GetClient(req.ClientID)
|
client, ok := controller.oidc.GetClient(req.ClientID)
|
||||||
|
|||||||
@@ -108,10 +108,10 @@ type TokenResponse struct {
|
|||||||
|
|
||||||
type AuthorizeRequest struct {
|
type AuthorizeRequest struct {
|
||||||
jwt.Claims
|
jwt.Claims
|
||||||
Scope string `form:"scope" binding:"required" json:"scope" url:"scope"`
|
Scope string `form:"scope" json:"scope" url:"scope"`
|
||||||
ResponseType string `form:"response_type" binding:"required" json:"response_type" url:"response_type"`
|
ResponseType string `form:"response_type" json:"response_type" url:"response_type"`
|
||||||
ClientID string `form:"client_id" binding:"required" json:"client_id" url:"client_id"`
|
ClientID string `form:"client_id" json:"client_id" url:"client_id"`
|
||||||
RedirectURI string `form:"redirect_uri" binding:"required" json:"redirect_uri" url:"redirect_uri"`
|
RedirectURI string `form:"redirect_uri" json:"redirect_uri" url:"redirect_uri"`
|
||||||
State string `form:"state" json:"state" url:"state"`
|
State string `form:"state" json:"state" url:"state"`
|
||||||
Nonce string `form:"nonce" json:"nonce" url:"nonce"`
|
Nonce string `form:"nonce" json:"nonce" url:"nonce"`
|
||||||
CodeChallenge string `form:"code_challenge" json:"code_challenge" url:"code_challenge"`
|
CodeChallenge string `form:"code_challenge" json:"code_challenge" url:"code_challenge"`
|
||||||
|
|||||||
Reference in New Issue
Block a user