krombel/oauth2-old
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

google/externalaccount: validate tokenURL and ServiceAccountImpersonationURL

Browse Source 
Change-Id: Iab70cc967fd97ac8e349a14760df0f8b02ddf074
GitHub-Last-Rev: ddf4dbd0b7096a0d34677047b9c3992bb6ed359b
GitHub-Pull-Request: golang/oauth2#514
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/340569
Reviewed-by: Patrick Jones <ithuriel@google.com>
Reviewed-by: Cody Oss <codyoss@google.com>
Reviewed-by: Chris Broadfoot <cbro@golang.org>
Trust: Cody Oss <codyoss@google.com>
Run-TryBot: Cody Oss <codyoss@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
This commit is contained in:
Patrick Jones
2021-08-12 22:59:38 +00:00
committed by Cody Oss
parent faf39c7919
commit 7df4dd6e12
11 changed files with 219 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
google/internal/externalaccount/sts_exchange.go
View File

@@ -65,6 +65,9 @@ func exchangeToken(ctx context.Context, endpoint string, request *stsTokenExchan
defer resp.Body.Close()
body, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
if err != nil {
return nil, err
}
if c := resp.StatusCode; c < 200 || c > 299 {
return nil, fmt.Errorf("oauth2/google: status code %d: %s", c, body)
}