krombel/oauth2
1
0
Fork 0
forked from remote/oauth2
Code Pull Requests 1 Activity

Added in fixes found during manual testing of Azure import.

Browse Source 
Change-Id: Icf21d58732fdf4e3caaca015bc10d84613d0f423
This commit is contained in:
Patrick Jones
2021-02-10 17:39:58 -08:00
parent 66670185b0
commit f9a44934e9
4 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
google/internal/externalaccount/basecredentials.go
View File

@@ -96,7 +96,7 @@ func (c *Config) parse(ctx context.Context) (baseCredentialSource, error) {
} else if c.CredentialSource.File != "" { } else if c.CredentialSource.File != "" {
return fileCredentialSource{File: c.CredentialSource.File, Format: c.CredentialSource.Format}, nil return fileCredentialSource{File: c.CredentialSource.File, Format: c.CredentialSource.Format}, nil
} else if c.CredentialSource.URL != "" { } else if c.CredentialSource.URL != "" {
return urlCredentialSource{URL: c.CredentialSource.URL, Format: c.CredentialSource.Format, ctx: ctx}, nil return urlCredentialSource{URL: c.CredentialSource.URL, Headers: c.CredentialSource.Headers, Format: c.CredentialSource.Format, ctx: ctx}, nil
} }
return nil, fmt.Errorf("oauth2/google: unable to parse credential source") return nil, fmt.Errorf("oauth2/google: unable to parse credential source")
} }

2
google/internal/externalaccount/impersonate.go
View File

@@ -64,7 +64,7 @@ func (its impersonateTokenSource) Token() (*oauth2.Token, error) {
return nil, fmt.Errorf("oauth2/google: unable to read body: %v", err) return nil, fmt.Errorf("oauth2/google: unable to read body: %v", err)
} }
if c := resp.StatusCode; c < 200 || c > 299 { if c := resp.StatusCode; c < 200 || c > 299 {
return nil, fmt.Errorf("oauth2/google: status code %d: %s", c, body) return nil, fmt.Errorf("oauth2/google: status code %d: %s", c, string(body))
} }
var accessTokenResp impersonateTokenResponse var accessTokenResp impersonateTokenResponse

8
google/internal/externalaccount/sts_exchange.go
View File

@@ -9,6 +9,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io" "io"
"io/ioutil"
"net/http" "net/http"
"net/url" "net/url"
"strconv" "strconv"
@@ -63,9 +64,12 @@ func ExchangeToken(ctx context.Context, endpoint string, request *STSTokenExchan
} }
defer resp.Body.Close() defer resp.Body.Close()
bodyJson := json.NewDecoder(io.LimitReader(resp.Body, 1<<20)) body, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
if c := resp.StatusCode; c < 200 || c > 299 {
return nil, fmt.Errorf("oauth2/google: status code %d: %s", c, string(body))
}
var stsResp STSTokenExchangeResponse var stsResp STSTokenExchangeResponse
err = bodyJson.Decode(&stsResp) json.Unmarshal(body, &stsResp)
if err != nil { if err != nil {
return nil, fmt.Errorf("oauth2/google: failed to unmarshal response body from Secure Token Server: %v", err) return nil, fmt.Errorf("oauth2/google: failed to unmarshal response body from Secure Token Server: %v", err)

3
google/internal/externalaccount/urlcredsource.go
View File

@@ -43,6 +43,9 @@ func (cs urlCredentialSource) subjectToken() (string, error) {
if err != nil { if err != nil {
return "", fmt.Errorf("oauth2/google: invalid body in subject token URL query: %v", err) return "", fmt.Errorf("oauth2/google: invalid body in subject token URL query: %v", err)
} }
if c := resp.StatusCode; c < 200 || c > 299 {
return "", fmt.Errorf("oauth2/google: status code %d: %s", c, string(tokenBytes))
}
switch cs.Format.Type { switch cs.Format.Type {
case "json": case "json":