dapr
/
components-contrib
mirror of https://github.com/dapr/components-contrib.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix OAuth2 Client Credentials middleware too (#2629) 

Signed-off-by: ItalyPaleAle <43508+ItalyPaleAle@users.noreply.github.com>
This commit is contained in:
Alessandro (Ale) Segala 2023-03-03 23:58:57 +00:00 committed by GitHub
parent ee92bd16be
commit 236104d7f5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
middleware/http/oauth2/oauth2_middleware.go
View File

@ -90,6 +90,7 @@ func (m *Middleware) GetHandler(ctx context.Context, metadata middleware.Metadat
return
}
// Redirect to the auth server
state := r.URL.Query().Get(stateParam)
if state == "" {
id, err := uuid.NewRandom()

14
middleware/http/oauth2/oauth2_middleware_test.go
View File

@ -27,15 +27,8 @@ import (
"github.com/dapr/kit/logger"
)
func mockedRequestHandler(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte("from mock"))
}
func TestOAuth2CreatesAuthorizationHeaderWhenInSessionState(t *testing.T) {
var metadata middleware.Metadata
metadata.Properties = map[string]string{}
metadata.Properties = map[string]string{
"clientID": "testId",
"clientSecret": "testSecret",
@ -60,7 +53,12 @@ func TestOAuth2CreatesAuthorizationHeaderWhenInSessionState(t *testing.T) {
cookie := w.Header().Get("Set-Cookie")
r.Header.Add("Cookie", cookie)
handler(http.HandlerFunc(mockedRequestHandler)).ServeHTTP(w, r)
handler(
http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte("from mock"))
}),
).ServeHTTP(w, r)
assert.Equal(t, "Bearer abcd", r.Header.Get("someHeader"))
}

2
middleware/http/oauth2clientcredentials/oauth2clientcredentials_middleware.go
View File

@ -117,7 +117,7 @@ func (m *Middleware) GetHandler(_ context.Context, metadata middleware.Metadata)
headerValue = cachedToken.(string)
}
w.Header().Add(meta.HeaderName, headerValue)
r.Header.Add(meta.HeaderName, headerValue)
next.ServeHTTP(w, r)
})
}, nil

8
middleware/http/oauth2clientcredentials/oauth2clientcredentials_middleware_test.go
View File

@ -119,7 +119,7 @@ func TestOAuth2ClientCredentialsToken(t *testing.T) {
handler(http.HandlerFunc(mockedRequestHandler)).ServeHTTP(w, r)
// Assertion
assert.Equal(t, "Bearer abcd", w.Header().Get("someHeader"))
assert.Equal(t, "Bearer abcd", r.Header.Get("someHeader"))
}
// TestOAuth2ClientCredentialsCache will check
@ -179,7 +179,7 @@ func TestOAuth2ClientCredentialsCache(t *testing.T) {
handler(http.HandlerFunc(mockedRequestHandler)).ServeHTTP(w, r)
// Assertion
assert.Equal(t, "Bearer abc", w.Header().Get("someHeader"))
assert.Equal(t, "Bearer abc", r.Header.Get("someHeader"))
// Second handler call should still return 'cached' abc Token
r = httptest.NewRequest(http.MethodGet, "http://dapr.io", nil)
@ -187,7 +187,7 @@ func TestOAuth2ClientCredentialsCache(t *testing.T) {
handler(http.HandlerFunc(mockedRequestHandler)).ServeHTTP(w, r)
// Assertion
assert.Equal(t, "Bearer abc", w.Header().Get("someHeader"))
assert.Equal(t, "Bearer abc", r.Header.Get("someHeader"))
// Wait at a second to invalidate cache entry for abc
time.Sleep(1 * time.Second)
@ -198,5 +198,5 @@ func TestOAuth2ClientCredentialsCache(t *testing.T) {
handler(http.HandlerFunc(mockedRequestHandler)).ServeHTTP(w, r)
// Assertion
assert.Equal(t, "MAC def", w.Header().Get("someHeader"))
assert.Equal(t, "MAC def", r.Header.Get("someHeader"))
}