diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/app.go | 11 | ||||
| -rw-r--r-- | app/init.go | 6 | ||||
| -rw-r--r-- | app/middleware/id_token.go | 8 | ||||
| -rw-r--r-- | app/middleware/id_token_test.go | 3 |
4 files changed, 12 insertions, 16 deletions
@@ -4,6 +4,7 @@ import ( "net/http" "path/filepath" + xoidc "github.com/coreos/go-oidc/v3/oidc" "github.com/rs/zerolog" "github.com/xlgmokha/x/pkg/ioc" "github.com/xlgmokha/x/pkg/log" @@ -12,7 +13,7 @@ import ( "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sparkles" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/middleware" - "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc" + "golang.org/x/oauth2" ) type Mountable interface { @@ -35,9 +36,11 @@ func New(rootDir string) http.Handler { mux.Handle("GET /", http.FileServer(dir)) logger := ioc.MustResolve[*zerolog.Logger](ioc.Default) - oidc := ioc.MustResolve[*oidc.OpenID](ioc.Default) users := ioc.MustResolve[domain.Repository[*domain.User]](ioc.Default) - - chain := middleware.IDToken(oidc, middleware.IDTokenFromSessionCookie)(middleware.User(users)(mux)) + chain := middleware.IDToken( + ioc.MustResolve[*xoidc.Provider](ioc.Default), + ioc.MustResolve[*oauth2.Config](ioc.Default), + middleware.IDTokenFromSessionCookie, + )(middleware.User(users)(mux)) return log.HTTP(logger)(chain) } diff --git a/app/init.go b/app/init.go index ad87424..0d3fb42 100644 --- a/app/init.go +++ b/app/init.go @@ -64,12 +64,6 @@ func init() { Scopes: []string{xoidc.ScopeOpenID, "profile", "email"}, } }) - ioc.RegisterSingleton[*oidc.OpenID](ioc.Default, func() *oidc.OpenID { - return oidc.New( - ioc.MustResolve[*xoidc.Provider](ioc.Default), - ioc.MustResolve[*oauth2.Config](ioc.Default), - ) - }) http.DefaultClient = ioc.MustResolve[*http.Client](ioc.Default) } diff --git a/app/middleware/id_token.go b/app/middleware/id_token.go index cc5e79b..bfc6289 100644 --- a/app/middleware/id_token.go +++ b/app/middleware/id_token.go @@ -3,22 +3,22 @@ package middleware import ( "net/http" - xoidc "github.com/coreos/go-oidc/v3/oidc" + "github.com/coreos/go-oidc/v3/oidc" "github.com/xlgmokha/x/pkg/log" "github.com/xlgmokha/x/pkg/x" xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" - "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web" + "golang.org/x/oauth2" ) -func IDToken(cfg *oidc.OpenID, parsers ...TokenParser) func(http.Handler) http.Handler { +func IDToken(provider *oidc.Provider, config *oauth2.Config, parsers ...TokenParser) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { for _, parser := range parsers { rawIDToken := parser(r) if x.IsPresent(rawIDToken) { - verifier := cfg.Provider.VerifierContext(r.Context(), &xoidc.Config{ClientID: cfg.Config.ClientID}) + verifier := provider.VerifierContext(r.Context(), &oidc.Config{ClientID: config.ClientID}) idToken, err := verifier.Verify(r.Context(), rawIDToken.String()) if err != nil { diff --git a/app/middleware/id_token_test.go b/app/middleware/id_token_test.go index bdeaa49..6ee9ce1 100644 --- a/app/middleware/id_token_test.go +++ b/app/middleware/id_token_test.go @@ -26,8 +26,7 @@ func TestIDToken(t *testing.T) { Endpoint: srv.Provider.Endpoint(), Scopes: []string{xoidc.ScopeOpenID, "profile", "email"}, } - openID := oidc.New(srv.Provider, config) - middleware := IDToken(openID, IDTokenFromSessionCookie) + middleware := IDToken(srv.Provider, config, IDTokenFromSessionCookie) t.Run("when an active session cookie is provided", func(t *testing.T) { t.Run("attaches the token to the request context", func(t *testing.T) { |