southfox/miniflux
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Prevent empty username when using the OIDC integration

Browse source
This commit is contained in:
Frédéric Guillot 2023-09-08 18:01:17 -07:00
parent 36f013670e
commit ab0c4ec0f5
2 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
internal/oauth2/google.go
View file

@ -49,20 +49,20 @@ func (g *googleProvider) GetProfile(ctx context.Context, code, codeVerifier stri
conf := g.GetConfig()
token, err := conf.Exchange(ctx, code, oauth2.SetAuthURLParam("code_verifier", codeVerifier))
if err != nil {
return nil, err
return nil, fmt.Errorf("google: failed to exchange token: %w", err)
}
client := conf.Client(ctx, token)
resp, err := client.Get("https://www.googleapis.com/oauth2/v3/userinfo")
if err != nil {
return nil, err
return nil, fmt.Errorf("google: failed to get user info: %w", err)
}
defer resp.Body.Close()
var user googleProfile
decoder := json.NewDecoder(resp.Body)
if err := decoder.Decode(&user); err != nil {
return nil, fmt.Errorf("oauth2: unable to unserialize google profile: %v", err)
return nil, fmt.Errorf("google: unable to unserialize Google profile: %w", err)
}
profile := &Profile{Key: g.GetUserExtraKey(), ID: user.Sub, Username: user.Email}

15
internal/oauth2/oidc.go
View file

@ -5,6 +5,8 @@ package oauth2 // import "miniflux.app/v2/internal/oauth2"
import (
"context"
"errors"
"fmt"
"miniflux.app/v2/internal/model"
@ -12,6 +14,10 @@ import (
"golang.org/x/oauth2"
)
var (
ErrEmptyUsername = errors.New("oidc: username is empty")
)
type oidcProvider struct {
clientID string
clientSecret string
@ -46,15 +52,20 @@ func (o *oidcProvider) GetProfile(ctx context.Context, code, codeVerifier string
conf := o.GetConfig()
token, err := conf.Exchange(ctx, code, oauth2.SetAuthURLParam("code_verifier", codeVerifier))
if err != nil {
return nil, err
return nil, fmt.Errorf(`oidc: failed to exchange token: %w`, err)
}
userInfo, err := o.provider.UserInfo(ctx, oauth2.StaticTokenSource(token))
if err != nil {
return nil, err
return nil, fmt.Errorf(`oidc: failed to get user info: %w`, err)
}
profile := &Profile{Key: o.GetUserExtraKey(), ID: userInfo.Subject, Username: userInfo.Email}
if profile.Username == "" {
return nil, ErrEmptyUsername
}
return profile, nil
}