rename User ID Key to User ID Path

jordemort · Aug 1, 2020 · 399f3da · 399f3da
1 parent 189e4a1
commit 399f3da
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 20 deletions.
diff --git a/internal/config.go b/internal/config.go
@@ -38,7 +38,7 @@ type Config struct {
 	MatchWhitelistOrDomain bool                 `long:"match-whitelist-or-domain" env:"MATCH_WHITELIST_OR_DOMAIN" description:"Allow users that match *either* whitelist or domain (enabled by default in v3)"`
 	Path                   string               `long:"url-path" env:"URL_PATH" default:"/_oauth" description:"Callback URL Path"`
 	SecretString           string               `long:"secret" env:"SECRET" description:"Secret used for signing (required)" json:"-"`
-	UserIDKey              string               `long:"user-id-key" env:"USER_ID_KEY" default:"email" description:"Key used to grab the UserID for use in whitelist and X-Forwarded-User"`
+	UserIDPath             string               `long:"user-id-path" env:"USER_ID_PATH" default:"email" description:"Dot notation path of a UserID for use with whitelist and X-Forwarded-User"`
 	Whitelist              CommaSeparatedList   `long:"whitelist" env:"WHITELIST" env-delim:"," description:"Only allow given email addresses, comma delimited, can be set multiple times"`
 
 	Providers provider.Providers `group:"providers" namespace:"providers" env-namespace:"PROVIDERS"`
@@ -318,9 +318,7 @@ func (c *Config) setupProvider(name string) error {
 	}
 
 	// Setup
-	err = p.Setup()
-
-	if err != nil {
+	if err := p.Setup(); err != nil {
 		return err
 	}
 

diff --git a/internal/provider/generic_oauth.go b/internal/provider/generic_oauth.go
@@ -66,7 +66,7 @@ func (o *GenericOAuth) ExchangeCode(redirectURI, code string) (string, error) {
 }
 
 // GetUser uses the given token and returns a UserID
-func (o *GenericOAuth) GetUser(token, userIDKey string) (UserID, error) {
+func (o *GenericOAuth) GetUser(token, userIDPath string) (UserID, error) {
 	req, err := http.NewRequest("GET", o.UserURL, nil)
 	if err != nil {
 		return "", err
@@ -87,5 +87,5 @@ func (o *GenericOAuth) GetUser(token, userIDKey string) (UserID, error) {
 	}
 	defer res.Body.Close()
 
-	return GetUserID(res.Body, userIDKey)
+	return GetUserID(res.Body, userIDPath)
 }
diff --git a/internal/provider/google.go b/internal/provider/google.go
@@ -92,8 +92,8 @@ func (g *Google) ExchangeCode(redirectURI, code string) (string, error) {
 	return token.Token, err
 }
 
-// GetUser uses the given token and returns a userID
-func (g *Google) GetUser(token, userIDKey string) (UserID, error) {
+// GetUser uses the given token and returns a userID located at the json path
+func (g *Google) GetUser(token, userIDPath string) (UserID, error) {
 	client := &http.Client{}
 	req, err := http.NewRequest("GET", g.UserURL.String(), nil)
 	if err != nil {
@@ -107,5 +107,5 @@ func (g *Google) GetUser(token, userIDKey string) (UserID, error) {
 	}
 
 	defer res.Body.Close()
-	return GetUserID(res.Body, userIDKey)
+	return GetUserID(res.Body, userIDPath)
 }
diff --git a/internal/provider/oidc.go b/internal/provider/oidc.go
@@ -81,7 +81,6 @@ func (o *OIDC) ExchangeCode(redirectURI, code string) (string, error) {
 
 // GetUser uses the given token and returns a complete provider.User object
 func (o *OIDC) GetUser(token, _ string) (UserID, error) {
-
 	// Parse & Verify ID Token
 	idToken, err := o.verifier.Verify(o.ctx, token)
 	if err != nil {

diff --git a/internal/provider/providers.go b/internal/provider/providers.go
@@ -23,7 +23,7 @@ type Provider interface {
 	Name() string
 	GetLoginURL(redirectURI, state string) string
 	ExchangeCode(redirectURI, code string) (string, error)
-	GetUser(token, userIDKey string) (string, error)
+	GetUser(token, userIDPath string) (string, error)
 	Setup() error
 }
 
@@ -36,21 +36,20 @@ type User struct {
 	Email string `json:"email"`
 }
 
+// UserID is a type used to represent a uniquely identified user
 type UserID = string
 
-func GetUserID(r io.Reader, key string) (UserID, error) {
-	jsonParsed, err := gabs.ParseJSONBuffer(r)
+// GetUserID extracts a UserID located at the (dot notation) path (userIDPath) in the json io.Reader
+func GetUserID(r io.Reader, userIDPath string) (UserID, error) {
+	json, err := gabs.ParseJSONBuffer(r)
 	if err != nil {
 		return "", err
 	}
-	return GetKeyDataFromJson(jsonParsed, key)
-}
 
-func GetKeyDataFromJson(json *gabs.Container, key string) (UserID, error) {
-	if !json.ExistsP(key) {
-		return "", errors.New("Invalid User ID Key: " + key + " in json:" + string(json.Bytes()))
+	if !json.ExistsP(userIDPath) {
+		return "", errors.New("Invalid User ID Path: " + userIDPath + " in json:" + string(json.Bytes()))
 	}
-	return fmt.Sprintf("%v", json.Path(key).Data()), nil
+	return fmt.Sprintf("%v", json.Path(userIDPath).Data()), nil
 }
 
 // OAuthProvider is a provider using the oauth2 library

diff --git a/internal/server.go b/internal/server.go
@@ -164,7 +164,7 @@ func (s *Server) AuthCallbackHandler() http.HandlerFunc {
 		}
 
 		// Get user
-		user, err := p.GetUser(token, config.UserIDKey)
+		user, err := p.GetUser(token, config.UserIDPath)
 		if err != nil {
 			logger.WithField("error", err).Error("Error getting user")
 			http.Error(w, "Service unavailable", 503)