Skip to content

Commit 2771224

Browse files
code-ashercode-asher
committed
Extract state from authURL
1 parent 2bdb90e commit 2771224

File tree

3 files changed

+9
-6
lines changed

3 files changed

+9
-6
lines changed

coderd/coderdtest/oidctest/helper.go

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -122,10 +122,13 @@ func (h *LoginHelper) ForceRefresh(t *testing.T, db database.Store, user *coders
122122
// unit tests, it's easier to skip this step sometimes. It does make an actual
123123
// request to the IDP, so it should be equivalent to doing this "manually" with
124124
// actual requests.
125-
//
126-
// TODO: Is state param optional? Can we grab it from the authURL?
127-
func OAuth2GetCode(authURL string, state string, doRequest func(req *http.Request) (*http.Response, error)) (string, error) {
128-
r, err := http.NewRequestWithContext(context.Background(), http.MethodGet, authURL, nil)
125+
func OAuth2GetCode(rawAuthURL string, doRequest func(req *http.Request) (*http.Response, error)) (string, error) {
126+
authURL, err := url.Parse(rawAuthURL)
127+
if err != nil {
128+
return "", xerrors.Errorf("failed to parse auth URL: %w", err)
129+
}
130+
131+
r, err := http.NewRequestWithContext(context.Background(), http.MethodGet, rawAuthURL, nil)
129132
if err != nil {
130133
return "", xerrors.Errorf("failed to create auth request: %w", err)
131134
}
@@ -156,6 +159,7 @@ func OAuth2GetCode(authURL string, state string, doRequest func(req *http.Reques
156159
return "", xerrors.Errorf("expected code in redirect location")
157160
}
158161

162+
state := authURL.Query().Get("state")
159163
newState := toURL.Query().Get("state")
160164
if newState != state {
161165
return "", xerrors.Errorf("expected state %q, got %q", state, newState)

coderd/coderdtest/oidctest/idp.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -539,7 +539,7 @@ func (f *FakeIDP) CreateAuthCode(t testing.TB, state string) string {
539539
// it expects some claims to be present.
540540
f.stateToIDTokenClaims.Store(state, jwt.MapClaims{})
541541

542-
code, err := OAuth2GetCode(f.cfg.AuthCodeURL(state), state, func(req *http.Request) (*http.Response, error) {
542+
code, err := OAuth2GetCode(f.cfg.AuthCodeURL(state), func(req *http.Request) (*http.Response, error) {
543543
rw := httptest.NewRecorder()
544544
f.handler.ServeHTTP(rw, req)
545545
resp := rw.Result()

enterprise/coderd/oauth2_test.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -945,7 +945,6 @@ func authorizationFlow(ctx context.Context, client *codersdk.Client, cfg *oauth2
945945
state := uuid.NewString()
946946
return oidctest.OAuth2GetCode(
947947
cfg.AuthCodeURL(state),
948-
state,
949948
func(req *http.Request) (*http.Response, error) {
950949
// TODO: Would be better if client had a .Do() method.
951950
// TODO: Is this the best way to handle redirects?

0 commit comments

Comments
 (0)