Penpot/penpot
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-02-03 21:09:00 -05:00
Code Issues Activity

🐛 Fix issues on github oauth integration

Browse source
This commit is contained in:
Andrey Antukh 2022-03-09 16:39:11 +01:00
parent edf53840de
commit 9841a39d04
1 changed files with 19 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
backend/src/app/http/oauth.clj
View file

@ -57,7 +57,8 @@
:grant_type "authorization_code" :grant_type "authorization_code"
:redirect_uri (build-redirect-uri cfg)} :redirect_uri (build-redirect-uri cfg)}
req {:method :post req {:method :post
:headers {"content-type" "application/x-www-form-urlencoded"} :headers {"content-type" "application/x-www-form-urlencoded"
"accept" "application/json"}
:uri (:token-uri provider) :uri (:token-uri provider)
:body (u/map->query-string params)}] :body (u/map->query-string params)}]
(p/then (p/then
@ -69,8 +70,8 @@
:type (get data :token_type)}) :type (get data :token_type)})
(ex/raise :type :internal (ex/raise :type :internal
:code :unable-to-retrieve-token :code :unable-to-retrieve-token
::http-status status :http-status status
::http-body body)))))) :http-body body))))))
(defn- retrieve-user-info (defn- retrieve-user-info
[{:keys [provider http-client] :as cfg} tdata] [{:keys [provider http-client] :as cfg} tdata]
@ -92,11 +93,14 @@
(l/warn :hint "received incomplete profile info object (please set correct scopes)" (l/warn :hint "received incomplete profile info object (please set correct scopes)"
:info (pr-str info)) :info (pr-str info))
(ex/raise :type :internal (ex/raise :type :internal
:code :unable-to-auth :code :incomplete-user-info
:hint "no user info")) :hint "inconmplete user info"
:info info))
info) info)
(ex/raise :type :internal (ex/raise :type :internal
:code :unable-to-retrieve-user-info :code :unable-to-retrieve-user-info
:hint "unable to retrieve user info"
:http-status status :http-status status
:http-body body))))) :http-body body)))))
@ -104,7 +108,6 @@
(s/def ::email ::us/not-empty-string) (s/def ::email ::us/not-empty-string)
(s/def ::fullname ::us/not-empty-string) (s/def ::fullname ::us/not-empty-string)
(s/def ::props (s/map-of ::us/keyword any?)) (s/def ::props (s/map-of ::us/keyword any?))
(s/def ::info (s/def ::info
(s/keys :req-un [::backend (s/keys :req-un [::backend
::email ::email
@ -112,7 +115,7 @@
::props])) ::props]))
(defn retrieve-info (defn retrieve-info
[{:keys [tokens provider] :as cfg} request] [{:keys [tokens provider] :as cfg} {:keys [params] :as request}]
(letfn [(validate-oidc [info] (letfn [(validate-oidc [info]
;; If the provider is OIDC, we can proceed to check ;; If the provider is OIDC, we can proceed to check
;; roles if they are defined. ;; roles if they are defined.
@ -143,9 +146,15 @@
(map? (:props state)) (map? (:props state))
(update :props merge (:props state))))] (update :props merge (:props state))))]
(let [state (get-in request [:params :state]) (when-let [error (get params :error)]
state (tokens :verify {:token state :iss :oauth}) (ex/raise :type :internal
code (get-in request [:params :code])] :code :error-on-retrieving-code
:error-id error
:error-desc (get params :error_description)))
(let [state (get params :state)
code (get params :code)
state (tokens :verify {:token state :iss :oauth})]
(-> (p/resolved code) (-> (p/resolved code)
(p/then #(retrieve-access-token cfg %)) (p/then #(retrieve-access-token cfg %))
(p/then #(retrieve-user-info cfg %)) (p/then #(retrieve-user-info cfg %))