diff --git a/Makefile b/Makefile index 96d0f6c950e..14954314100 100644 --- a/Makefile +++ b/Makefile @@ -110,7 +110,7 @@ gen: mocks sqlbin sdk # Generates the SDKs .PHONY: sdk sdk: .bin/cli - swagger generate spec -m -o ./.schema/api.swagger.json -x internal/httpclient,gopkg.in/square/go-jose.v2 + swagger generate spec -m -o ./.schema/api.swagger.json -x internal/httpclient -x gopkg.in/square/go-jose.v2 cli dev swagger sanitize ./.schema/api.swagger.json swagger flatten --with-flatten=remove-unused -o ./.schema/api.swagger.json ./.schema/api.swagger.json swagger validate ./.schema/api.swagger.json diff --git a/consent/sdk_test.go b/consent/sdk_test.go index 8b76fd2bcab..64c331747d8 100644 --- a/consent/sdk_test.go +++ b/consent/sdk_test.go @@ -130,7 +130,7 @@ func TestSDK(t *testing.T) { require.NoError(t, err) assert.Equal(t, 1, len(csGot.Payload)) cs := csGot.Payload[0] - assert.Equal(t, "challenge3", cs.ConsentRequest.Challenge) + assert.Equal(t, "challenge3", *cs.ConsentRequest.Challenge) csGot, err = sdk.Admin.ListSubjectConsentSessions(admin.NewListSubjectConsentSessionsParams().WithSubject("subject2")) require.NoError(t, err) @@ -142,7 +142,7 @@ func TestSDK(t *testing.T) { luaGot, err := sdk.Admin.AcceptLogoutRequest(admin.NewAcceptLogoutRequestParams().WithLogoutChallenge("challengetestsdk-1")) require.NoError(t, err) - assert.EqualValues(t, "https://www.ory.sh/oauth2/sessions/logout?logout_verifier=verifiertestsdk-1", luaGot.Payload.RedirectTo) + assert.EqualValues(t, "https://www.ory.sh/oauth2/sessions/logout?logout_verifier=verifiertestsdk-1", *luaGot.Payload.RedirectTo) _, err = sdk.Admin.RejectLogoutRequest(admin.NewRejectLogoutRequestParams().WithLogoutChallenge("challengetestsdk-2")) require.NoError(t, err) @@ -152,14 +152,14 @@ func TestSDK(t *testing.T) { } func compareSDKLoginRequest(t *testing.T, expected *LoginRequest, got models.LoginRequest) { - assert.EqualValues(t, expected.Challenge, got.Challenge) - assert.EqualValues(t, expected.Subject, got.Subject) - assert.EqualValues(t, expected.Skip, got.Skip) + assert.EqualValues(t, expected.Challenge, *got.Challenge) + assert.EqualValues(t, expected.Subject, *got.Subject) + assert.EqualValues(t, expected.Skip, *got.Skip) assert.EqualValues(t, expected.Client.GetID(), got.Client.ClientID) } func compareSDKConsentRequest(t *testing.T, expected *ConsentRequest, got models.ConsentRequest) { - assert.EqualValues(t, expected.Challenge, got.Challenge) + assert.EqualValues(t, expected.Challenge, *got.Challenge) assert.EqualValues(t, expected.Subject, got.Subject) assert.EqualValues(t, expected.Skip, got.Skip) assert.EqualValues(t, expected.Client.GetID(), got.Client.ClientID) diff --git a/consent/strategy_default_test.go b/consent/strategy_default_test.go index 5e735b05bfa..d13855490d5 100644 --- a/consent/strategy_default_test.go +++ b/consent/strategy_default_test.go @@ -109,7 +109,7 @@ func acceptRequest(apiClient *hydra.OryHydra, consent *models.AcceptConsentReque WithBody(consent)) require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } } } @@ -160,8 +160,8 @@ func acceptLogoutChallenge(api *hydra.OryHydra, key string) func(t *testing.T) f redir, err := api.Admin.AcceptLogoutRequest(admin.NewAcceptLogoutRequestParams().WithLogoutChallenge(c)) require.NoError(t, err) - assert.Contains(t, redir.Payload.RedirectTo, "?logout_verifier") - http.Redirect(w, r, redir.Payload.RedirectTo, http.StatusFound) + assert.Contains(t, *redir.Payload.RedirectTo, "?logout_verifier") + http.Redirect(w, r, *redir.Payload.RedirectTo, http.StatusFound) } } } @@ -598,12 +598,12 @@ func TestStrategyLoginConsent(t *testing.T) { lr := res.Payload assert.NotEmpty(t, lr.Challenge) - assert.EqualValues(t, r.URL.Query().Get("login_challenge"), lr.Challenge) + assert.EqualValues(t, r.URL.Query().Get("login_challenge"), *lr.Challenge) assert.EqualValues(t, "client-id", lr.Client.ClientID) assert.EqualValues(t, []string{"scope-a"}, lr.RequestedScope) - assert.Contains(t, lr.RequestURL, "/oauth2/auth?login_verifier=&consent_verifier=&") - assert.EqualValues(t, false, lr.Skip) - assert.EqualValues(t, "", lr.Subject) + assert.Contains(t, *lr.RequestURL, "/oauth2/auth?login_verifier=&consent_verifier=&") + assert.EqualValues(t, false, *lr.Skip) + assert.EqualValues(t, "", *lr.Subject) assert.EqualValues(t, &models.OpenIDConnectContext{AcrValues: nil, Display: "page", UILocales: []string{"de", "en"}}, lr.OidcContext, "%s", res.Payload) w.WriteHeader(http.StatusNoContent) } @@ -629,8 +629,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) lr := vr.Payload - assert.NotEmpty(t, lr.RedirectTo) - http.Redirect(w, r, lr.RedirectTo, http.StatusFound) + assert.NotEmpty(t, *lr.RedirectTo) + http.Redirect(w, r, *lr.RedirectTo, http.StatusFound) } }, expectFinalStatusCode: http.StatusBadRequest, @@ -663,8 +663,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) lr := rrr.Payload - assert.NotEmpty(t, lr.Challenge) - assert.EqualValues(t, r.URL.Query().Get("consent_challenge"), lr.Challenge) + assert.NotEmpty(t, *lr.Challenge) + assert.EqualValues(t, r.URL.Query().Get("consent_challenge"), *lr.Challenge) assert.EqualValues(t, "client-id", lr.Client.ClientID) assert.EqualValues(t, []string{"scope-a"}, lr.RequestedScope) assert.Contains(t, lr.RequestURL, "/oauth2/auth?login_verifier=&consent_verifier=&") @@ -709,8 +709,8 @@ func TestStrategyLoginConsent(t *testing.T) { ) require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, expectFinalStatusCode: http.StatusBadRequest, @@ -785,7 +785,7 @@ func TestStrategyLoginConsent(t *testing.T) { return func(w http.ResponseWriter, r *http.Request) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) - require.True(t, res.Payload.Skip) + require.True(t, *res.Payload.Skip) passAuthentication(apiClient, true)(t)(w, r) } }, @@ -819,7 +819,7 @@ func TestStrategyLoginConsent(t *testing.T) { return func(w http.ResponseWriter, r *http.Request) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) - require.True(t, res.Payload.Skip) + require.True(t, *res.Payload.Skip) passAuthentication(apiClient, true)(t)(w, r) } }, @@ -855,7 +855,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) lr := res.Payload - assert.True(t, lr.Skip) + assert.True(t, *lr.Skip) assert.NotEmpty(t, lr.SessionID) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). @@ -870,8 +870,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -953,7 +953,7 @@ func TestStrategyLoginConsent(t *testing.T) { // rr, res, err := apiClient.GetLoginRequest(r.URL.Query().Get("login_challenge")) // require.NoError(t, err) // require.EqualValues(t, http.StatusOK, res.StatusCode) - // assert.True(t, rr.Skip) + // assert.True(t, *rr.Skip) // assert.Equal(t, "user", rr.Subject) // // v, res, err := apiClient.AcceptLoginRequest(r.URL.Query().Get("login_challenge"), swagger.AcceptLoginRequest{ @@ -964,8 +964,8 @@ func TestStrategyLoginConsent(t *testing.T) { // }) // require.NoError(t, err) // require.EqualValues(t, http.StatusOK, res.StatusCode) - // require.NotEmpty(t, v.RedirectTo) - // http.Redirect(w, r, v.RedirectTo, http.StatusFound) + // require.NotEmpty(t, *v.RedirectTo) + // http.Redirect(w, r, *v.RedirectTo, http.StatusFound) // } // }, // cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -973,7 +973,7 @@ func TestStrategyLoginConsent(t *testing.T) { // rr, res, err := apiClient.GetConsentRequest(r.URL.Query().Get("consent_challenge")) // require.NoError(t, err) // require.EqualValues(t, http.StatusOK, res.StatusCode) - // assert.False(t, rr.Skip) + // assert.False(t, *rr.Skip) // assert.Equal(t, "client-id", rr.Client.ID) // assert.Equal(t, "user", rr.Subject) // @@ -988,8 +988,8 @@ func TestStrategyLoginConsent(t *testing.T) { // }) // require.NoError(t, err) // require.EqualValues(t, http.StatusOK, res.StatusCode) - // require.NotEmpty(t, v.RedirectTo) - // http.Redirect(w, r, v.RedirectTo, http.StatusFound) + // require.NotEmpty(t, *v.RedirectTo) + // http.Redirect(w, r, *v.RedirectTo, http.StatusFound) // } // }, // expectFinalStatusCode: http.StatusOK, @@ -1016,8 +1016,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) lr := res.Payload - assert.True(t, lr.Skip) - assert.Equal(t, "user", lr.Subject) + assert.True(t, *lr.Skip) + assert.Equal(t, "user", *lr.Subject) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -1046,8 +1046,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) rr := res.Payload - assert.True(t, rr.Skip) - assert.Equal(t, "user", rr.Subject) + assert.True(t, *rr.Skip) + assert.Equal(t, "user", *rr.Subject) assert.Empty(t, rr.Client.ClientSecret) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). @@ -1061,8 +1061,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -1103,7 +1103,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -1116,8 +1116,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -1140,8 +1140,8 @@ func TestStrategyLoginConsent(t *testing.T) { var v models.CompletedRequest require.NoError(t, json.NewDecoder(hres.Body).Decode(&v)) require.EqualValues(t, http.StatusOK, hres.StatusCode) - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, expectFinalStatusCode: http.StatusOK, @@ -1168,7 +1168,7 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -1181,8 +1181,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -1241,8 +1241,8 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.True(t, rr.Skip) - assert.Equal(t, "user", rr.Subject) + assert.True(t, *rr.Skip) + assert.Equal(t, "user", *rr.Subject) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -1255,8 +1255,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, expectFinalStatusCode: http.StatusBadRequest, @@ -1273,7 +1273,7 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -1286,8 +1286,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -1324,7 +1324,7 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -1337,8 +1337,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, expectFinalStatusCode: fosite.ErrLoginRequired.StatusCode(), @@ -1355,7 +1355,7 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -1368,8 +1368,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -1393,8 +1393,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, expectFinalStatusCode: http.StatusOK, @@ -1443,7 +1443,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1481,8 +1481,8 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1516,7 +1516,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1555,7 +1555,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1590,7 +1590,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1614,7 +1614,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1631,7 +1631,7 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) assert.Empty(t, "", rr.Subject) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). @@ -1643,7 +1643,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1660,7 +1660,7 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) assert.Empty(t, "", rr.Subject) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). @@ -1672,7 +1672,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: acceptRequest(apiClient, nil), @@ -1690,8 +1690,8 @@ func TestStrategyLoginConsent(t *testing.T) { res, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) rr := res.Payload - assert.False(t, rr.Skip) - assert.EqualValues(t, "", rr.Subject) + assert.False(t, *rr.Skip) + assert.EqualValues(t, "", *rr.Subject) assert.EqualValues(t, "foouser", rr.OidcContext.IDTokenHintClaims.(map[string]interface{})["sub"]) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). @@ -1703,7 +1703,7 @@ func TestStrategyLoginConsent(t *testing.T) { require.NoError(t, err) v := vr.Payload - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, expectFinalStatusCode: http.StatusBadRequest, diff --git a/consent/strategy_helper_test.go b/consent/strategy_helper_test.go index 1359ce41323..dec072cf0b1 100644 --- a/consent/strategy_helper_test.go +++ b/consent/strategy_helper_test.go @@ -44,7 +44,7 @@ var passAuthentication = func(apiClient *client.OryHydra, remember bool) func(t })) require.NoError(t, err) require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } } } @@ -63,7 +63,7 @@ var passAuthorization = func(apiClient *client.OryHydra, remember bool) func(t * })) require.NoError(t, err) require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } } } diff --git a/internal/httpclient/models/completed_request.go b/internal/httpclient/models/completed_request.go index 06bfb45fcdc..ea54e898220 100644 --- a/internal/httpclient/models/completed_request.go +++ b/internal/httpclient/models/completed_request.go @@ -6,8 +6,10 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" + "github.com/go-openapi/validate" ) // CompletedRequest The response payload sent when accepting or rejecting a login or consent request. @@ -16,11 +18,30 @@ import ( type CompletedRequest struct { // RedirectURL is the URL which you should redirect the user to once the authentication process is completed. - RedirectTo string `json:"redirect_to,omitempty"` + // Required: true + RedirectTo *string `json:"redirect_to"` } // Validate validates this completed request func (m *CompletedRequest) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateRedirectTo(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *CompletedRequest) validateRedirectTo(formats strfmt.Registry) error { + + if err := validate.Required("redirect_to", "body", m.RedirectTo); err != nil { + return err + } + return nil } diff --git a/internal/httpclient/models/consent_request.go b/internal/httpclient/models/consent_request.go index 5ebea1cc60d..9961b19df36 100644 --- a/internal/httpclient/models/consent_request.go +++ b/internal/httpclient/models/consent_request.go @@ -9,6 +9,7 @@ import ( "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" + "github.com/go-openapi/validate" ) // ConsentRequest Contains information on an ongoing consent request. @@ -22,7 +23,8 @@ type ConsentRequest struct { // Challenge is the identifier ("authorization challenge") of the consent authorization request. It is used to // identify the session. - Challenge string `json:"challenge,omitempty"` + // Required: true + Challenge *string `json:"challenge"` // client Client *OAuth2Client `json:"client,omitempty"` @@ -68,6 +70,10 @@ type ConsentRequest struct { func (m *ConsentRequest) Validate(formats strfmt.Registry) error { var res []error + if err := m.validateChallenge(formats); err != nil { + res = append(res, err) + } + if err := m.validateClient(formats); err != nil { res = append(res, err) } @@ -90,6 +96,15 @@ func (m *ConsentRequest) Validate(formats strfmt.Registry) error { return nil } +func (m *ConsentRequest) validateChallenge(formats strfmt.Registry) error { + + if err := validate.Required("challenge", "body", m.Challenge); err != nil { + return err + } + + return nil +} + func (m *ConsentRequest) validateClient(formats strfmt.Registry) error { if swag.IsZero(m.Client) { // not required diff --git a/internal/httpclient/models/login_request.go b/internal/httpclient/models/login_request.go index f8630bbbc8b..f6856e01583 100644 --- a/internal/httpclient/models/login_request.go +++ b/internal/httpclient/models/login_request.go @@ -9,6 +9,7 @@ import ( "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" + "github.com/go-openapi/validate" ) // LoginRequest Contains information on an ongoing login request. @@ -18,10 +19,12 @@ type LoginRequest struct { // Challenge is the identifier ("login challenge") of the login request. It is used to // identify the session. - Challenge string `json:"challenge,omitempty"` + // Required: true + Challenge *string `json:"challenge"` // client - Client *OAuth2Client `json:"client,omitempty"` + // Required: true + Client *OAuth2Client `json:"client"` // oidc context OidcContext *OpenIDConnectContext `json:"oidc_context,omitempty"` @@ -29,13 +32,16 @@ type LoginRequest struct { // RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which // initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but // might come in handy if you want to deal with additional request parameters. - RequestURL string `json:"request_url,omitempty"` + // Required: true + RequestURL *string `json:"request_url"` // requested access token audience - RequestedAccessTokenAudience StringSlicePipeDelimiter `json:"requested_access_token_audience,omitempty"` + // Required: true + RequestedAccessTokenAudience StringSlicePipeDelimiter `json:"requested_access_token_audience"` // requested scope - RequestedScope StringSlicePipeDelimiter `json:"requested_scope,omitempty"` + // Required: true + RequestedScope StringSlicePipeDelimiter `json:"requested_scope"` // SessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) // this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) @@ -47,18 +53,24 @@ type LoginRequest struct { // If true, you can skip asking the user to grant the requested scopes, and simply forward the user to the redirect URL. // // This feature allows you to update / set session information. - Skip bool `json:"skip,omitempty"` + // Required: true + Skip *bool `json:"skip"` // Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope // requested by the OAuth 2.0 client. If this value is set and `skip` is true, you MUST include this subject type // when accepting the login request, or the request will fail. - Subject string `json:"subject,omitempty"` + // Required: true + Subject *string `json:"subject"` } // Validate validates this login request func (m *LoginRequest) Validate(formats strfmt.Registry) error { var res []error + if err := m.validateChallenge(formats); err != nil { + res = append(res, err) + } + if err := m.validateClient(formats); err != nil { res = append(res, err) } @@ -67,6 +79,10 @@ func (m *LoginRequest) Validate(formats strfmt.Registry) error { res = append(res, err) } + if err := m.validateRequestURL(formats); err != nil { + res = append(res, err) + } + if err := m.validateRequestedAccessTokenAudience(formats); err != nil { res = append(res, err) } @@ -75,16 +91,33 @@ func (m *LoginRequest) Validate(formats strfmt.Registry) error { res = append(res, err) } + if err := m.validateSkip(formats); err != nil { + res = append(res, err) + } + + if err := m.validateSubject(formats); err != nil { + res = append(res, err) + } + if len(res) > 0 { return errors.CompositeValidationError(res...) } return nil } +func (m *LoginRequest) validateChallenge(formats strfmt.Registry) error { + + if err := validate.Required("challenge", "body", m.Challenge); err != nil { + return err + } + + return nil +} + func (m *LoginRequest) validateClient(formats strfmt.Registry) error { - if swag.IsZero(m.Client) { // not required - return nil + if err := validate.Required("client", "body", m.Client); err != nil { + return err } if m.Client != nil { @@ -117,10 +150,19 @@ func (m *LoginRequest) validateOidcContext(formats strfmt.Registry) error { return nil } +func (m *LoginRequest) validateRequestURL(formats strfmt.Registry) error { + + if err := validate.Required("request_url", "body", m.RequestURL); err != nil { + return err + } + + return nil +} + func (m *LoginRequest) validateRequestedAccessTokenAudience(formats strfmt.Registry) error { - if swag.IsZero(m.RequestedAccessTokenAudience) { // not required - return nil + if err := validate.Required("requested_access_token_audience", "body", m.RequestedAccessTokenAudience); err != nil { + return err } if err := m.RequestedAccessTokenAudience.Validate(formats); err != nil { @@ -135,8 +177,8 @@ func (m *LoginRequest) validateRequestedAccessTokenAudience(formats strfmt.Regis func (m *LoginRequest) validateRequestedScope(formats strfmt.Registry) error { - if swag.IsZero(m.RequestedScope) { // not required - return nil + if err := validate.Required("requested_scope", "body", m.RequestedScope); err != nil { + return err } if err := m.RequestedScope.Validate(formats); err != nil { @@ -149,6 +191,24 @@ func (m *LoginRequest) validateRequestedScope(formats strfmt.Registry) error { return nil } +func (m *LoginRequest) validateSkip(formats strfmt.Registry) error { + + if err := validate.Required("skip", "body", m.Skip); err != nil { + return err + } + + return nil +} + +func (m *LoginRequest) validateSubject(formats strfmt.Registry) error { + + if err := validate.Required("subject", "body", m.Subject); err != nil { + return err + } + + return nil +} + // MarshalBinary interface implementation func (m *LoginRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/reject_request.go b/internal/httpclient/models/reject_request.go index bb75c9a11a3..37c02f35926 100644 --- a/internal/httpclient/models/reject_request.go +++ b/internal/httpclient/models/reject_request.go @@ -15,19 +15,24 @@ import ( // swagger:model rejectRequest type RejectRequest struct { - // error + // The error should follow the OAuth2 error format (e.g. `invalid_request`, `login_required`). + // + // Defaults to `request_denied`. Error string `json:"error,omitempty"` - // error debug + // Debug contains information to help resolve the problem as a developer. Usually not exposed + // to the public but only in the server logs. ErrorDebug string `json:"error_debug,omitempty"` - // error description + // Description of the error in a human readable format. ErrorDescription string `json:"error_description,omitempty"` - // error hint + // Hint to help resolve the error. ErrorHint string `json:"error_hint,omitempty"` - // status code + // Represents the HTTP status code of the error (e.g. 401 or 403) + // + // Defaults to 400 StatusCode int64 `json:"status_code,omitempty"` } diff --git a/oauth2/oauth2_auth_code_test.go b/oauth2/oauth2_auth_code_test.go index 1fe5d690c0d..712286d535d 100644 --- a/oauth2/oauth2_auth_code_test.go +++ b/oauth2/oauth2_auth_code_test.go @@ -90,8 +90,8 @@ func acceptLogin(apiClient *hydra.OryHydra, subject string, expectSkip bool, exp require.NoError(t, err) rr := rrr.Payload - assert.Equal(t, expectSkip, rr.Skip) - assert.EqualValues(t, expectSubject, rr.Subject) + assert.Equal(t, expectSkip, *rr.Skip) + assert.EqualValues(t, expectSubject, *rr.Subject) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -99,8 +99,8 @@ func acceptLogin(apiClient *hydra.OryHydra, subject string, expectSkip bool, exp require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } } } @@ -127,8 +127,8 @@ func acceptConsent(apiClient *hydra.OryHydra, scope []string, expectSkip bool, e require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } } } @@ -266,7 +266,7 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { return func(w http.ResponseWriter, r *http.Request) { rr, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) - assert.False(t, rr.Payload.Skip) + assert.False(t, *rr.Payload.Skip) assert.Empty(t, rr.Payload.Subject) v, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -275,8 +275,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { Context: map[string]interface{}{"context": "bar"}, })) require.NoError(t, err) - require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.Payload.RedirectTo) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -296,8 +296,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { }, })) require.NoError(t, err) - require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.Payload.RedirectTo) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { @@ -340,8 +340,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { Subject: pointerx.String("user-a"), Remember: true, RememberFor: 0, Acr: "1", })) require.NoError(t, err) - require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.Payload.RedirectTo) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -360,8 +360,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { @@ -389,7 +389,7 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { return func(w http.ResponseWriter, r *http.Request) { challenge, err := apiClient.Admin.GetLoginRequest(admin.NewGetLoginRequestParams().WithLoginChallenge(r.URL.Query().Get("login_challenge"))) require.NoError(t, err) - assert.False(t, challenge.Payload.Skip) + assert.False(t, *challenge.Payload.Skip) v, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -397,8 +397,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { Subject: pointerx.String(""), Remember: false, RememberFor: 0, Acr: "1", })) require.Error(t, err) - require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.Payload.RedirectTo) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -435,8 +435,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { })) require.NoError(t, err) - require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.Payload.RedirectTo) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -455,8 +455,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { @@ -489,16 +489,16 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { rr := rrr.Payload require.NoError(t, err) - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) assert.Empty(t, rr.Subject) assert.EqualValues(t, []string{"https://api.ory.sh/"}, rr.RequestedAccessTokenAudience) assert.EqualValues(t, client.GetID(), rr.Client.ClientID) assert.EqualValues(t, client.GrantTypes, rr.Client.GrantTypes) assert.EqualValues(t, client.LogoURI, rr.Client.LogoURI) assert.EqualValues(t, client.RedirectURIs, rr.Client.RedirectUris) - assert.EqualValues(t, r.URL.Query().Get("login_challenge"), rr.Challenge) + assert.EqualValues(t, r.URL.Query().Get("login_challenge"), *rr.Challenge) assert.EqualValues(t, []string{"hydra", "offline", "openid"}, rr.RequestedScope) - assert.EqualValues(t, oauthConfig.AuthCodeURL("some-hardcoded-state", oauth2.SetAuthURLParam("audience", "https://api.ory.sh/")), rr.RequestURL) + assert.EqualValues(t, oauthConfig.AuthCodeURL("some-hardcoded-state", oauth2.SetAuthURLParam("audience", "https://api.ory.sh/")), *rr.RequestURL) v, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -507,8 +507,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { })) require.NoError(t, err) - require.NotEmpty(t, v.Payload.RedirectTo) - http.Redirect(w, r, v.Payload.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.Payload.RedirectTo) + http.Redirect(w, r, *v.Payload.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -525,7 +525,7 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { assert.EqualValues(t, client.RedirectURIs, rr.Client.RedirectUris) assert.EqualValues(t, []string{"https://api.ory.sh/"}, rr.RequestedAccessTokenAudience) assert.EqualValues(t, []string{"hydra", "offline", "openid"}, rr.RequestedScope) - assert.EqualValues(t, r.URL.Query().Get("consent_challenge"), rr.Challenge) + assert.EqualValues(t, r.URL.Query().Get("consent_challenge"), *rr.Challenge) assert.EqualValues(t, oauthConfig.AuthCodeURL("some-hardcoded-state", oauth2.SetAuthURLParam("audience", "https://api.ory.sh/")), rr.RequestURL) vr, err := apiClient.Admin.AcceptConsentRequest(admin.NewAcceptConsentRequestParams(). @@ -541,8 +541,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { @@ -606,15 +606,15 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) rr := rrr.Payload - assert.False(t, rr.Skip) + assert.False(t, *rr.Skip) assert.Empty(t, rr.Subject) assert.EqualValues(t, client.GetID(), rr.Client.ClientID) assert.EqualValues(t, client.GrantTypes, rr.Client.GrantTypes) assert.EqualValues(t, client.LogoURI, rr.Client.LogoURI) assert.EqualValues(t, client.RedirectURIs, rr.Client.RedirectUris) - assert.EqualValues(t, r.URL.Query().Get("login_challenge"), rr.Challenge) + assert.EqualValues(t, r.URL.Query().Get("login_challenge"), *rr.Challenge) assert.EqualValues(t, []string{"hydra", "offline", "openid"}, rr.RequestedScope) - assert.EqualValues(t, oauthConfig.AuthCodeURL("some-hardcoded-state")+"&prompt=login+consent&max_age=1", rr.RequestURL) + assert.EqualValues(t, oauthConfig.AuthCodeURL("some-hardcoded-state")+"&prompt=login+consent&max_age=1", *rr.RequestURL) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -624,8 +624,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -641,7 +641,7 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { assert.EqualValues(t, client.LogoURI, rr.Client.LogoURI) assert.EqualValues(t, client.RedirectURIs, rr.Client.RedirectUris) assert.EqualValues(t, []string{"hydra", "offline", "openid"}, rr.RequestedScope) - assert.EqualValues(t, r.URL.Query().Get("consent_challenge"), rr.Challenge) + assert.EqualValues(t, r.URL.Query().Get("consent_challenge"), *rr.Challenge) assert.EqualValues(t, oauthConfig.AuthCodeURL("some-hardcoded-state")+"&prompt=login+consent&max_age=1", rr.RequestURL) vr, err := apiClient.Admin.AcceptConsentRequest(admin.NewAcceptConsentRequestParams(). @@ -656,8 +656,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { @@ -829,8 +829,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) rr := rrr.Payload - assert.False(t, rr.Skip) - assert.EqualValues(t, "", rr.Subject) + assert.False(t, *rr.Skip) + assert.EqualValues(t, "", *rr.Subject) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). WithLoginChallenge(r.URL.Query().Get("login_challenge")). @@ -840,8 +840,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -865,8 +865,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { @@ -891,8 +891,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) rr := rrr.Payload - assert.False(t, rr.Skip) - assert.EqualValues(t, "", rr.Subject) + assert.False(t, *rr.Skip) + assert.EqualValues(t, "", *rr.Subject) assert.Empty(t, rr.Client.ClientSecret) vr, err := apiClient.Admin.AcceptLoginRequest(admin.NewAcceptLoginRequestParams(). @@ -903,8 +903,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -928,8 +928,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { @@ -986,8 +986,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cph: func(t *testing.T) func(w http.ResponseWriter, r *http.Request) { @@ -1007,8 +1007,8 @@ func TestAuthCodeWithDefaultStrategy(t *testing.T) { require.NoError(t, err) v := vr.Payload - require.NotEmpty(t, v.RedirectTo) - http.Redirect(w, r, v.RedirectTo, http.StatusFound) + require.NotEmpty(t, *v.RedirectTo) + http.Redirect(w, r, *v.RedirectTo, http.StatusFound) } }, cb: func(t *testing.T) httprouter.Handle { diff --git a/test/mock-lcp/main.go b/test/mock-lcp/main.go index 65a578fee22..65cd11a9854 100644 --- a/test/mock-lcp/main.go +++ b/test/mock-lcp/main.go @@ -46,9 +46,9 @@ func login(rw http.ResponseWriter, r *http.Request) { lr := res.Payload var v *models.CompletedRequest - if strings.Contains(lr.RequestURL, "mockLogin=accept") { + if strings.Contains(*lr.RequestURL, "mockLogin=accept") { remember := false - if strings.Contains(lr.RequestURL, "rememberLogin=yes") { + if strings.Contains(*lr.RequestURL, "rememberLogin=yes") { remember = true } @@ -76,7 +76,7 @@ func login(rw http.ResponseWriter, r *http.Request) { if err != nil { log.Fatalf("Unable to accept/reject login request: %s", err) } - http.Redirect(rw, r, v.RedirectTo, http.StatusFound) + http.Redirect(rw, r, *v.RedirectTo, http.StatusFound) } func consent(rw http.ResponseWriter, r *http.Request) { @@ -129,7 +129,7 @@ func consent(rw http.ResponseWriter, r *http.Request) { if err != nil { log.Fatalf("Unable to accept/reject consent request: %s", err) } - http.Redirect(rw, r, v.RedirectTo, http.StatusFound) + http.Redirect(rw, r, *v.RedirectTo, http.StatusFound) } func errh(rw http.ResponseWriter, r *http.Request) {