Skip to content

Commit

Permalink
Make OAuth 2.0 token_url client_id and client_secret mandatory (#294)
Browse files Browse the repository at this point in the history
* Made client_id and client_secret mandatory

Signed-off-by: Levi Harrison <git@leviharrison.dev>
  • Loading branch information
LeviHarrison authored Apr 27, 2021
1 parent 2270f5d commit b4304c5
Show file tree
Hide file tree
Showing 6 changed files with 32 additions and 0 deletions.
9 changes: 9 additions & 0 deletions config/http_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -210,6 +210,15 @@ func (c *HTTPClientConfig) Validate() error {
if c.BasicAuth != nil {
return fmt.Errorf("at most one of basic_auth, oauth2 & authorization must be configured")
}
if len(c.OAuth2.ClientID) == 0 {
return fmt.Errorf("oauth2 client_id must be configured")
}
if len(c.OAuth2.ClientSecret) == 0 && len(c.OAuth2.ClientSecretFile) == 0 {
return fmt.Errorf("either oauth2 client_secret or client_secret_file must be configured")
}
if len(c.OAuth2.TokenURL) == 0 {
return fmt.Errorf("oauth2 token_url must be configured")
}
if len(c.OAuth2.ClientSecret) > 0 && len(c.OAuth2.ClientSecretFile) > 0 {
return fmt.Errorf("at most one of oauth2 client_secret & client_secret_file must be configured")
}
Expand Down
12 changes: 12 additions & 0 deletions config/http_config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,18 @@ var invalidHTTPClientConfigs = []struct {
httpClientConfigFile: "testdata/http.conf.oauth2-secret-and-file-set.bad.yml",
errMsg: "at most one of oauth2 client_secret & client_secret_file must be configured",
},
{
httpClientConfigFile: "testdata/http.conf.oauth2-no-client-id.bad.yaml",
errMsg: "oauth2 client_id must be configured",
},
{
httpClientConfigFile: "testdata/http.conf.oauth2-no-client-secret.bad.yaml",
errMsg: "either oauth2 client_secret or client_secret_file must be configured",
},
{
httpClientConfigFile: "testdata/http.conf.oauth2-no-token-url.bad.yaml",
errMsg: "oauth2 token_url must be configured",
},
}

func newTestServer(handler func(w http.ResponseWriter, r *http.Request)) (*httptest.Server, error) {
Expand Down
3 changes: 3 additions & 0 deletions config/testdata/http.conf.oauth2-no-client-id.bad.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
oauth2:
client_secret: "mysecret"
token_url: "http://auth"
3 changes: 3 additions & 0 deletions config/testdata/http.conf.oauth2-no-client-secret.bad.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
oauth2:
client_id: "myclientid"
token_url: "http://auth"
3 changes: 3 additions & 0 deletions config/testdata/http.conf.oauth2-no-token-url.bad.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
oauth2:
client_id: "myclientid"
client_secret: "mysecret"
2 changes: 2 additions & 0 deletions config/testdata/http.conf.oauth2-secret-and-file-set.bad.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
oauth2:
client_id: "myclient"
client_secret: "mysecret"
client_secret_file: "mysecret"
token_url: "http://auth"

0 comments on commit b4304c5

Please sign in to comment.