3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-22 21:47:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

Prototype device authorization flow (core)

Browse source
This commit is contained in:
Joe Kralicky 2024-05-17 15:18:34 -04:00
parent 56ce79e662
commit 18aed33aa5
No known key found for this signature in database
GPG key ID: 75C4875F34A9FB79
2 changed files with 2 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
authenticate/handlers.go
View file

@ -97,7 +97,6 @@ func (a *Authenticate) mountDashboard(r *mux.Router) {
sr.Path("/sign_out").Handler(httputil.HandlerFunc(a.SignOut)) sr.Path("/sign_out").Handler(httputil.HandlerFunc(a.SignOut))
sr.Path("/signed_out").Handler(httputil.HandlerFunc(a.signedOut)).Methods(http.MethodGet) sr.Path("/signed_out").Handler(httputil.HandlerFunc(a.signedOut)).Methods(http.MethodGet)
sr.Path("/device_auth").Handler(httputil.HandlerFunc(a.DeviceAuthLogin)). sr.Path("/device_auth").Handler(httputil.HandlerFunc(a.DeviceAuthLogin)).
Queries(urlutil.QueryDeviceAuthRouteURI, "").
Methods(http.MethodGet, http.MethodPost) Methods(http.MethodGet, http.MethodPost)
// routes that need a session: // routes that need a session:
@ -577,7 +576,7 @@ func (a *Authenticate) getRetryTokenForRequest(r *http.Request) []byte {
if err := r.ParseForm(); err != nil { if err := r.ParseForm(); err != nil {
return nil return nil
} }
dec, _ := base64.URLEncoding.DecodeString(r.Form.Get(urlutil.QueryDeviceAuthRetryToken)) dec, _ := base64.StdEncoding.DecodeString(r.Form.Get(urlutil.QueryDeviceAuthRetryToken))
return dec return dec
} }

6
proxy/handlers.go
View file

@ -69,7 +69,6 @@ func (p *Proxy) registerDashboardHandlers(r *mux.Router, opts *config.Options) *
})) }))
a.Path("/v1/device_auth").Handler(httputil.HandlerFunc(p.DeviceAuthLogin)). a.Path("/v1/device_auth").Handler(httputil.HandlerFunc(p.DeviceAuthLogin)).
Queries(urlutil.QueryDeviceAuthRouteURI, "").
Methods(http.MethodGet, http.MethodPost) Methods(http.MethodGet, http.MethodPost)
return r return r
@ -169,10 +168,7 @@ func (p *Proxy) DeviceAuthLogin(w http.ResponseWriter, r *http.Request) error {
options := p.currentOptions.Load() options := p.currentOptions.Load()
params := url.Values{} params := url.Values{}
routeUri, err := urlutil.ParseAndValidateURL(r.FormValue(urlutil.QueryDeviceAuthRouteURI)) routeUri := urlutil.GetAbsoluteURL(r)
if err != nil {
return httputil.NewError(http.StatusBadRequest, err)
}
params.Set(urlutil.QueryDeviceAuthRouteURI, routeUri.String()) params.Set(urlutil.QueryDeviceAuthRouteURI, routeUri.String())
idp, err := options.GetIdentityProviderForRequestURL(routeUri.String()) idp, err := options.GetIdentityProviderForRequestURL(routeUri.String())