3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 16:59:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

authenticate: remove extra UpdateUserInfo() call (#4813)

Browse source 
The buildIdentityProfile() method is called only from
Authenticate.getOAuthCallback(), which has previously called
Authenticator.Authenticate(). It looks like all implementations of the
Authenticator interface already call UpdateUserInfo(), so we shouldn't
need to call UpdateUserInfo() a second time from buildIdentityProfile().

This should simplify the code a little and provide a slight performance
improvement (by avoiding one network request).
This commit is contained in:
Kenneth Jenkins 2023-12-05 09:22:35 -08:00 committed by GitHub
parent 8a2cf3faf2
commit 3c4b03f1d2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 1 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
authenticate/handlers.go
View file

@ -451,7 +451,7 @@ Or contact your administrator.
}
// save the session and access token to the databroker
profile, err := a.buildIdentityProfile(ctx, r, &newState, claims, accessToken)
profile, err := a.buildIdentityProfile(r, claims, accessToken)
if err != nil {
return nil, httputil.NewError(http.StatusInternalServerError, err)
}

14
authenticate/identity_profile.go
View file

@ -14,7 +14,6 @@ import (
"github.com/pomerium/pomerium/internal/httputil"
"github.com/pomerium/pomerium/internal/identity"
"github.com/pomerium/pomerium/internal/sessions"
"github.com/pomerium/pomerium/internal/urlutil"
"github.com/pomerium/pomerium/pkg/cryptutil"
identitypb "github.com/pomerium/pomerium/pkg/grpc/identity"
@ -23,25 +22,12 @@ import (
var cookieChunker = httputil.NewCookieChunker()
func (a *Authenticate) buildIdentityProfile(
ctx context.Context,
r *http.Request,
_ *sessions.State,
claims identity.SessionClaims,
oauthToken *oauth2.Token,
) (*identitypb.Profile, error) {
options := a.options.Load()
idpID := r.FormValue(urlutil.QueryIdentityProviderID)
authenticator, err := a.cfg.getIdentityProvider(options, idpID)
if err != nil {
return nil, fmt.Errorf("authenticate: error getting identity provider authenticator: %w", err)
}
err = authenticator.UpdateUserInfo(ctx, oauthToken, &claims)
if err != nil {
return nil, fmt.Errorf("authenticate: error retrieving user info: %w", err)
}
rawIDToken := []byte(claims.RawIDToken)
rawOAuthToken, err := json.Marshal(oauthToken)
if err != nil {