Skip to content

Commit

Permalink
fix: return empty slice if requested_scope or audience is null (#3711)
Browse files Browse the repository at this point in the history
  • Loading branch information
jonas-jonas authored Feb 12, 2024
1 parent 33950db commit 65165e7
Show file tree
Hide file tree
Showing 13 changed files with 542 additions and 6 deletions.
8 changes: 8 additions & 0 deletions consent/handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -364,6 +364,14 @@ func (h *Handler) getOAuth2LoginRequest(w http.ResponseWriter, r *http.Request,
return
}

if request.RequestedScope == nil {
request.RequestedScope = []string{}
}

if request.RequestedAudience == nil {
request.RequestedAudience = []string{}
}

request.Client = sanitizeClient(request.Client)
h.r.Writer().Write(w, r, request)
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{\"access_token\":{},\"id_token\":{}}"
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{\"grant_scope\":[],\"grant_access_token_audience\":[],\"session\":null,\"remember\":false,\"remember_for\":0,\"handled_at\":null,\"context\":{}}"
1 change: 1 addition & 0 deletions flow/.snapshots/TestHandledLoginRequest_MarshalJSON.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{\"remember\":false,\"remember_for\":0,\"extend_session_lifespan\":false,\"acr\":\"\",\"amr\":[],\"subject\":\"\",\"force_subject_identifier\":\"\",\"context\":{}}"
1 change: 1 addition & 0 deletions flow/.snapshots/TestLoginRequest_MarshalJSON.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{\"challenge\":\"\",\"requested_scope\":[],\"requested_access_token_audience\":[],\"skip\":false,\"subject\":\"\",\"oidc_context\":null,\"client\":null,\"request_url\":\"\",\"session_id\":\"\"}"
1 change: 1 addition & 0 deletions flow/.snapshots/TestLogoutRequest_MarshalJSON.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{\"challenge\":\"\",\"subject\":\"\",\"request_url\":\"\",\"rp_initiated\":false,\"client\":null}"
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{}"
1 change: 1 addition & 0 deletions flow/.snapshots/TestOAuth2ConsentRequest_MarshalJSON.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{\"challenge\":\"\",\"requested_scope\":[],\"requested_access_token_audience\":[],\"skip\":false,\"subject\":\"\",\"oidc_context\":null,\"client\":null,\"request_url\":\"\",\"login_challenge\":\"\",\"login_session_id\":\"\",\"acr\":\"\",\"amr\":[]}"
1 change: 1 addition & 0 deletions flow/.snapshots/TestOAuth2ConsentSession_MarshalJSON.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"{\"grant_scope\":[],\"grant_access_token_audience\":[],\"session\":null,\"remember\":false,\"remember_for\":0,\"handled_at\":null,\"context\":{},\"consent_request\":null}"
115 changes: 115 additions & 0 deletions flow/consent_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,25 @@ type AcceptOAuth2ConsentRequest struct {
SessionAccessToken sqlxx.MapStringInterface `json:"-" faker:"-"`
}

func (r *AcceptOAuth2ConsentRequest) MarshalJSON() ([]byte, error) {
type Alias AcceptOAuth2ConsentRequest
alias := Alias(*r)

if alias.Context == nil {
alias.Context = []byte("{}")
}

if alias.GrantedScope == nil {
alias.GrantedScope = []string{}
}

if alias.GrantedAudience == nil {
alias.GrantedAudience = []string{}
}

return json.Marshal(alias)
}

func (r *AcceptOAuth2ConsentRequest) HasError() bool {
return r.Error.IsError()
}
Expand Down Expand Up @@ -263,6 +282,25 @@ type OAuth2ConsentSession struct {
SessionAccessToken sqlxx.MapStringInterface `db:"session_access_token" json:"-"`
}

func (r *OAuth2ConsentSession) MarshalJSON() ([]byte, error) {
type Alias OAuth2ConsentSession
alias := Alias(*r)

if alias.Context == nil {
alias.Context = []byte("{}")
}

if alias.GrantedScope == nil {
alias.GrantedScope = []string{}
}

if alias.GrantedAudience == nil {
alias.GrantedAudience = []string{}
}

return json.Marshal(alias)
}

// HandledLoginRequest is the request payload used to accept a login request.
//
// swagger:model acceptOAuth2LoginRequest
Expand Down Expand Up @@ -345,6 +383,20 @@ type HandledLoginRequest struct {
AuthenticatedAt sqlxx.NullTime `json:"-"`
}

func (r *HandledLoginRequest) MarshalJSON() ([]byte, error) {
type Alias HandledLoginRequest
alias := Alias(*r)
if alias.Context == nil {
alias.Context = []byte("{}")
}

if alias.AMR == nil {
alias.AMR = []string{}
}

return json.Marshal(alias)
}

func (r *HandledLoginRequest) HasError() bool {
return r.Error.IsError()
}
Expand Down Expand Up @@ -392,6 +444,24 @@ type OAuth2ConsentRequestOpenIDConnectContext struct {
LoginHint string `json:"login_hint,omitempty"`
}

func (n *OAuth2ConsentRequestOpenIDConnectContext) MarshalJSON() ([]byte, error) {
type Alias OAuth2ConsentRequestOpenIDConnectContext
alias := Alias(*n)
if alias.IDTokenHintClaims == nil {
alias.IDTokenHintClaims = map[string]interface{}{}
}

if alias.ACRValues == nil {
alias.ACRValues = []string{}
}

if alias.UILocales == nil {
alias.UILocales = []string{}
}

return json.Marshal(alias)
}

func (n *OAuth2ConsentRequestOpenIDConnectContext) Scan(value interface{}) error {
v := fmt.Sprintf("%s", value)
if len(v) == 0 {
Expand Down Expand Up @@ -539,6 +609,20 @@ type LoginRequest struct {
RequestedAt time.Time `json:"-"`
}

func (r *LoginRequest) MarshalJSON() ([]byte, error) {
type Alias LoginRequest
alias := Alias(*r)
if alias.RequestedScope == nil {
alias.RequestedScope = []string{}
}

if alias.RequestedAudience == nil {
alias.RequestedAudience = []string{}
}

return json.Marshal(alias)
}

// Contains information on an ongoing consent request.
//
// swagger:model oAuth2ConsentRequest
Expand Down Expand Up @@ -614,6 +698,24 @@ type OAuth2ConsentRequest struct {
RequestedAt time.Time `json:"-"`
}

func (r *OAuth2ConsentRequest) MarshalJSON() ([]byte, error) {
type Alias OAuth2ConsentRequest
alias := Alias(*r)
if alias.RequestedScope == nil {
alias.RequestedScope = []string{}
}

if alias.RequestedAudience == nil {
alias.RequestedAudience = []string{}
}

if alias.AMR == nil {
alias.AMR = []string{}
}

return json.Marshal(alias)
}

// Pass session data to a consent request.
//
// swagger:model acceptOAuth2ConsentRequestSession
Expand All @@ -636,3 +738,16 @@ func NewConsentRequestSessionData() *AcceptOAuth2ConsentRequestSession {
IDToken: map[string]interface{}{},
}
}

func (r *AcceptOAuth2ConsentRequestSession) MarshalJSON() ([]byte, error) {
type Alias AcceptOAuth2ConsentRequestSession
alias := Alias(*r)
if alias.AccessToken == nil {
alias.AccessToken = map[string]interface{}{}
}

if alias.IDToken == nil {
alias.IDToken = map[string]interface{}{}
}
return json.Marshal(alias)
}
51 changes: 51 additions & 0 deletions flow/consent_types_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,12 @@
package flow

import (
"encoding/json"
"fmt"
"testing"

"github.com/ory/x/snapshotx"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"

Expand Down Expand Up @@ -66,3 +69,51 @@ func TestRequestDeniedError(t *testing.T) {
require.NoError(t, err)
assert.EqualValues(t, "{}", fmt.Sprintf("%v", v))
}

func TestAcceptOAuth2ConsentRequest_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(AcceptOAuth2ConsentRequest))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}

func TestOAuth2ConsentSession_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(OAuth2ConsentSession))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}

func TestHandledLoginRequest_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(HandledLoginRequest))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}

func TestOAuth2ConsentRequestOpenIDConnectContext_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(OAuth2ConsentRequestOpenIDConnectContext))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}

func TestLogoutRequest_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(LogoutRequest))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}

func TestLoginRequest_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(LoginRequest))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}

func TestOAuth2ConsentRequest_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(OAuth2ConsentRequest))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}

func TestAcceptOAuth2ConsentRequestSession_MarshalJSON(t *testing.T) {
out, err := json.Marshal(new(AcceptOAuth2ConsentRequestSession))
require.NoError(t, err)
snapshotx.SnapshotT(t, string(out))
}
7 changes: 6 additions & 1 deletion internal/httpclient/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,11 @@ module github.com/ory/hydra-client-go/v2

go 1.18

require golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558

require (
golang.org/x/oauth2 v0.0.0-20210323180902-22b0adad7558
github.com/golang/protobuf v1.4.2 // indirect
golang.org/x/net v0.0.0-20200822124328-c89045814202 // indirect
google.golang.org/appengine v1.6.6 // indirect
google.golang.org/protobuf v1.25.0 // indirect
)
Loading

0 comments on commit 65165e7

Please sign in to comment.