NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commit035092a

committed

Return err on invalid params

That way the caller can just check err instead of the length of errors.

1 parent7b132e4 commit035092aCopy full SHA for 035092a

File tree

3 files changed

+34

-30

lines changed

enterprise/coderd/identityprovider

3 files changed

+34

-30

lines changed

`‎enterprise/coderd/identityprovider/authorize.go`

Lines changed: 11 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -26,19 +26,15 @@ type authorizeParams struct {`
`26`	`26`	`statestring`
`27`	`27`	`}`
`28`	`28`
`29`		`-funcextractAuthorizeParams(r*http.Request,callbackURLstring) (authorizeParams, []codersdk.ValidationError,error) {`
	`29`	`+funcextractAuthorizeParams(rhttp.Request,callbackURLurl.URL) (authorizeParams, []codersdk.ValidationError,error) {`
`30`	`30`	`p:=httpapi.NewQueryParamParser()`
`31`	`31`	`vals:=r.URL.Query()`
`32`	`32`
`33`	`33`	`p.RequiredNotEmpty("state","response_type","client_id")`
`34`	`34`
`35`		`-cb,err:=url.Parse(callbackURL)`
`36`		`-iferr!=nil {`
`37`		`-returnauthorizeParams{},nil,err`
`38`		`-}`
`39`	`35`	`params:=authorizeParams{`
`40`	`36`	`clientID:p.String(vals,"","client_id"),`
`41`		`-redirectURL:p.RedirectURL(vals,cb,"redirect_uri"),`
	`37`	`+redirectURL:p.RedirectURL(vals,callbackURL,"redirect_uri"),`
`42`	`38`	`responseType:httpapi.ParseCustom(p,vals,"","response_type",httpapi.ParseEnum[codersdk.OAuth2ProviderResponseType]),`
`43`	`39`	`scope:p.Strings(vals, []string{},"scope"),`
`44`	`40`	`state:p.String(vals,"","state"),`
`@@ -48,7 +44,10 @@ func extractAuthorizeParams(r *http.Request, callbackURL string) (authorizeParam`
`48`	`44`	`_=p.String(vals,"","redirected")`
`49`	`45`
`50`	`46`	`p.ErrorExcessParams(vals)`
`51`		`-returnparams,p.Errors,nil`
	`47`	`+iflen(p.Errors)>0 {`
	`48`	`+returnauthorizeParams{},p.Errors,xerrors.Errorf("invalid query params: %w",p.Errors)`
	`49`	`+}`
	`50`	`+returnparams,nil,nil`
`52`	`51`	`}`
`53`	`52`
`54`	`53`	`/**`
`@@ -63,17 +62,20 @@ func Authorize(db database.Store, accessURL *url.URL) http.HandlerFunc {`
`63`	`62`	`apiKey:=httpmw.APIKey(r)`
`64`	`63`	`app:=httpmw.OAuth2ProviderApp(r)`
`65`	`64`
`66`		`-params,validationErrs,err:=extractAuthorizeParams(r,app.CallbackURL)`
	`65`	`+callbackURL,err:=url.Parse(app.CallbackURL)`
`67`	`66`	`iferr!=nil {`
`68`	`67`	`httpapi.Write(r.Context(),rw,http.StatusInternalServerError, codersdk.Response{`
`69`	`68`	`Message:"Failed to validate query parameters.",`
`70`	`69`	`Detail:err.Error(),`
`71`	`70`	`})`
`72`	`71`	`return`
`73`	`72`	`}`
`74`		`-iflen(validationErrs)>0 {`
	`73`	`+`
	`74`	`+params,validationErrs,err:=extractAuthorizeParams(r,callbackURL)`
	`75`	`+iferr!=nil {`
`75`	`76`	`httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{`
`76`	`77`	`Message:"Invalid query params.",`
	`78`	`+Detail:err.Error(),`
`77`	`79`	`Validations:validationErrs,`
`78`	`80`	`})`
`79`	`81`	`return`

`‎enterprise/coderd/identityprovider/middleware.go`

Lines changed: 11 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -57,12 +57,7 @@ func authorizeMW(accessURL *url.URL) func(next http.Handler) http.Handler {`
`57`	`57`	`return`
`58`	`58`	`}`
`59`	`59`
`60`		`-// Extract the form parameters for two reasons:`
`61`		`-// 1. We need the redirect URI to build the cancel URI.`
`62`		`-// 2. Since validation will run once the user clicks "allow", it is`
`63`		`-// better to validate now to avoid wasting the user's time clicking a`
`64`		`-// button that will just error anyway.`
`65`		`-params,errs,err:=extractAuthorizeParams(r,app.CallbackURL)`
	`60`	`+callbackURL,err:=url.Parse(app.CallbackURL)`
`66`	`61`	`iferr!=nil {`
`67`	`62`	`site.RenderStaticErrorPage(rw,r, site.ErrorPageData{`
`68`	`63`	`Status:http.StatusInternalServerError,`
`@@ -75,9 +70,16 @@ func authorizeMW(accessURL *url.URL) func(next http.Handler) http.Handler {`
`75`	`70`	`})`
`76`	`71`	`return`
`77`	`72`	`}`
`78`		`-iflen(errs)>0 {`
`79`		`-errStr:=make([]string,len(errs))`
`80`		`-fori,err:=rangeerrs {`
	`73`	`+`
	`74`	`+// Extract the form parameters for two reasons:`
	`75`	`+// 1. We need the redirect URI to build the cancel URI.`
	`76`	`+// 2. Since validation will run once the user clicks "allow", it is`
	`77`	`+// better to validate now to avoid wasting the user's time clicking a`
	`78`	`+// button that will just error anyway.`
	`79`	`+params,validationErrs,err:=extractAuthorizeParams(r,callbackURL)`
	`80`	`+iferr!=nil {`
	`81`	`+errStr:=make([]string,len(validationErrs))`
	`82`	`+fori,err:=rangevalidationErrs {`
`81`	`83`	`errStr[i]=err.Detail`
`82`	`84`	`}`
`83`	`85`	`site.RenderStaticErrorPage(rw,r, site.ErrorPageData{`

`‎enterprise/coderd/identityprovider/tokens.go`

Lines changed: 12 additions & 12 deletions

Original file line number	Diff line number	Diff line change
`@@ -33,49 +33,49 @@ type tokenParams struct {`
`33`	`33`	`redirectURL*url.URL`
`34`	`34`	`}`
`35`	`35`
`36`		`-funcextractTokenParams(r*http.Request,callbackURLstring) (tokenParams, []codersdk.ValidationError,error) {`
	`36`	`+funcextractTokenParams(rhttp.Request,callbackURLurl.URL) (tokenParams, []codersdk.ValidationError,error) {`
`37`	`37`	`p:=httpapi.NewQueryParamParser()`
`38`	`38`	`err:=r.ParseForm()`
`39`	`39`	`iferr!=nil {`
`40`	`40`	`returntokenParams{},nil,xerrors.Errorf("parse form: %w",err)`
`41`	`41`	`}`
`42`		`-`
`43`		`-cb,err:=url.Parse(callbackURL)`
`44`		`-iferr!=nil {`
`45`		`-returntokenParams{},nil,err`
`46`		`-}`
`47`		`-`
`48`	`42`	`p.RequiredNotEmpty("grant_type","client_secret","client_id","code")`
`49`	`43`
`50`	`44`	`vals:=r.Form`
`51`	`45`	`params:=tokenParams{`
`52`	`46`	`clientID:p.String(vals,"","client_id"),`
`53`	`47`	`clientSecret:p.String(vals,"","client_secret"),`
`54`	`48`	`code:p.String(vals,"","code"),`
`55`		`-redirectURL:p.RedirectURL(vals,cb,"redirect_uri"),`
	`49`	`+redirectURL:p.RedirectURL(vals,callbackURL,"redirect_uri"),`
`56`	`50`	`grantType:httpapi.ParseCustom(p,vals,"","grant_type",httpapi.ParseEnum[codersdk.OAuth2ProviderGrantType]),`
`57`	`51`	`}`
`58`	`52`
`59`	`53`	`p.ErrorExcessParams(vals)`
`60`		`-returnparams,p.Errors,nil`
	`54`	`+iflen(p.Errors)>0 {`
	`55`	`+returntokenParams{},p.Errors,xerrors.Errorf("invalid query params: %w",p.Errors)`
	`56`	`+}`
	`57`	`+returnparams,nil,nil`
`61`	`58`	`}`
`62`	`59`
`63`	`60`	`funcTokens(db database.Store,defaultLifetime time.Duration) http.HandlerFunc {`
`64`	`61`	`returnfunc(rw http.ResponseWriter,r*http.Request) {`
`65`	`62`	`ctx:=r.Context()`
`66`	`63`	`app:=httpmw.OAuth2ProviderApp(r)`
`67`	`64`
`68`		`-params,validationErrs,err:=extractTokenParams(r,app.CallbackURL)`
	`65`	`+callbackURL,err:=url.Parse(app.CallbackURL)`
`69`	`66`	`iferr!=nil {`
`70`		`-httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{`
	`67`	`+httpapi.Write(ctx,rw,http.StatusInternalServerError, codersdk.Response{`
`71`	`68`	`Message:"Failed to validate form values.",`
`72`	`69`	`Detail:err.Error(),`
`73`	`70`	`})`
`74`	`71`	`return`
`75`	`72`	`}`
`76`		`-iflen(validationErrs)>0 {`
	`73`	`+`
	`74`	`+params,validationErrs,err:=extractTokenParams(r,callbackURL)`
	`75`	`+iferr!=nil {`
`77`	`76`	`httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{`
`78`	`77`	`Message:"Invalid query params.",`
	`78`	`+Detail:err.Error(),`
`79`	`79`	`Validations:validationErrs,`
`80`	`80`	`})`
`81`	`81`	`return`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit035092a

File tree

3 files changed

3 files changed

`‎enterprise/coderd/identityprovider/authorize.go`

`‎enterprise/coderd/identityprovider/middleware.go`

`‎enterprise/coderd/identityprovider/tokens.go`

0 commit comments