mirror of
https://github.com/1f349/tulip.git
synced 2024-12-22 08:14:13 +00:00
Use internal scopes within FancyScopeList
This commit is contained in:
parent
96df1deadf
commit
f9ed40b8e5
@ -26,44 +26,13 @@ func ScopesExist(scope string) bool {
|
|||||||
|
|
||||||
// FancyScopeList takes a scope string and outputs a slice of scope descriptions
|
// FancyScopeList takes a scope string and outputs a slice of scope descriptions
|
||||||
func FancyScopeList(scope string) (arr []string) {
|
func FancyScopeList(scope string) (arr []string) {
|
||||||
seen := make(map[string]struct{})
|
a, err := internalGetScopes(scope, func(key, desc string) string {
|
||||||
outer:
|
return desc
|
||||||
for {
|
})
|
||||||
n := strings.IndexAny(scope, ", ")
|
if err != nil {
|
||||||
var key string
|
return nil
|
||||||
switch n {
|
|
||||||
case 0:
|
|
||||||
// first char is matching, no key name found, just continue
|
|
||||||
scope = scope[1:]
|
|
||||||
continue outer
|
|
||||||
case -1:
|
|
||||||
// no more matching chars, if scope is empty then we are done
|
|
||||||
if len(scope) == 0 {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
// otherwise set the key and empty scope
|
|
||||||
key = scope
|
|
||||||
scope = ""
|
|
||||||
default:
|
|
||||||
// set the key and trim from scope
|
|
||||||
key = scope[:n]
|
|
||||||
scope = scope[n+1:]
|
|
||||||
}
|
|
||||||
|
|
||||||
// check if key has been seen already
|
|
||||||
if _, ok := seen[key]; ok {
|
|
||||||
continue outer
|
|
||||||
}
|
|
||||||
|
|
||||||
// set seen flag
|
|
||||||
seen[key] = struct{}{}
|
|
||||||
|
|
||||||
// output the description
|
|
||||||
if d := scopeDescription[key]; d != "" {
|
|
||||||
arr = append(arr, d)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
return a
|
||||||
}
|
}
|
||||||
|
|
||||||
func internalGetScopes(scope string, f func(key, desc string) string) (arr []string, err error) {
|
func internalGetScopes(scope string, f func(key, desc string) string) (arr []string, err error) {
|
||||||
|
@ -5,6 +5,22 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func TestScopesExist(t *testing.T) {
|
||||||
|
desc := scopeDescription
|
||||||
|
scopeDescription = map[string]string{
|
||||||
|
"a": "A",
|
||||||
|
"b": "B",
|
||||||
|
"c": "C",
|
||||||
|
}
|
||||||
|
|
||||||
|
assert.True(t, ScopesExist("a b c"))
|
||||||
|
assert.False(t, ScopesExist("a b d"))
|
||||||
|
assert.True(t, ScopesExist("a,b c"))
|
||||||
|
assert.False(t, ScopesExist("a,b d"))
|
||||||
|
|
||||||
|
scopeDescription = desc
|
||||||
|
}
|
||||||
|
|
||||||
func TestFancyScopeList(t *testing.T) {
|
func TestFancyScopeList(t *testing.T) {
|
||||||
desc := scopeDescription
|
desc := scopeDescription
|
||||||
scopeDescription = map[string]string{
|
scopeDescription = map[string]string{
|
||||||
|
@ -84,7 +84,7 @@ func (h *HttpServer) ManageUsersPost(rw http.ResponseWriter, req *http.Request,
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
if role != database.RoleAdmin {
|
if role != database.RoleAdmin {
|
||||||
http.Error(rw, "400 Bad Request: Only admin users can create SSO client applications", http.StatusBadRequest)
|
http.Error(rw, "400 Bad Request: Only admin users can manage users", http.StatusBadRequest)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -93,19 +93,25 @@ func (h *HttpServer) authorizeEndpoint(rw http.ResponseWriter, req *http.Request
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
scopeList := form.Get("scope")
|
||||||
|
if !scope.ScopesExist(scopeList) {
|
||||||
|
http.Error(rw, "Invalid scopes", http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
rw.WriteHeader(http.StatusOK)
|
rw.WriteHeader(http.StatusOK)
|
||||||
pages.RenderPageTemplate(rw, "oauth-authorize", map[string]any{
|
pages.RenderPageTemplate(rw, "oauth-authorize", map[string]any{
|
||||||
"ServiceName": h.conf.ServiceName,
|
"ServiceName": h.conf.ServiceName,
|
||||||
"AppName": appName,
|
"AppName": appName,
|
||||||
"AppDomain": appDomain,
|
"AppDomain": appDomain,
|
||||||
"User": user,
|
"User": user,
|
||||||
"WantsList": scope.FancyScopeList(form.Get("scope")),
|
"WantsList": scope.FancyScopeList(scopeList),
|
||||||
"ResponseType": form.Get("response_type"),
|
"ResponseType": form.Get("response_type"),
|
||||||
"ResponseMode": form.Get("response_mode"),
|
"ResponseMode": form.Get("response_mode"),
|
||||||
"ClientID": form.Get("client_id"),
|
"ClientID": form.Get("client_id"),
|
||||||
"RedirectUri": form.Get("redirect_uri"),
|
"RedirectUri": form.Get("redirect_uri"),
|
||||||
"State": form.Get("state"),
|
"State": form.Get("state"),
|
||||||
"Scope": form.Get("scope"),
|
"Scope": scopeList,
|
||||||
"Nonce": form.Get("nonce"),
|
"Nonce": form.Get("nonce"),
|
||||||
"HasOtp": hasOtp,
|
"HasOtp": hasOtp,
|
||||||
})
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user