github/kubelogin
1
0
Fork 0
mirror of https://github.com/int128/kubelogin.git synced 2026-02-14 16:39:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Handle verification_url field in device flow (#846)

Browse Source
This commit is contained in:
Hidetake Iwata
2022-12-24 19:10:21 +09:00
committed by GitHub
parent 345465a5d3
commit adfbc48b24
2 changed files with 35 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/usecases/authentication/devicecode/devicecode.go
View File

@@ -26,14 +26,19 @@ func (u *DeviceCode) Do(ctx context.Context, in *Option, oidcClient client.Inter
authResponse, err := oidcClient.GetDeviceAuthorization(ctx) authResponse, err := oidcClient.GetDeviceAuthorization(ctx)
if err != nil { if err != nil {
return nil, err return nil, fmt.Errorf("authorization error: %w", err)
} }
if authResponse.VerificationURIComplete == "" { if authResponse.VerificationURIComplete != "" {
u.openURL(ctx, in, authResponse.VerificationURIComplete)
} else if authResponse.VerificationURI != "" {
u.Logger.Printf("Please enter the following code when asked in your browser: %s", authResponse.UserCode) u.Logger.Printf("Please enter the following code when asked in your browser: %s", authResponse.UserCode)
u.openURL(ctx, in, authResponse.VerificationURI) u.openURL(ctx, in, authResponse.VerificationURI)
} else if authResponse.VerificationURL != "" {
u.Logger.Printf("Please enter the following code when asked in your browser: %s", authResponse.UserCode)
u.openURL(ctx, in, authResponse.VerificationURL)
} else { } else {
u.openURL(ctx, in, authResponse.VerificationURIComplete) return nil, fmt.Errorf("no verification URI in the authorization response")
} }
tokenSet, err := oidcClient.ExchangeDeviceCode(ctx, authResponse) tokenSet, err := oidcClient.ExchangeDeviceCode(ctx, authResponse)

27
pkg/usecases/authentication/devicecode/devicecode_test.go
View File

@@ -94,6 +94,33 @@ func TestDeviceCode(t *testing.T) {
} }
}) })
t.Run("Server returns verification_url", func(t *testing.T) {
mockBrowser := browser.NewMockInterface(t)
mockClient := client.NewMockInterface(t)
dc := &DeviceCode{
Browser: mockBrowser,
Logger: logger.New(t),
}
mockResponse := &oauth2dev.AuthorizationResponse{
DeviceCode: "device-code-1",
VerificationURL: "https://example.com/verificationCompleteURL",
ExpiresIn: 2,
Interval: 1,
}
mockClient.EXPECT().GetDeviceAuthorization(ctx).Return(mockResponse, nil).Once()
mockBrowser.EXPECT().Open("https://example.com/verificationCompleteURL").Return(nil).Once()
mockClient.EXPECT().ExchangeDeviceCode(mock.Anything, mockResponse).Return(&oidc.TokenSet{
IDToken: "test-id-token",
}, nil).Once()
ts, err := dc.Do(ctx, &Option{}, mockClient)
if err != nil {
t.Errorf("returned unexpected error: %v", err)
}
if ts.IDToken != "test-id-token" {
t.Errorf("wrong returned tokenset: %v", err)
}
})
t.Run("Error when exchanging the device code", func(t *testing.T) { t.Run("Error when exchanging the device code", func(t *testing.T) {
mockBrowser := browser.NewMockInterface(t) mockBrowser := browser.NewMockInterface(t)
mockClient := client.NewMockInterface(t) mockClient := client.NewMockInterface(t)