From b05e92d466d04ced2dd8d0ac90e1e41fa97915e7 Mon Sep 17 00:00:00 2001 From: Hidetake Iwata Date: Mon, 24 Nov 2025 16:48:14 +0900 Subject: [PATCH] Remove deprecated flag --oidc-redirect-url-hostname (#1450) --- integration_test/credetial_plugin_test.go | 26 ------------------- pkg/cmd/authentication.go | 6 ----- pkg/cmd/authentication_test.go | 2 -- pkg/oidc/client/authcode.go | 2 -- .../authentication/authcode/browser.go | 2 -- 5 files changed, 38 deletions(-) diff --git a/integration_test/credetial_plugin_test.go b/integration_test/credetial_plugin_test.go index 81b44a9..ca8b7c6 100644 --- a/integration_test/credetial_plugin_test.go +++ b/integration_test/credetial_plugin_test.go @@ -332,32 +332,6 @@ func TestCredentialPlugin(t *testing.T) { assertCredentialPluginStdout(t, &stdout, svc.LastTokenResponse().IDToken, now.Add(time.Hour)) }) - t.Run("RedirectURLHostname", func(t *testing.T) { - ctx, cancel := context.WithTimeout(context.TODO(), timeout) - defer cancel() - svc := oidcserver.New(t, keypair.None, testconfig.Config{ - Want: testconfig.Want{ - Scope: "openid", - RedirectURIPrefix: "http://127.0.0.1:", - CodeChallengeMethod: "S256", - }, - Response: testconfig.Response{ - IDTokenExpiry: now.Add(time.Hour), - CodeChallengeMethodsSupported: []string{"plain", "S256"}, - }, - }) - var stdout bytes.Buffer - runGetToken(t, ctx, getTokenConfig{ - tokenCacheDir: tokenCacheDir, - issuerURL: svc.IssuerURL(), - httpDriver: httpdriver.New(ctx, t, httpdriver.Config{BodyContains: "Authenticated"}), - now: now, - stdout: &stdout, - args: []string{"--oidc-redirect-url-hostname", "127.0.0.1"}, - }) - assertCredentialPluginStdout(t, &stdout, svc.LastTokenResponse().IDToken, now.Add(time.Hour)) - }) - t.Run("RedirectURLHTTPS", func(t *testing.T) { ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() diff --git a/pkg/cmd/authentication.go b/pkg/cmd/authentication.go index 81cdfcf..2330109 100644 --- a/pkg/cmd/authentication.go +++ b/pkg/cmd/authentication.go @@ -23,7 +23,6 @@ type authenticationOptions struct { LocalServerCertFile string LocalServerKeyFile string OpenURLAfterAuthentication string - RedirectURLHostname string // DEPRECATED RedirectURLAuthCodeKeyboard string // DEPRECATED AuthRequestExtraParams map[string]string Username string @@ -48,10 +47,6 @@ func (o *authenticationOptions) addFlags(f *pflag.FlagSet) { f.StringVar(&o.LocalServerCertFile, "local-server-cert", "", "[authcode] Certificate path for the local server") f.StringVar(&o.LocalServerKeyFile, "local-server-key", "", "[authcode] Certificate key path for the local server") f.StringVar(&o.OpenURLAfterAuthentication, "open-url-after-authentication", "", "[authcode] If set, open the URL in the browser after authentication") - f.StringVar(&o.RedirectURLHostname, "oidc-redirect-url-hostname", "", "[authcode] Hostname of the redirect URL") - if err := f.MarkDeprecated("oidc-redirect-url-hostname", "use --oidc-redirect-url instead."); err != nil { - panic(err) - } f.StringVar(&o.RedirectURLAuthCodeKeyboard, "oidc-redirect-url-authcode-keyboard", "", "Equivalent to --oidc-redirect-url") if err := f.MarkDeprecated("oidc-redirect-url-authcode-keyboard", "use --oidc-redirect-url instead."); err != nil { panic(err) @@ -77,7 +72,6 @@ func (o *authenticationOptions) grantOptionSet() (s authentication.GrantOptionSe LocalServerCertFile: o.LocalServerCertFile, LocalServerKeyFile: o.LocalServerKeyFile, OpenURLAfterAuthentication: o.OpenURLAfterAuthentication, - RedirectURLHostname: o.RedirectURLHostname, AuthRequestExtraParams: o.AuthRequestExtraParams, } case o.GrantType == "authcode-keyboard": diff --git a/pkg/cmd/authentication_test.go b/pkg/cmd/authentication_test.go index 5de54a5..5ccdb21 100644 --- a/pkg/cmd/authentication_test.go +++ b/pkg/cmd/authentication_test.go @@ -36,7 +36,6 @@ func Test_authenticationOptions_grantOptionSet(t *testing.T) { "--local-server-cert", "/path/to/local-server-cert", "--local-server-key", "/path/to/local-server-key", "--open-url-after-authentication", "https://example.com/success.html", - "--oidc-redirect-url-hostname", "example", "--oidc-auth-request-extra-params", "ttl=86400", "--oidc-auth-request-extra-params", "reauth=true", "--username", "USER", @@ -51,7 +50,6 @@ func Test_authenticationOptions_grantOptionSet(t *testing.T) { LocalServerCertFile: "/path/to/local-server-cert", LocalServerKeyFile: "/path/to/local-server-key", OpenURLAfterAuthentication: "https://example.com/success.html", - RedirectURLHostname: "example", AuthRequestExtraParams: map[string]string{"ttl": "86400", "reauth": "true"}, }, }, diff --git a/pkg/oidc/client/authcode.go b/pkg/oidc/client/authcode.go index 190a523..26df030 100644 --- a/pkg/oidc/client/authcode.go +++ b/pkg/oidc/client/authcode.go @@ -29,7 +29,6 @@ type GetTokenByAuthCodeInput struct { State string Nonce string PKCEParams pkce.Params - RedirectURLHostname string // DEPRECATED AuthRequestExtraParams map[string]string LocalServerSuccessHTML string LocalServerCertFile string @@ -50,7 +49,6 @@ func (c *client) GetTokenByAuthCode(ctx context.Context, in GetTokenByAuthCodeIn TokenRequestOptions: tokenRequestOptions(in.PKCEParams), LocalServerBindAddress: in.BindAddress, LocalServerReadyChan: localServerReadyChan, - RedirectURLHostname: in.RedirectURLHostname, LocalServerSuccessHTML: in.LocalServerSuccessHTML, LocalServerCertFile: in.LocalServerCertFile, LocalServerKeyFile: in.LocalServerKeyFile, diff --git a/pkg/usecases/authentication/authcode/browser.go b/pkg/usecases/authentication/authcode/browser.go index 23879e6..6d35c79 100644 --- a/pkg/usecases/authentication/authcode/browser.go +++ b/pkg/usecases/authentication/authcode/browser.go @@ -19,7 +19,6 @@ type BrowserOption struct { BindAddress []string AuthenticationTimeout time.Duration OpenURLAfterAuthentication string - RedirectURLHostname string // DEPRECATED AuthRequestExtraParams map[string]string LocalServerCertFile string LocalServerKeyFile string @@ -54,7 +53,6 @@ func (u *Browser) Do(ctx context.Context, o *BrowserOption, oidcClient client.In State: state, Nonce: nonce, PKCEParams: pkceParams, - RedirectURLHostname: o.RedirectURLHostname, AuthRequestExtraParams: o.AuthRequestExtraParams, LocalServerSuccessHTML: successHTML, LocalServerCertFile: o.LocalServerCertFile,