Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce safe host parsing function #63

Merged
merged 6 commits into from
Oct 8, 2024
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 16 additions & 15 deletions examples_test.go
Original file line number Diff line number Diff line change
@@ -1,29 +1,30 @@
package oauth_test

import (
"fmt"
"os"
"fmt"
"os"

"github.com/cli/oauth"
"github.com/cli/oauth"
)

// DetectFlow attempts to initiate OAuth Device flow with the server and falls back to OAuth Web
// application flow if Device flow seems unsupported. This approach isn't strictly needed for
// github.com, as its Device flow support is globally available, but it enables logging in to
// self-hosted GitHub instances as well.
func ExampleFlow_DetectFlow() {
flow := &oauth.Flow{
Host: oauth.GitHubHost("https://github.com"),
ClientID: os.Getenv("OAUTH_CLIENT_ID"),
ClientSecret: os.Getenv("OAUTH_CLIENT_SECRET"), // only applicable to web app flow
CallbackURI: "http://127.0.0.1/callback", // only applicable to web app flow
Scopes: []string{"repo", "read:org", "gist"},
}
host, err := oauth.NewGitHubHost("https://github.com")
mouismail marked this conversation as resolved.
Show resolved Hide resolved
flow := &oauth.Flow{
Host: host,
ClientID: os.Getenv("OAUTH_CLIENT_ID"),
ClientSecret: os.Getenv("OAUTH_CLIENT_SECRET"), // only applicable to web app flow
CallbackURI: "http://127.0.0.1/callback", // only applicable to web app flow
Scopes: []string{"repo", "read:org", "gist"},
}

accessToken, err := flow.DetectFlow()
if err != nil {
panic(err)
}
accessToken, err := flow.DetectFlow()
if err != nil {
panic(err)
}

fmt.Printf("Access token: %s\n", accessToken.Token)
fmt.Printf("Access token: %s\n", accessToken.Token)
}
20 changes: 20 additions & 0 deletions oauth.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"io"
"net/http"
"net/url"
"strings"

"github.com/cli/oauth/api"
"github.com/cli/oauth/device"
Expand All @@ -24,6 +25,25 @@ type Host struct {
TokenURL string
}

func NewGitHubHost(hostURL string) (*Host, error) {
mouismail marked this conversation as resolved.
Show resolved Hide resolved
base, err := url.Parse(strings.TrimSpace(hostURL))
if err != nil {
return nil, err
}

createURL := func(path string) string {
u := *base // Copy base URL
u.Path = path
return u.String()
}

return &Host{
DeviceCodeURL: createURL("/login/device/code"),
AuthorizeURL: createURL("/login/oauth/authorize"),
TokenURL: createURL("/login/oauth/access_token"),
BagToad marked this conversation as resolved.
Show resolved Hide resolved
}, nil
}

// GitHubHost constructs a Host from the given URL to a GitHub instance.
mouismail marked this conversation as resolved.
Show resolved Hide resolved
func GitHubHost(hostURL string) *Host {
u, _ := url.Parse(hostURL)
Expand Down
7 changes: 6 additions & 1 deletion oauth_device.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,14 @@ func (oa *Flow) DeviceFlow() (*api.AccessToken, error) {
if stdout == nil {
stdout = os.Stdout
}

host := oa.Host
if host == nil {
host = GitHubHost("https://" + oa.Hostname)
host, err := NewGitHubHost("https://" + oa.Hostname)
if err != nil {
return nil, fmt.Errorf("error parsing the hostname '%s': %w", host, err)
}
oa.Host = host
jtmcg marked this conversation as resolved.
Show resolved Hide resolved
}

code, err := device.RequestCode(httpClient, host.DeviceCodeURL, oa.ClientID, oa.Scopes)
Expand Down
7 changes: 6 additions & 1 deletion oauth_webapp.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,13 @@ import (
// flow, blocks until the user completes authorization and is redirected back, and returns the access token.
func (oa *Flow) WebAppFlow() (*api.AccessToken, error) {
host := oa.Host

if host == nil {
host = GitHubHost("https://" + oa.Hostname)
host, err := NewGitHubHost("https://" + oa.Hostname)
if err != nil {
return nil, fmt.Errorf("error parsing the hostname '%s': %w", host, err)
}
oa.Host = host
mouismail marked this conversation as resolved.
Show resolved Hide resolved
}

flow, err := webapp.InitFlow()
Expand Down