mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Operator login when openID provider is configured (#2533)

Browse Source
This commit is contained in:
Javier Adriel
2023-01-03 12:35:15 -06:00
committed by GitHub
parent 92123bd243
commit 25e486ef18
1 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
operatorapi/login.go
View File

@@ -18,6 +18,8 @@ package operatorapi
import (
"context"
"encoding/base64"
"encoding/json"
"fmt"
"math/rand"
"net/http"
@@ -161,6 +163,18 @@ func getLoginOauth2AuthResponse(params authApi.LoginOauth2AuthParams) (*models.L
lr := params.Body
if oauth2.IsIDPEnabled() {
decodedRState, err := base64.StdEncoding.DecodeString(*lr.State)
if err != nil {
return nil, restapi.ErrorWithContext(ctx, err)
}
var requestItems oauth2.LoginURLParams
err = json.Unmarshal(decodedRState, &requestItems)
if err != nil {
return nil, restapi.ErrorWithContext(ctx, err)
}
// initialize new oauth2 client
oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient(""))
if err != nil {
@@ -172,7 +186,7 @@ func getLoginOauth2AuthResponse(params authApi.LoginOauth2AuthParams) (*models.L
Client: oauth2Client,
}
// Validate user against IDP
_, err = verifyUserAgainstIDP(ctx, identityProvider, *lr.Code, *lr.State)
_, err = verifyUserAgainstIDP(ctx, identityProvider, *lr.Code, requestItems.State)
if err != nil {
return nil, restapi.ErrorWithContext(ctx, err)
}