[GitHub] [trafficcontrol] srijeet0406 commented on a diff in pull request #7619: Oauth go dependency change

Fri, 07 Jul 2023 13:37:05 -0700 


srijeet0406 commented on code in PR #7619:
URL: https://github.com/apache/trafficcontrol/pull/7619#discussion_r1256438286


##########
docs/source/admin/traffic_ops.rst:
##########
@@ -428,6 +428,7 @@ This file deals with the configuration parameters of 
running Traffic Ops itself.
        :log_location_warning: This optional field, if specified, should either 
be the location of a file to which warning-level output will be logged, or one 
of the special strings ``"stdout"`` which indicates that STDOUT should be used, 
``"stderr"`` which indicates that STDERR should be used or ``"null"`` which 
indicates that no output of this level should be generated. An empty string 
(``""``) and literally ``null`` are equivalent to ``"null"``. Default if not 
specified is ``"null"``.
        :max_db_connections: An optional limit on the number of allowed 
concurrent connections to the Traffic Ops Database. If it is less than or equal 
to zero, there is no limit. Default if not specified is zero.
        :oauth_client_secret: An optional secret string to be shared with 
OAuth-capable clients attempting to authenticate via OAuth. The default 
behavior if this is not defined - or is an empty string (``""``) or ``null`` is 
to disallow authentication via OAuth.
+       :oauth_user_attribute: An optional username string to be shared with 
OAuth-capable clients attempting to authenticate via OAuth. The default 
behavior if this is not defined - or is an empty string (``""``) or ``null`` is 
to disallow authentication via OAuth.

Review Comment:
   The `-` should probably be in ````



##########
traffic_ops/traffic_ops_golang/login/login.go:
##########
@@ -483,17 +483,29 @@ func OauthLoginHandler(db *sqlx.DB, cfg config.Config) 
http.HandlerFunc {
                        return
                }
 
-               decodedToken, err := jwt.Parse(
+               var decodedToken jwt.Token
+               if decodedToken, err = jwt.Parse(
                        []byte(encodedToken),
                        jwt.WithVerifyAuto(true),
                        jwt.WithJWKSetFetcher(jwksFetcher),
-               )
-               if err != nil {
-                       api.HandleErr(w, r, nil, 
http.StatusInternalServerError, nil, fmt.Errorf("Error decoding token with 
message: %w", err))
-                       return
+               ); err != nil {
+                       if decodedToken, err = jwt.Parse(
+                               []byte(encodedToken),
+                               jwt.WithVerifyAuto(false),
+                               jwt.WithJWKSetFetcher(jwksFetcher),
+                       ); err != nil {
+                               api.HandleErr(w, r, nil, 
http.StatusInternalServerError, nil, fmt.Errorf("Error decoding token with 
message: %w", err))

Review Comment:
   I know this is not your code, but while you're in here, mind fixing the 
error statement to start with a lower case letter?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to