store user data in oauth-client and in sessions for issued tokens

TykTechnologies · Feb 5, 2019 · b8b9a1e · b8b9a1e
1 parent 5220853
commit b8b9a1e
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 10 deletions.
diff --git a/api.go b/api.go
@@ -1169,11 +1169,12 @@ func createKeyHandler(w http.ResponseWriter, r *http.Request) {
 
 // NewClientRequest is an outward facing JSON object translated from osin OAuthClients
 type NewClientRequest struct {
-	ClientID          string `json:"client_id"`
-	ClientRedirectURI string `json:"redirect_uri"`
-	APIID             string `json:"api_id"`
-	PolicyID          string `json:"policy_id"`
-	ClientSecret      string `json:"secret"`
+	ClientID          string      `json:"client_id"`
+	ClientRedirectURI string      `json:"redirect_uri"`
+	APIID             string      `json:"api_id"`
+	PolicyID          string      `json:"policy_id"`
+	ClientSecret      string      `json:"secret"`
+	UserData          interface{} `json:"user_data"`
 }
 
 func oauthClientStorageID(clientID string) string {
@@ -1212,6 +1213,7 @@ func createOauthClient(w http.ResponseWriter, r *http.Request) {
 		ClientRedirectURI: newOauthClient.ClientRedirectURI,
 		ClientSecret:      secret,
 		PolicyID:          newOauthClient.PolicyID,
+		UserData:          newOauthClient.UserData,
 	}
 
 	storageID := oauthClientStorageID(newClient.GetId())
@@ -1294,6 +1296,7 @@ func createOauthClient(w http.ResponseWriter, r *http.Request) {
 		ClientSecret:      newClient.GetSecret(),
 		ClientRedirectURI: newClient.GetRedirectUri(),
 		PolicyID:          newClient.GetPolicyID(),
+		UserData:          newClient.GetUserData(),
 	}
 
 	log.WithFields(logrus.Fields{
@@ -1450,6 +1453,7 @@ func getOauthClientDetails(keyName, apiID string) (interface{}, int) {
 		ClientSecret:      clientData.GetSecret(),
 		ClientRedirectURI: clientData.GetRedirectUri(),
 		PolicyID:          clientData.GetPolicyID(),
+		UserData:          clientData.GetUserData(),
 	}
 
 	log.WithFields(logrus.Fields{
@@ -1547,6 +1551,7 @@ func getOauthClients(apiID string) (interface{}, int) {
 			ClientSecret:      osinClient.GetSecret(),
 			ClientRedirectURI: osinClient.GetRedirectUri(),
 			PolicyID:          osinClient.GetPolicyID(),
+			UserData:          osinClient.GetUserData(),
 		}
 
 		clients = append(clients, reportableClientData)

diff --git a/oauth_manager.go b/oauth_manager.go
@@ -41,11 +41,11 @@ Effort required by Resource Owner:
 
 // OAuthClient is a representation within an APISpec of a client
 type OAuthClient struct {
-	ClientID          string `json:"id"`
-	ClientSecret      string `json:"secret"`
-	ClientRedirectURI string `json:"redirecturi"`
-	UserData          string `json:",omitempty"`
-	PolicyID          string `json:"policyid"`
+	ClientID          string      `json:"id"`
+	ClientSecret      string      `json:"secret"`
+	ClientRedirectURI string      `json:"redirecturi"`
+	UserData          interface{} `json:"user_data,omitempty"`
+	PolicyID          string      `json:"policyid"`
 }
 
 func (oc *OAuthClient) GetId() string {
@@ -321,6 +321,16 @@ func (o *OAuthManager) HandleAccess(r *http.Request) *osin.Response {
 			log.Debug("New token: ", new_token.(string))
 			log.Debug("Keys: ", session.OauthKeys)
 
+			// add oauth-client user_fields to session's meta
+			if userData := ar.Client.GetUserData(); userData != nil {
+				var ok bool
+				session.MetaData, ok = userData.(map[string]interface{})
+				if !ok {
+					log.WithField("oauthClientID", ar.Client.GetId()).
+						Error("Could not set session meta_data from oauth-client fields, type mismatch")
+				}
+			}
+
 			keyName := generateToken(o.API.OrgID, username)
 
 			log.Debug("Updating user:", keyName)