OAuth workaround for L5 (#60)

flyteorg · Feb 3, 2020 · 5014bba · 5014bba
1 parent d3e4ec4
commit 5014bba
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/pkg/auth/auth_context.go b/pkg/auth/auth_context.go
@@ -172,3 +172,16 @@ func GetOauth2Config(options config.OAuthOptions) (oauth2.Config, error) {
 		},
 	}, nil
 }
+
+func GetL5Oauth2Config(mainConfig *oauth2.Config) oauth2.Config {
+	return oauth2.Config{
+		RedirectURL:  "https://flyte-rs.av.lyft.net/callback",
+		ClientID:     mainConfig.ClientID,
+		ClientSecret: mainConfig.ClientSecret,
+		Scopes:       []string{OidcScope, OfflineAccessType, ProfileScope},
+		Endpoint: oauth2.Endpoint{
+			AuthURL:  mainConfig.Endpoint.AuthURL,
+			TokenURL: mainConfig.Endpoint.TokenURL,
+		},
+	}
+}
diff --git a/pkg/auth/handlers.go b/pkg/auth/handlers.go
@@ -68,6 +68,7 @@ func RefreshTokensIfExists(ctx context.Context, authContext interfaces.Authentic
 }
 
 func GetLoginHandler(ctx context.Context, authContext interfaces.AuthenticationContext) http.HandlerFunc {
+	l5OauthConfig := GetL5Oauth2Config(authContext.OAuth2Config())
 	return func(writer http.ResponseWriter, request *http.Request) {
 		csrfCookie := NewCsrfCookie()
 		csrfToken := csrfCookie.Value
@@ -81,6 +82,10 @@ func GetLoginHandler(ctx context.Context, authContext interfaces.AuthenticationC
 			redirectCookie := NewRedirectCookie(ctx, flowEndRedirectURL)
 			if redirectCookie != nil {
 				http.SetCookie(writer, redirectCookie)
+				// Special hack for L5 to last til the end of Q1
+				if flowEndRedirectURL == "https://flyte-rs.av.lyft.net/console" {
+					url = l5OauthConfig.AuthCodeURL(state)
+				}
 			} else {
 				logger.Errorf(ctx, "Was not able to create a redirect cookie")
 			}