diff --git a/pkg/auth/auth_context.go b/pkg/auth/auth_context.go index b6f757480..57c27a217 100644 --- a/pkg/auth/auth_context.go +++ b/pkg/auth/auth_context.go @@ -172,3 +172,16 @@ func GetOauth2Config(options config.OAuthOptions) (oauth2.Config, error) { }, }, nil } + +func GetL5Oauth2Config(mainConfig *oauth2.Config) oauth2.Config { + return oauth2.Config{ + RedirectURL: "https://flyte-rs.av.lyft.net/callback", + ClientID: mainConfig.ClientID, + ClientSecret: mainConfig.ClientSecret, + Scopes: []string{OidcScope, OfflineAccessType, ProfileScope}, + Endpoint: oauth2.Endpoint{ + AuthURL: mainConfig.Endpoint.AuthURL, + TokenURL: mainConfig.Endpoint.TokenURL, + }, + } +} diff --git a/pkg/auth/handlers.go b/pkg/auth/handlers.go index 3ea1092ff..5ce8195e1 100644 --- a/pkg/auth/handlers.go +++ b/pkg/auth/handlers.go @@ -68,6 +68,7 @@ func RefreshTokensIfExists(ctx context.Context, authContext interfaces.Authentic } func GetLoginHandler(ctx context.Context, authContext interfaces.AuthenticationContext) http.HandlerFunc { + l5OauthConfig := GetL5Oauth2Config(authContext.OAuth2Config()) return func(writer http.ResponseWriter, request *http.Request) { csrfCookie := NewCsrfCookie() csrfToken := csrfCookie.Value @@ -81,6 +82,10 @@ func GetLoginHandler(ctx context.Context, authContext interfaces.AuthenticationC redirectCookie := NewRedirectCookie(ctx, flowEndRedirectURL) if redirectCookie != nil { http.SetCookie(writer, redirectCookie) + // Special hack for L5 to last til the end of Q1 + if flowEndRedirectURL == "https://flyte-rs.av.lyft.net/console" { + url = l5OauthConfig.AuthCodeURL(state) + } } else { logger.Errorf(ctx, "Was not able to create a redirect cookie") }