-
Notifications
You must be signed in to change notification settings - Fork 12
Fetch userinfos with access token (fixes #80) #89
Conversation
a230c57
to
6127102
Compare
b28edee
to
bcf8714
Compare
8afef35
to
c17cfa5
Compare
authn/authn.go
Outdated
// identity provider. | ||
func NewAuthenticator(idP string) (Authenticator, error) { | ||
if !strings.HasPrefix(idP, "https://") { | ||
return nil, fmt.Errorf("Identity provider %q not supported or has bad format", idP) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this error message would be better as, fmt.Errorf("Identify provider %q does not use the https scheme", idP)
. That is clearer what the failure/rejection reason is.
} | ||
return userinfo, nil | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
documentation for FetchUserInfo
?
authn/openid.go
Outdated
return nil, err | ||
} | ||
uri := config.UserInfoEndpoint | ||
log.Debugf("Fetch user info from %s", uri) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove this debug log line?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is an excellent refactor. I found the new interfaces and encapsulation makes the logic really easy to follow. Even without a deep understanding of the the protocols or context it is very readable.
Other than a few nitpicks +1
Fixes #80
Stretch goals (another PR if necessary)
jwtIssuer
to something more generic likeidentifyProvider