fix(oauth): remove expiry time copy logic EE-1085

3 years ago · 56f569efe1
parent 665bf2c887
commit 56f569efe1
4 changed files with 13 additions and 24 deletions
--- a/api/http/handler/auth/authenticate.go
+++ b/api/http/handler/auth/authenticate.go
@ -5,7 +5,6 @@ import (
 	"log"
 	"net/http"
 	"strings"
-	"time"

 	"github.com/asaskevich/govalidator"
 	httperror "github.com/portainer/libhttp/error"
@ -134,14 +133,6 @@ func (handler *Handler) writeToken(w http.ResponseWriter, user *portainer.User)
 	return handler.persistAndWriteToken(w, composeTokenData(user))
 }

-func (handler *Handler) writeTokenForOAuth(w http.ResponseWriter, user *portainer.User, expiryTime *time.Time) *httperror.HandlerError {
-	token, err := handler.JWTService.GenerateTokenForOAuth(composeTokenData(user), expiryTime)
-	if err != nil {
-		return &httperror.HandlerError{StatusCode: http.StatusInternalServerError, Message: "Unable to generate JWT token", Err: err}
-	}
-	return response.JSON(w, &authenticateResponse{JWT: token})
-}
-
 func (handler *Handler) persistAndWriteToken(w http.ResponseWriter, tokenData *portainer.TokenData) *httperror.HandlerError {
 	token, err := handler.JWTService.GenerateToken(tokenData)
 	if err != nil {
--- a/api/http/handler/auth/authenticate_oauth.go
+++ b/api/http/handler/auth/authenticate_oauth.go
@ -4,7 +4,6 @@ import (
 	"errors"
 	"log"
 	"net/http"
-	"time"

 	"github.com/asaskevich/govalidator"
 	httperror "github.com/portainer/libhttp/error"
@ -26,21 +25,21 @@ func (payload *oauthPayload) Validate(r *http.Request) error {
 	return nil
 }

-func (handler *Handler) authenticateOAuth(code string, settings *portainer.OAuthSettings) (string, *time.Time, error) {
+func (handler *Handler) authenticateOAuth(code string, settings *portainer.OAuthSettings) (string, error) {
 	if code == "" {
-		return "", nil, errors.New("Invalid OAuth authorization code")
+		return "", errors.New("Invalid OAuth authorization code")
 	}

 	if settings == nil {
-		return "", nil, errors.New("Invalid OAuth configuration")
+		return "", errors.New("Invalid OAuth configuration")
 	}

-	username, expiryTime, err := handler.OAuthService.Authenticate(code, settings)
+	username, err := handler.OAuthService.Authenticate(code, settings)
 	if err != nil {
-		return "", nil, err
+		return "", err
 	}

-	return username, expiryTime, nil
+	return username, nil
 }

 // @id ValidateOAuth
@ -70,7 +69,7 @@ func (handler *Handler) validateOAuth(w http.ResponseWriter, r *http.Request) *h
 		return &httperror.HandlerError{StatusCode: http.StatusForbidden, Message: "OAuth authentication is not enabled", Err: errors.New("OAuth authentication is not enabled")}
 	}

-	username, expiryTime, err := handler.authenticateOAuth(payload.Code, &settings.OAuthSettings)
+	username, err := handler.authenticateOAuth(payload.Code, &settings.OAuthSettings)
 	if err != nil {
 		log.Printf("[DEBUG] - OAuth authentication error: %s", err)
 		return &httperror.HandlerError{StatusCode: http.StatusInternalServerError, Message: "Unable to authenticate through OAuth", Err: httperrors.ErrUnauthorized}
@ -111,5 +110,5 @@ func (handler *Handler) validateOAuth(w http.ResponseWriter, r *http.Request) *h

 	}

-	return handler.writeTokenForOAuth(w, user, expiryTime)
+	return handler.writeToken(w, user)
 }
--- a/api/oauth/oauth.go
+++ b/api/oauth/oauth.go
@ -9,7 +9,6 @@ import (
 	"mime"
 	"net/http"
 	"net/url"
-	"time"

 	"golang.org/x/oauth2"

@ -27,18 +26,18 @@ func NewService() *Service {
 // Authenticate takes an access code and exchanges it for an access token from portainer OAuthSettings token endpoint.
 // On success, it will then return the username and token expiry time associated to authenticated user by fetching this information
 // from the resource server and matching it with the user identifier setting.
-func (*Service) Authenticate(code string, configuration *portainer.OAuthSettings) (string, *time.Time, error) {
+func (*Service) Authenticate(code string, configuration *portainer.OAuthSettings) (string, error) {
 	token, err := getOAuthToken(code, configuration)
 	if err != nil {
 		log.Printf("[DEBUG] - Failed retrieving access token: %v", err)
-		return "", nil, err
+		return "", err
 	}
 	username, err := getUsername(token.AccessToken, configuration)
 	if err != nil {
 		log.Printf("[DEBUG] - Failed retrieving oauth user name: %v", err)
-		return "", nil, err
+		return "", err
 	}
-	return username, &token.Expiry, nil
+	return username, nil
 }

 func getOAuthToken(code string, configuration *portainer.OAuthSettings) (*oauth2.Token, error) {
--- a/api/portainer.go
+++ b/api/portainer.go
@ -1217,7 +1217,7 @@ type (

 	// OAuthService represents a service used to authenticate users using OAuth
 	OAuthService interface {
-		Authenticate(code string, configuration *OAuthSettings) (string, *time.Time, error)
+		Authenticate(code string, configuration *OAuthSettings) (string, error)
 	}

 	// RegistryService represents a service for managing registry data