Preston_PLB
/
oauth2
forked from Mirrors/oauth2
1
0
Fork 0
Code Pull Requests Activity

oauth2: long if condition in providerAuthHeaderWorks replaced with loop 

Long if condition replaced with loop.

Related to issue #41.

Change-Id: Ib5b88ce2ee2841e9b6c24d78f93bb027141bf678
Reviewed-on: https://go-review.googlesource.com/7290
Reviewed-by: Andrew Gerrand <adg@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
This commit is contained in:
Nikolay Turpitko 2015-03-10 14:28:17 +06:00 committed by Burcu Dogan
parent 6d4eed4495
commit 2167774341
2 changed files with 37 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
oauth2.go
View File

@ -414,6 +414,21 @@ func condVal(v string) []string {
return []string{v} return []string{v}
} }
var brokenAuthHeaderProviders = []string{
"https://accounts.google.com/",
"https://www.googleapis.com/",
"https://github.com/",
"https://api.instagram.com/",
"https://www.douban.com/",
"https://api.dropbox.com/",
"https://api.soundcloud.com/",
"https://www.linkedin.com/",
"https://api.twitch.tv/",
"https://oauth.vk.com/",
"https://api.odnoklassniki.ru/",
"https://connect.stripe.com/",
}
// providerAuthHeaderWorks reports whether the OAuth2 server identified by the tokenURL // providerAuthHeaderWorks reports whether the OAuth2 server identified by the tokenURL
// implements the OAuth2 spec correctly // implements the OAuth2 spec correctly
// See https://code.google.com/p/goauth2/issues/detail?id=31 for background. // See https://code.google.com/p/goauth2/issues/detail?id=31 for background.
@ -423,21 +438,12 @@ func condVal(v string) []string {
// - Google only accepts URL param (not spec compliant?), not Auth header // - Google only accepts URL param (not spec compliant?), not Auth header
// - Stripe only accepts client secret in Auth header with Bearer method, not Basic // - Stripe only accepts client secret in Auth header with Bearer method, not Basic
func providerAuthHeaderWorks(tokenURL string) bool { func providerAuthHeaderWorks(tokenURL string) bool {
if strings.HasPrefix(tokenURL, "https://accounts.google.com/") || for _, s := range brokenAuthHeaderProviders {
strings.HasPrefix(tokenURL, "https://www.googleapis.com/") || if strings.HasPrefix(tokenURL, s) {
strings.HasPrefix(tokenURL, "https://github.com/") ||
strings.HasPrefix(tokenURL, "https://api.instagram.com/") ||
strings.HasPrefix(tokenURL, "https://www.douban.com/") ||
strings.HasPrefix(tokenURL, "https://api.dropbox.com/") ||
strings.HasPrefix(tokenURL, "https://api.soundcloud.com/") ||
strings.HasPrefix(tokenURL, "https://www.linkedin.com/") ||
strings.HasPrefix(tokenURL, "https://api.twitch.tv/") ||
strings.HasPrefix(tokenURL, "https://oauth.vk.com/") ||
strings.HasPrefix(tokenURL, "http://api.odnoklassniki.ru/") ||
strings.HasPrefix(tokenURL, "https://connect.stripe.com/") {
// Some sites fail to implement the OAuth2 spec fully. // Some sites fail to implement the OAuth2 spec fully.
return false return false
} }
}
// Assume the provider implements the spec properly // Assume the provider implements the spec properly
// otherwise. We can add more exceptions as they're // otherwise. We can add more exceptions as they're

17
oauth2_test.go
View File

@ -407,3 +407,20 @@ func TestConfigClientWithToken(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
func Test_providerAuthHeaderWorks(t *testing.T) {
for _, p := range brokenAuthHeaderProviders {
if providerAuthHeaderWorks(p) {
t.Errorf("URL: %s not found in list", p)
}
p := fmt.Sprintf("%ssomesuffix", p)
if providerAuthHeaderWorks(p) {
t.Errorf("URL: %s not found in list", p)
}
}
p := "https://api.not-in-the-list-example.com/"
if !providerAuthHeaderWorks(p) {
t.Errorf("URL: %s found in list", p)
}
}