fix: missing expiration_time field isn't a problem for executables

Change-Id: Ib19e3d9dcd8a4c41afebf2a1fb97429617eef86b
GitHub-Last-Rev: 96eb2344de
GitHub-Pull-Request: golang/oauth2#576
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/418434
Reviewed-by: Leo Siracusa <leosiracusa@google.com>
Run-TryBot: Cody Oss <codyoss@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Cody Oss <codyoss@google.com>
This commit is contained in:
Ryan Kohler 2022-08-05 21:01:37 +00:00 committed by Cody Oss
parent 128564f695
commit 8227340efa
2 changed files with 18 additions and 18 deletions

View File

@ -178,7 +178,7 @@ type executableResponse struct {
Message string `json:"message,omitempty"`
}
func parseSubjectTokenFromSource(response []byte, source string, now int64) (string, error) {
func (cs executableCredentialSource) parseSubjectTokenFromSource(response []byte, source string, now int64) (string, error) {
var result executableResponse
if err := json.Unmarshal(response, &result); err != nil {
return "", jsonParsingError(source, string(response))
@ -203,7 +203,7 @@ func parseSubjectTokenFromSource(response []byte, source string, now int64) (str
return "", unsupportedVersionError(source, result.Version)
}
if result.ExpirationTime == 0 {
if result.ExpirationTime == 0 && cs.OutputFile != "" {
return "", missingFieldError(source, "expiration_time")
}
@ -211,7 +211,7 @@ func parseSubjectTokenFromSource(response []byte, source string, now int64) (str
return "", missingFieldError(source, "token_type")
}
if result.ExpirationTime < now {
if result.ExpirationTime != 0 && result.ExpirationTime < now {
return "", tokenExpiredError()
}
@ -259,7 +259,7 @@ func (cs executableCredentialSource) getTokenFromOutputFile() (token string, err
return "", nil
}
token, err = parseSubjectTokenFromSource(data, outputFileSource, cs.env.now().Unix())
token, err = cs.parseSubjectTokenFromSource(data, outputFileSource, cs.env.now().Unix())
if err != nil {
if _, ok := err.(nonCacheableError); ok {
// If the cached token is expired we need a new token,
@ -304,5 +304,5 @@ func (cs executableCredentialSource) getTokenFromExecutableCommand() (string, er
if err != nil {
return "", err
}
return parseSubjectTokenFromSource(output, executableSource, cs.env.now().Unix())
return cs.parseSubjectTokenFromSource(output, executableSource, cs.env.now().Unix())
}

View File

@ -388,19 +388,6 @@ var failureTests = []struct {
expectedErr: missingFieldError(executableSource, "token_type"),
},
{
name: "Missing Expiration",
testEnvironment: testEnvironment{
envVars: executablesAllowed,
jsonResponse: &executableResponse{
Success: Bool(true),
Version: 1,
TokenType: "urn:ietf:params:oauth:token-type:jwt",
},
},
expectedErr: missingFieldError(executableSource, "expiration_time"),
},
{
name: "Token Expired",
testEnvironment: testEnvironment{
@ -564,6 +551,19 @@ var successTests = []struct {
},
},
},
{
name: "Missing Expiration",
testEnvironment: testEnvironment{
envVars: executablesAllowed,
jsonResponse: &executableResponse{
Success: Bool(true),
Version: 1,
TokenType: "urn:ietf:params:oauth:token-type:jwt",
IdToken: "tokentokentoken",
},
},
},
}
func TestRetrieveExecutableSubjectTokenSuccesses(t *testing.T) {