downscope: minor tweaks

2021-06-16 12:14:24 -07:00 · 2021-06-16 12:14:24 -07:00 · b594a6032e
parent 776a9ed8a3
commit b594a6032e
2 changed files with 7 additions and 7 deletions
--- a/google/downscope/downscoping.go
+++ b/google/downscope/downscoping.go
@ -23,7 +23,7 @@ import (
 )
 const (
-	identityBindingEndpoint = "https://sts.googleapis.com/v1beta/token"
+	identityBindingEndpoint = "https://sts.googleapis.com/v1/token"
 )
 type accessBoundary struct {
@ -122,7 +122,7 @@ func downscopedTokenWithEndpoint(ctx context.Context, config DownscopingConfig,
 	form.Add("subject_token_type", "urn:ietf:params:oauth:token-type:access_token")
 	form.Add("requested_token_type", "urn:ietf:params:oauth:token-type:access_token")
 	form.Add("subject_token", tok.AccessToken)
-	form.Add("options", url.QueryEscape(string(b)))
+	form.Add("options", string(b))
 	myClient := oauth2.NewClient(ctx, nil)
 	resp, err := myClient.PostForm(endpoint, form)
@ -148,17 +148,17 @@ func downscopedTokenWithEndpoint(ctx context.Context, config DownscopingConfig,
 	// a token derived from a users token (3LO) does not.
 	// The following code uses the time remaining on rootToken for a user as the value for the
 	// derived token's lifetime
-	var expiry_time time.Time
+	var expiryTime time.Time
 	if tresp.ExpiresIn > 0 {
-		expiry_time = time.Now().Add(time.Duration(time.Duration(tresp.ExpiresIn) * time.Second))
+		expiryTime = time.Now().Add(time.Duration(tresp.ExpiresIn) * time.Second)
 	} else {
-		expiry_time = tok.Expiry
+		expiryTime = tok.Expiry
 	}
 	newToken := &oauth2.Token{
 		AccessToken: tresp.AccessToken,
 		TokenType:   tresp.TokenType,
-		Expiry:      expiry_time,
+		Expiry:      expiryTime,
 	}
 	return oauth2.StaticTokenSource(newToken), nil
 }
--- a/google/downscope/downscoping_test.go
+++ b/google/downscope/downscoping_test.go
@ -15,7 +15,7 @@ import (
 )
 var (
-	standardReqBody  = "grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Atoken-exchange&options=%257B%2522accessBoundary%2522%253A%257B%2522accessBoundaryRules%2522%253A%255B%257B%2522availableResource%2522%253A%2522test1%2522%252C%2522availablePermissions%2522%253A%255B%2522Perm1%2522%252C%2522Perm2%2522%255D%257D%255D%257D%257D&requested_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Aaccess_token&subject_token=Mellon&subject_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Aaccess_token"
+	standardReqBody  = "grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Atoken-exchange&options=%7B%22accessBoundary%22%3A%7B%22accessBoundaryRules%22%3A%5B%7B%22availableResource%22%3A%22test1%22%2C%22availablePermissions%22%3A%5B%22Perm1%22%2C%22Perm2%22%5D%7D%5D%7D%7D&requested_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Aaccess_token&subject_token=Mellon&subject_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Aaccess_token"
 	standardRespBody = `{"access_token":"Open Sesame","expires_in":432,"issued_token_type":"urn:ietf:params:oauth:token-type:access_token","token_type":"Bearer"}`
 )