pomdtr.me / smallweb
this repo has no description smallweb.run
smallweb
4
fork

Configure Feed

Select the types of activity you want to include in your feed.

don't redirect if on oauth2config failure

pomdtr 60279bd6 291fde8f

+18 -10
+18 -10
cmd/up.go
··· 715 715 716 716 oauth2Config, err := me.Oauth2Config(r.Host) 717 717 if err != nil { 718 - http.Redirect(w, r, fmt.Sprintf("https://%s/_smallweb/signin", r.Host), http.StatusTemporaryRedirect) 718 + http.Error(w, fmt.Sprintf("failed to get oauth2 config: %v", err), http.StatusInternalServerError) 719 719 return 720 720 } 721 721 ··· 732 732 return 733 733 } 734 734 735 - if me.Provider() == nil { 735 + provider, ok := me.Provider() 736 + if !ok { 736 737 http.Error(w, "oidc provider not found", http.StatusInternalServerError) 737 738 return 738 739 } 739 740 740 - verifier := me.Provider().Verifier(&oidc.Config{ClientID: r.Host}) 741 + verifier := provider.Verifier(&oidc.Config{ClientID: r.Host}) 741 742 idToken, err := verifier.Verify(r.Context(), rawIdToken) 742 743 if err != nil { 743 744 http.Redirect(w, r, fmt.Sprintf("https://%s/_smallweb/signin", r.Host), http.StatusTemporaryRedirect) ··· 842 843 } 843 844 844 845 func (me *Handler) extractClaims(r *http.Request) (Claims, error) { 845 - if me.Provider() == nil { 846 + provider, ok := me.Provider() 847 + if !ok { 846 848 return Claims{ 847 849 Email: r.Header.Get("Remote-Email"), 848 850 Group: r.Header.Get("Remote-Group"), ··· 856 858 return Claims{}, fmt.Errorf("id token not found") 857 859 } 858 860 859 - verifier := me.Provider().Verifier(&oidc.Config{ClientID: fmt.Sprintf("https://%s", r.Host)}) 861 + verifier := provider.Verifier(&oidc.Config{ClientID: fmt.Sprintf("https://%s", r.Host)}) 860 862 idToken, err := verifier.Verify(r.Context(), idTokenCookie.Value) 861 863 if err != nil { 862 864 return Claims{}, fmt.Errorf("failed to verify id token: %v", err) ··· 898 900 return "", false, false 899 901 } 900 902 901 - func (me *Handler) Provider() *oidc.Provider { 903 + func (me *Handler) Provider() (*oidc.Provider, bool) { 902 904 me.oidcMu.Lock() 903 905 defer me.oidcMu.Unlock() 904 906 905 907 if me.oidcIssuerUrl == nil { 906 - return nil 908 + return nil, false 907 909 } 908 910 909 911 if me.oidcProvider == nil { 910 912 provider, err := oidc.NewProvider(context.Background(), me.oidcIssuerUrl.String()) 911 913 if err != nil { 912 - return nil 914 + me.logger.Error("failed to create oidc provider", "error", err) 915 + return nil, false 913 916 } 914 917 915 918 me.oidcProvider = provider 916 919 } 917 920 918 - return me.oidcProvider 921 + return me.oidcProvider, true 919 922 } 920 923 921 924 func (me *Handler) Oauth2Config(host string) (*oauth2.Config, error) { 922 925 clientID := fmt.Sprintf("https://%s", host) 926 + provider, ok := me.Provider() 927 + if !ok { 928 + return nil, fmt.Errorf("oidc provider not set") 929 + } 930 + 923 931 return &oauth2.Config{ 924 932 ClientID: clientID, 925 933 Scopes: []string{"openid", "email", "profile", "groups"}, 926 934 RedirectURL: fmt.Sprintf("https://%s/_smallweb/oauth/callback", host), 927 - Endpoint: me.Provider().Endpoint(), 935 + Endpoint: provider.Endpoint(), 928 936 }, nil 929 937 } 930 938