Skip to content

Commit

Permalink
feat: add state override
Browse files Browse the repository at this point in the history
  • Loading branch information
aeneasr committed Jul 6, 2023
1 parent 4db6416 commit b8b9154
Showing 1 changed file with 9 additions and 4 deletions.
13 changes: 9 additions & 4 deletions cmd/cmd_perform_authorization_code.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,15 +132,19 @@ and success, unless if the --no-shutdown flag is provided.`,
Scopes: scopes,
}

var generateAuthCodeURL = func() (string, []rune) {
state, err := randx.RuneSequence(24, randx.AlphaLower)
cmdx.Must(err, "Could not generate random state: %s", err)
var generateAuthCodeURL = func() (string, string) {
state := flagx.MustGetString(cmd, "state")
if len(state) == 0 {
generatedState, err := randx.RuneSequence(24, randx.AlphaLower)
cmdx.Must(err, "Could not generate random state: %s", err)
state = string(generatedState)
}

nonce, err := randx.RuneSequence(24, randx.AlphaLower)
cmdx.Must(err, "Could not generate random state: %s", err)

authCodeURL := conf.AuthCodeURL(
string(state),
state,
oauth2.SetAuthURLParam("audience", strings.Join(audience, "+")),
oauth2.SetAuthURLParam("nonce", string(nonce)),
oauth2.SetAuthURLParam("prompt", strings.Join(prompt, "+")),
Expand Down Expand Up @@ -295,6 +299,7 @@ and success, unless if the --no-shutdown flag is provided.`,
cmd.Flags().String("client-id", os.Getenv("OAUTH2_CLIENT_ID"), "Use the provided OAuth 2.0 Client ID, defaults to environment variable OAUTH2_CLIENT_ID")
cmd.Flags().String("client-secret", os.Getenv("OAUTH2_CLIENT_SECRET"), "Use the provided OAuth 2.0 Client Secret, defaults to environment variable OAUTH2_CLIENT_SECRET")

cmd.Flags().String("state", "", "Force a state value (insecure)")
cmd.Flags().String("redirect", "", "Force a redirect url")
cmd.Flags().StringSlice("audience", []string{}, "Request a specific OAuth 2.0 Access Token Audience")
cmd.Flags().String("auth-url", "", "Usually it is enough to specify the `endpoint` flag, but if you want to force the authorization url, use this flag")
Expand Down

0 comments on commit b8b9154

Please sign in to comment.