diff options
-rw-r--r-- | api/oauth_test.go | 27 | ||||
-rw-r--r-- | api4/oauth.go | 3 | ||||
-rw-r--r-- | api4/params.go | 2 | ||||
-rw-r--r-- | app/oauth.go | 15 | ||||
-rw-r--r-- | model/oauth.go | 1 |
5 files changed, 40 insertions, 8 deletions
diff --git a/api/oauth_test.go b/api/oauth_test.go index 9e5102b97..014facb44 100644 --- a/api/oauth_test.go +++ b/api/oauth_test.go @@ -517,7 +517,17 @@ func TestOAuthAccessToken(t *testing.T) { th := Setup().InitBasic() Client := th.BasicClient + enableOAuth := utils.Cfg.ServiceSettings.EnableOAuthServiceProvider + adminOnly := *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations + defer func() { + utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly + utils.SetDefaultRolesBasedOnConfig() + }() utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = true + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false + utils.SetDefaultRolesBasedOnConfig() + oauthApp := &model.OAuthApp{Name: "TestApp5" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} oauthApp = Client.Must(Client.RegisterApp(oauthApp)).Data.(*model.OAuthApp) @@ -593,6 +603,8 @@ func TestOAuthAccessToken(t *testing.T) { rsp := result.Data.(*model.AccessResponse) if len(rsp.AccessToken) == 0 { t.Fatal("access token not returned") + } else if len(rsp.RefreshToken) == 0 { + t.Fatal("refresh token not returned") } else { token = rsp.AccessToken refreshToken = rsp.RefreshToken @@ -644,8 +656,21 @@ func TestOAuthAccessToken(t *testing.T) { } data.Set("refresh_token", refreshToken) - if _, err := Client.GetAccessToken(data); err != nil { + if result, err := Client.GetAccessToken(data); err != nil { t.Fatal(err) + } else { + rsp := result.Data.(*model.AccessResponse) + if len(rsp.AccessToken) == 0 { + t.Fatal("access token not returned") + } else if len(rsp.RefreshToken) == 0 { + t.Fatal("refresh token not returned") + } else if rsp.RefreshToken == refreshToken { + t.Fatal("refresh token did not update") + } + + if rsp.TokenType != model.ACCESS_TOKEN_TYPE { + t.Fatal("access token type incorrect") + } } authData := &model.AuthData{ClientId: oauthApp.Id, RedirectUri: oauthApp.CallbackUrls[0], UserId: th.BasicUser.Id, Code: model.NewId(), ExpiresIn: -1} diff --git a/api4/oauth.go b/api4/oauth.go index 3ace501e4..33c166da4 100644 --- a/api4/oauth.go +++ b/api4/oauth.go @@ -417,6 +417,9 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) { } else if action == model.OAUTH_ACTION_SSO_TO_EMAIL { redirectUrl = app.GetProtocol(r) + "://" + r.Host + "/claim?email=" + url.QueryEscape(props["email"]) + } else if action == model.OAUTH_ACTION_MOBILE { + ReturnStatusOK(w) + return } else { session, err := app.DoLogin(w, r, user, "") if err != nil { diff --git a/api4/params.go b/api4/params.go index 5febf06fb..785b2267b 100644 --- a/api4/params.go +++ b/api4/params.go @@ -105,7 +105,7 @@ func ApiParamsFromRequest(r *http.Request) *ApiParams { } if val, ok := props["service"]; ok { - params.Category = val + params.Service = val } if val, ok := props["preference_name"]; ok { diff --git a/app/oauth.go b/app/oauth.go index 2c8a1c91f..5bbe744d9 100644 --- a/app/oauth.go +++ b/app/oauth.go @@ -190,9 +190,10 @@ func GetOAuthAccessToken(clientId, grantType, redirectUri, code, secret, refresh } else { //return the same token and no need to create a new session accessRsp = &model.AccessResponse{ - AccessToken: accessData.Token, - TokenType: model.ACCESS_TOKEN_TYPE, - ExpiresIn: int32((accessData.ExpiresAt - model.GetMillis()) / 1000), + AccessToken: accessData.Token, + TokenType: model.ACCESS_TOKEN_TYPE, + RefreshToken: accessData.RefreshToken, + ExpiresIn: int32((accessData.ExpiresAt - model.GetMillis()) / 1000), } } } else { @@ -273,15 +274,17 @@ func newSessionUpdateToken(appName string, accessData *model.AccessData, user *m } accessData.Token = session.Token + accessData.RefreshToken = model.NewId() accessData.ExpiresAt = session.ExpiresAt if result := <-Srv.Store.OAuth().UpdateAccessData(accessData); result.Err != nil { l4g.Error(result.Err) return nil, model.NewAppError("newSessionUpdateToken", "web.get_access_token.internal_saving.app_error", nil, "", http.StatusInternalServerError) } accessRsp := &model.AccessResponse{ - AccessToken: session.Token, - TokenType: model.ACCESS_TOKEN_TYPE, - ExpiresIn: int32(*utils.Cfg.ServiceSettings.SessionLengthSSOInDays * 60 * 60 * 24), + AccessToken: session.Token, + RefreshToken: accessData.RefreshToken, + TokenType: model.ACCESS_TOKEN_TYPE, + ExpiresIn: int32(*utils.Cfg.ServiceSettings.SessionLengthSSOInDays * 60 * 60 * 24), } return accessRsp, nil diff --git a/model/oauth.go b/model/oauth.go index 6a3561ed9..3139aefed 100644 --- a/model/oauth.go +++ b/model/oauth.go @@ -16,6 +16,7 @@ const ( OAUTH_ACTION_LOGIN = "login" OAUTH_ACTION_EMAIL_TO_SSO = "email_to_sso" OAUTH_ACTION_SSO_TO_EMAIL = "sso_to_email" + OAUTH_ACTION_MOBILE = "mobile" ) type OAuthApp struct { |