feat: add custom form_post response writer

Author: Levko Burburas

authorize_error.go

@@ -50,7 +50,9 @@ func (f *Fosite) WriteAuthorizeError(ctx context.Context, rw http.ResponseWriter
 	var redirectURIString string
 	if ar.GetResponseMode() == ResponseModeFormPost {
 		rw.Header().Set("Content-Type", "text/html;charset=UTF-8")
-		WriteAuthorizeFormPostResponse(redirectURI.String(), errors, GetPostFormHTMLTemplate(ctx, f), rw)
+
+		writeAuthorizeFormPostResponse := GetWriteAuthorizeFormPostResponse(ctx, f)
+		writeAuthorizeFormPostResponse(rw, GetPostFormHTMLTemplate(ctx, f), redirectURI.String(), errors)
 		return
 	} else if ar.GetResponseMode() == ResponseModeFragment {
 		redirectURIString = redirectURI.String() + "#" + errors.Encode()

authorize_helper.go

@@ -32,6 +32,16 @@ var DefaultFormPostTemplate = template.Must(template.New("form_post").Parse(`<ht
    </body>
 </html>`))
 
+func DefaultWriteAuthorizeFormPostResponse(rw io.Writer, template *template.Template, redirectURL string, parameters url.Values) {
+	_ = template.Execute(rw, struct {
+		RedirURL   string
+		Parameters url.Values
+	}{
+		RedirURL:   redirectURL,
+		Parameters: parameters,
+	})
+}
+
 // MatchRedirectURIWithClientRedirectURIs if the given uri is a registered redirect uri. Does not perform
 // uri validation.
 //
@@ -186,16 +196,6 @@ func IsLocalhost(redirectURI *url.URL) bool {
 	return strings.HasSuffix(hn, ".localhost") || hn == "127.0.0.1" || hn == "::1" || hn == "localhost"
 }
 
-func WriteAuthorizeFormPostResponse(redirectURL string, parameters url.Values, template *template.Template, rw io.Writer) {
-	_ = template.Execute(rw, struct {
-		RedirURL   string
-		Parameters url.Values
-	}{
-		RedirURL:   redirectURL,
-		Parameters: parameters,
-	})
-}
-
 // Deprecated: Do not use.
 func URLSetFragment(source *url.URL, fragment url.Values) {
 	var f string
@@ -217,3 +217,10 @@ func GetPostFormHTMLTemplate(ctx context.Context, f *Fosite) *template.Template
 	}
 	return DefaultFormPostTemplate
 }
+
+func GetWriteAuthorizeFormPostResponse(ctx context.Context, f *Fosite) func(rw io.Writer, template *template.Template, redirectURL string, parameters url.Values) {
+	if t := f.Config.GetWriteAuthorizeFormPostResponse(ctx); t != nil {
+		return t
+	}
+	return DefaultWriteAuthorizeFormPostResponse
+}

authorize_helper_test.go

@@ -283,7 +283,7 @@ func TestWriteAuthorizeFormPostResponse(t *testing.T) {
 		var responseBuffer bytes.Buffer
 		redirectURL := "https://localhost:8080/cb"
 		//parameters :=
-		fosite.WriteAuthorizeFormPostResponse(redirectURL, c.parameters, fosite.DefaultFormPostTemplate, &responseBuffer)
+		fosite.DefaultWriteAuthorizeFormPostResponse(&responseBuffer, fosite.DefaultFormPostTemplate, redirectURL, c.parameters)
 		code, state, _, _, customParams, _, err := internal.ParseFormPostResponse(redirectURL, ioutil.NopCloser(bytes.NewReader(responseBuffer.Bytes())))
 		assert.NoError(t, err, "case %d", d)
 		c.check(code, state, customParams, d)

authorize_write.go

@@ -24,7 +24,9 @@ func (f *Fosite) WriteAuthorizeResponse(ctx context.Context, rw http.ResponseWri
 	case ResponseModeFormPost:
 		//form_post
 		rw.Header().Add("Content-Type", "text/html;charset=UTF-8")
-		WriteAuthorizeFormPostResponse(redir.String(), resp.GetParameters(), GetPostFormHTMLTemplate(ctx, f), rw)
+
+		writeAuthorizeFormPostResponse := GetWriteAuthorizeFormPostResponse(ctx, f)
+		writeAuthorizeFormPostResponse(rw, GetPostFormHTMLTemplate(ctx, f), redir.String(), resp.GetParameters())
 		return
 	case ResponseModeQuery, ResponseModeDefault:
 		// Explicit grants

config.go

@@ -7,6 +7,7 @@ import (
 	"context"
 	"hash"
 	"html/template"
+	"io"
 	"net/url"
 	"time"
 
@@ -240,6 +241,12 @@ type FormPostHTMLTemplateProvider interface {
 	GetFormPostHTMLTemplate(ctx context.Context) *template.Template
 }
 
+// WriteAuthorizeFormPostResponseProvider returns the provider for writing authorize form_post response.
+type WriteAuthorizeFormPostResponseProvider interface {
+	// GetWriteAuthorizeFormPostResponse returns the returns the function for writing form_post response.
+	GetWriteAuthorizeFormPostResponse(ctx context.Context) func(rw io.Writer, template *template.Template, redirectURL string, parameters url.Values)
+}
+
 type TokenURLProvider interface {
 	// GetTokenURL returns the token URL.
 	GetTokenURL(ctx context.Context) string

config_default.go

@@ -7,6 +7,7 @@ import (
 	"context"
 	"hash"
 	"html/template"
+	"io"
 	"net/url"
 	"time"
 
@@ -52,6 +53,7 @@ var (
 	_ ResponseModeHandlerExtensionProvider         = (*Config)(nil)
 	_ MessageCatalogProvider                       = (*Config)(nil)
 	_ FormPostHTMLTemplateProvider                 = (*Config)(nil)
+	_ WriteAuthorizeFormPostResponseProvider       = (*Config)(nil)
 	_ TokenURLProvider                             = (*Config)(nil)
 	_ GetSecretsHashingProvider                    = (*Config)(nil)
 	_ HTTPClientProvider                           = (*Config)(nil)
@@ -160,6 +162,9 @@ type Config struct {
 	// FormPostHTMLTemplate sets html template for rendering the authorization response when the request has response_mode=form_post.
 	FormPostHTMLTemplate *template.Template
 
+	// WriteAuthorizeFormPostResponse renders authorize form_post response when the request has response_mode=form_post.
+	WriteAuthorizeFormPostResponse func(rw io.Writer, template *template.Template, redirectURL string, parameters url.Values)
+
 	// OmitRedirectScopeParam indicates whether the "scope" parameter should be omitted from the redirect URL.
 	OmitRedirectScopeParam bool
 
@@ -268,6 +273,10 @@ func (c *Config) GetFormPostHTMLTemplate(ctx context.Context) *template.Template
 	return c.FormPostHTMLTemplate
 }
 
+func (c *Config) GetWriteAuthorizeFormPostResponse(ctx context.Context) func(rw io.Writer, template *template.Template, redirectURL string, parameters url.Values) {
+	return c.WriteAuthorizeFormPostResponse
+}
+
 func (c *Config) GetMessageCatalog(ctx context.Context) i18n.MessageCatalog {
 	return c.MessageCatalog
 }

fosite.go

@@ -124,6 +124,7 @@ type Configurator interface {
 	ResponseModeHandlerExtensionProvider
 	MessageCatalogProvider
 	FormPostHTMLTemplateProvider
+	WriteAuthorizeFormPostResponseProvider
 	TokenURLProvider
 	GetSecretsHashingProvider
 	AuthorizeEndpointHandlersProvider

integration/authorize_form_post_test.go

@@ -208,15 +208,21 @@ func (m *decoratedFormPostResponse) ResponseModes() fosite.ResponseModeTypes {
 func (m *decoratedFormPostResponse) WriteAuthorizeResponse(ctx context.Context, rw http.ResponseWriter, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) {
 	rw.Header().Add("Content-Type", "text/html;charset=UTF-8")
 	resp.AddParameter("custom_param", "foo")
-	fosite.WriteAuthorizeFormPostResponse(ar.GetRedirectURI().String(), resp.GetParameters(), fosite.GetPostFormHTMLTemplate(ctx,
-		fosite.NewOAuth2Provider(nil, new(fosite.Config))), rw)
+
+	provider := fosite.NewOAuth2Provider(nil, new(fosite.Config))
+
+	writeAuthorizeFormPostResponse := fosite.GetWriteAuthorizeFormPostResponse(ctx, provider)
+	writeAuthorizeFormPostResponse(rw, fosite.GetPostFormHTMLTemplate(ctx, provider), ar.GetRedirectURI().String(), resp.GetParameters())
 }
 
 func (m *decoratedFormPostResponse) WriteAuthorizeError(ctx context.Context, rw http.ResponseWriter, ar fosite.AuthorizeRequester, err error) {
 	rfcerr := fosite.ErrorToRFC6749Error(err)
 	errors := rfcerr.ToValues()
 	errors.Set("state", ar.GetState())
 	errors.Add("custom_err_param", "bar")
-	fosite.WriteAuthorizeFormPostResponse(ar.GetRedirectURI().String(), errors, fosite.GetPostFormHTMLTemplate(ctx,
-		fosite.NewOAuth2Provider(nil, new(fosite.Config))), rw)
+
+	provider := fosite.NewOAuth2Provider(nil, new(fosite.Config))
+
+	writeAuthorizeFormPostResponse := fosite.GetWriteAuthorizeFormPostResponse(ctx, provider)
+	writeAuthorizeFormPostResponse(rw, fosite.GetPostFormHTMLTemplate(ctx, provider), ar.GetRedirectURI().String(), errors)
 }