Make OAuth 2.0 token_url client_id and client_secret mandatory (#294)

LeviHarrison · web-flow · commit b4304c504af1 · 2021-04-27T23:37:55.000+02:00
* Made client_id and client_secret mandatory

Signed-off-by: Levi Harrison &lt;git@leviharrison.dev&gt;
diff --git a/config/http_config.go b/config/http_config.go
@@ -210,6 +210,15 @@ func (c *HTTPClientConfig) Validate() error {
 		if c.BasicAuth != nil {
 			return fmt.Errorf("at most one of basic_auth, oauth2 & authorization must be configured")
 		}
+		if len(c.OAuth2.ClientID) == 0 {
+			return fmt.Errorf("oauth2 client_id must be configured")
+		}
+		if len(c.OAuth2.ClientSecret) == 0 && len(c.OAuth2.ClientSecretFile) == 0 {
+			return fmt.Errorf("either oauth2 client_secret or client_secret_file must be configured")
+		}
+		if len(c.OAuth2.TokenURL) == 0 {
+			return fmt.Errorf("oauth2 token_url must be configured")
+		}
 		if len(c.OAuth2.ClientSecret) > 0 && len(c.OAuth2.ClientSecretFile) > 0 {
 			return fmt.Errorf("at most one of oauth2 client_secret & client_secret_file must be configured")
 		}
diff --git a/config/http_config_test.go b/config/http_config_test.go
@@ -107,6 +107,18 @@ var invalidHTTPClientConfigs = []struct {
 		httpClientConfigFile: "testdata/http.conf.oauth2-secret-and-file-set.bad.yml",
 		errMsg:               "at most one of oauth2 client_secret & client_secret_file must be configured",
 	},
+	{
+		httpClientConfigFile: "testdata/http.conf.oauth2-no-client-id.bad.yaml",
+		errMsg:               "oauth2 client_id must be configured",
+	},
+	{
+		httpClientConfigFile: "testdata/http.conf.oauth2-no-client-secret.bad.yaml",
+		errMsg:               "either oauth2 client_secret or client_secret_file must be configured",
+	},
+	{
+		httpClientConfigFile: "testdata/http.conf.oauth2-no-token-url.bad.yaml",
+		errMsg:               "oauth2 token_url must be configured",
+	},
 }
 
 func newTestServer(handler func(w http.ResponseWriter, r *http.Request)) (*httptest.Server, error) {
diff --git a/config/testdata/http.conf.oauth2-no-client-id.bad.yaml b/config/testdata/http.conf.oauth2-no-client-id.bad.yaml
@@ -0,0 +1,3 @@
+oauth2:
+  client_secret: "mysecret"
+  token_url: "http://auth"
diff --git a/config/testdata/http.conf.oauth2-no-client-secret.bad.yaml b/config/testdata/http.conf.oauth2-no-client-secret.bad.yaml
@@ -0,0 +1,3 @@
+oauth2:
+  client_id: "myclientid"
+  token_url: "http://auth"
diff --git a/config/testdata/http.conf.oauth2-no-token-url.bad.yaml b/config/testdata/http.conf.oauth2-no-token-url.bad.yaml
@@ -0,0 +1,3 @@
+oauth2:
+  client_id: "myclientid"
+  client_secret: "mysecret"
diff --git a/config/testdata/http.conf.oauth2-secret-and-file-set.bad.yml b/config/testdata/http.conf.oauth2-secret-and-file-set.bad.yml
@@ -1,3 +1,5 @@
 oauth2:
+  client_id: "myclient"
   client_secret: "mysecret"
   client_secret_file: "mysecret"
+  token_url: "http://auth"

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+oauth2:`
	`2`	`+ client_secret: "mysecret"`
	`3`	`+ token_url: "http://auth"`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+oauth2:`
	`2`	`+ client_id: "myclientid"`
	`3`	`+ token_url: "http://auth"`