refactor: fix linter issues

This commit is contained in:
Elias Schneider
2026-06-02 14:08:33 +02:00
parent 68a5abdcca
commit 4f97cd4188
2 changed files with 28 additions and 17 deletions

View File

@@ -105,7 +105,7 @@ type AuthorizeOidcClientResponseDto struct {
}
type AuthorizationRequiredDto struct {
ClientID string `json:"clientID" binding:"required"`
ClientID string `json:"clientID" binding:"required"`
Scope string `json:"scope"`
RequestURI string `json:"requestURI"`
}

View File

@@ -148,24 +148,9 @@ func (s *OidcService) Authorize(ctx context.Context, input dto.AuthorizeOidcClie
// If a request_uri is provided, consume the stored PAR and overwrite input fields
if input.RequestURI != "" {
par, err := s.getAndConsumePushedAuthorizationRequest(ctx, tx, input.ClientID, input.RequestURI)
if err != nil {
if err := s.applyPushedAuthorizationRequest(ctx, tx, &input); err != nil {
return "", "", err
}
input.Scope = par.Scope
input.CallbackURL = par.RedirectURI
input.Nonce = par.Nonce
input.Prompt = par.Prompt
if par.CodeChallenge != nil {
input.CodeChallenge = *par.CodeChallenge
} else {
input.CodeChallenge = ""
}
if par.CodeChallengeMethod != nil {
input.CodeChallengeMethod = *par.CodeChallengeMethod
} else {
input.CodeChallengeMethod = ""
}
}
// If the client is not public, the code challenge must be provided
@@ -271,6 +256,32 @@ func (s *OidcService) Authorize(ctx context.Context, input dto.AuthorizeOidcClie
return code, callbackURL, nil
}
// applyPushedAuthorizationRequest consumes the stored PAR for the given request_uri
// and overwrites the corresponding fields on input.
func (s *OidcService) applyPushedAuthorizationRequest(ctx context.Context, tx *gorm.DB, input *dto.AuthorizeOidcClientRequestDto) error {
par, err := s.getAndConsumePushedAuthorizationRequest(ctx, tx, input.ClientID, input.RequestURI)
if err != nil {
return err
}
input.Scope = par.Scope
input.CallbackURL = par.RedirectURI
input.Nonce = par.Nonce
input.Prompt = par.Prompt
input.CodeChallenge = ""
if par.CodeChallenge != nil {
input.CodeChallenge = *par.CodeChallenge
}
input.CodeChallengeMethod = ""
if par.CodeChallengeMethod != nil {
input.CodeChallengeMethod = *par.CodeChallengeMethod
}
return nil
}
// HasAuthorizedClient checks if the user has already authorized the client with the given scope
func (s *OidcService) HasAuthorizedClient(ctx context.Context, clientID, userID, scope string) (bool, error) {
return s.hasAuthorizedClientInternal(ctx, clientID, userID, scope, s.db)