(token string)
| 54 | } |
| 55 | |
| 56 | func (uaa UAARepository) Authorize(token string) (string, error) { |
| 57 | httpClient := &http.Client{ |
| 58 | CheckRedirect: func(req *http.Request, _ []*http.Request) error { |
| 59 | uaa.DumpRequest(req) |
| 60 | return ErrPreventRedirect |
| 61 | }, |
| 62 | Timeout: 30 * time.Second, |
| 63 | Transport: &http.Transport{ |
| 64 | DisableKeepAlives: true, |
| 65 | TLSClientConfig: util.NewTLSConfig(nil, uaa.config.IsSSLDisabled()), |
| 66 | Proxy: http.ProxyFromEnvironment, |
| 67 | TLSHandshakeTimeout: 10 * time.Second, |
| 68 | }, |
| 69 | } |
| 70 | |
| 71 | authorizeURL, err := url.Parse(uaa.config.UaaEndpoint()) |
| 72 | if err != nil { |
| 73 | return "", err |
| 74 | } |
| 75 | |
| 76 | values := url.Values{} |
| 77 | values.Set("response_type", "code") |
| 78 | values.Set("grant_type", "authorization_code") |
| 79 | values.Set("client_id", uaa.config.SSHOAuthClient()) |
| 80 | |
| 81 | authorizeURL.Path = "/oauth/authorize" |
| 82 | authorizeURL.RawQuery = values.Encode() |
| 83 | |
| 84 | authorizeReq, err := http.NewRequest("GET", authorizeURL.String(), nil) |
| 85 | if err != nil { |
| 86 | return "", err |
| 87 | } |
| 88 | |
| 89 | authorizeReq.Header.Add("authorization", token) |
| 90 | |
| 91 | resp, err := httpClient.Do(authorizeReq) |
| 92 | if resp != nil { |
| 93 | uaa.DumpResponse(resp) |
| 94 | } |
| 95 | if err == nil { |
| 96 | return "", errors.New(T("Authorization server did not redirect with one time code")) |
| 97 | } |
| 98 | |
| 99 | if netErr, ok := err.(*url.Error); !ok || netErr.Err != ErrPreventRedirect { |
| 100 | return "", errors.New(T("Error requesting one time code from server: {{.Error}}", map[string]interface{}{"Error": err.Error()})) |
| 101 | } |
| 102 | |
| 103 | loc, err := resp.Location() |
| 104 | if err != nil { |
| 105 | return "", errors.New(T("Error getting the redirected location: {{.Error}}", map[string]interface{}{"Error": err.Error()})) |
| 106 | } |
| 107 | |
| 108 | codes := loc.Query()["code"] |
| 109 | if len(codes) != 1 { |
| 110 | return "", errors.New(T("Unable to acquire one time code from authorization response")) |
| 111 | } |
| 112 | |
| 113 | return codes[0], nil |
nothing calls this directly
no test coverage detected