MCPcopy
hub / github.com/smallstep/cli / ServeHTTP

Method ServeHTTP

command/oauth/cmd.go:1092–1150  ·  view source on GitHub ↗

ServeHTTP is the handler that performs the OAuth 2.0 dance and returns the tokens using channels.

(w http.ResponseWriter, req *http.Request)

Source from the content-addressed store, hash-verified

1090// ServeHTTP is the handler that performs the OAuth 2.0 dance and returns the
1091// tokens using channels.
1092func (o *oauth) ServeHTTP(w http.ResponseWriter, req *http.Request) {
1093 if req.URL.Path != o.CallbackPath {
1094 http.NotFound(w, req)
1095 return
1096 }
1097
1098 if req.Method == http.MethodOptions {
1099 w.WriteHeader(http.StatusOK)
1100 w.Write(nil)
1101 return
1102 }
1103
1104 q := req.URL.Query()
1105 errStr := q.Get("error")
1106 if errStr != "" {
1107 o.badRequest(w, "Failed to authenticate: "+errStr)
1108 return
1109 }
1110
1111 if o.implicit {
1112 o.implicitHandler(w, req)
1113 return
1114 }
1115
1116 code, state := q.Get("code"), q.Get("state")
1117 if code == "" || state == "" {
1118 fmt.Fprintf(os.Stderr, "Invalid request received: http://%s%s\n", req.RemoteAddr, req.URL.String()) // #nosec G705 -- terminal output
1119 fmt.Fprintf(os.Stderr, "You may have an app or browser plugin that needs to be turned off\n")
1120 http.Error(w, "400 bad request", http.StatusBadRequest)
1121 return
1122 }
1123
1124 if code == "" {
1125 o.badRequest(w, "Failed to authenticate: missing or invalid code")
1126 return
1127 }
1128
1129 if state == "" || state != o.state {
1130 o.badRequest(w, "Failed to authenticate: missing or invalid state")
1131 return
1132 }
1133
1134 tok, err := o.Exchange(o.tokenEndpoint, code)
1135 if err != nil {
1136 o.badRequest(w, "Failed exchanging authorization code: "+err.Error())
1137 return
1138 }
1139 if tok.Err != "" || tok.ErrDesc != "" {
1140 o.badRequest(w, fmt.Sprintf("Failed exchanging authorization code: %s. %s", tok.Err, tok.ErrDesc))
1141 return
1142 }
1143
1144 if o.terminalRedirect != "" {
1145 http.Redirect(w, req, o.terminalRedirect, http.StatusFound)
1146 } else {
1147 o.success(w)
1148 }
1149 o.tokCh <- tok

Callers

nothing calls this directly

Calls 6

badRequestMethod · 0.95
implicitHandlerMethod · 0.95
ExchangeMethod · 0.95
successMethod · 0.95
StringMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected