MCPcopy
hub / github.com/tinyauthapp/tinyauth / Userinfo

Method Userinfo

internal/controller/oidc_controller.go:374–467  ·  view source on GitHub ↗
(c *gin.Context)

Source from the content-addressed store, hash-verified

372}
373
374func (controller *OIDCController) Userinfo(c *gin.Context) {
375 if !controller.oidc.IsConfigured() {
376 tlog.App.Warn().Msg("OIDC not configured")
377 c.JSON(404, gin.H{
378 "error": "not_found",
379 })
380 return
381 }
382
383 var token string
384
385 authorization := c.GetHeader("Authorization")
386 if authorization != "" {
387 tokenType, bearerToken, ok := strings.Cut(authorization, " ")
388 if !ok {
389 tlog.App.Warn().Msg("OIDC userinfo accessed with malformed authorization header")
390 c.JSON(401, gin.H{
391 "error": "invalid_request",
392 })
393 return
394 }
395
396 if strings.ToLower(tokenType) != "bearer" {
397 tlog.App.Warn().Msg("OIDC userinfo accessed with invalid token type")
398 c.JSON(401, gin.H{
399 "error": "invalid_request",
400 })
401 return
402 }
403
404 token = bearerToken
405 } else if c.Request.Method == http.MethodPost {
406 if c.ContentType() != "application/x-www-form-urlencoded" {
407 tlog.App.Warn().Msg("OIDC userinfo POST accessed with invalid content type")
408 c.JSON(400, gin.H{
409 "error": "invalid_request",
410 })
411 return
412 }
413 token = c.PostForm("access_token")
414 if token == "" {
415 tlog.App.Warn().Msg("OIDC userinfo POST accessed without access_token in body")
416 c.JSON(401, gin.H{
417 "error": "invalid_request",
418 })
419 return
420 }
421 } else {
422 tlog.App.Warn().Msg("OIDC userinfo accessed without authorization header")
423 c.JSON(401, gin.H{
424 "error": "invalid_request",
425 })
426 return
427 }
428
429 entry, err := controller.oidc.GetAccessToken(c, controller.oidc.Hash(token))
430
431 if err != nil {

Callers

nothing calls this directly

Calls 5

GetAccessTokenMethod · 0.80
HashMethod · 0.80
CompileUserinfoMethod · 0.80
GetUserinfoMethod · 0.65
IsConfiguredMethod · 0.45

Tested by

no test coverage detected