From c8696691fd05701db1f11316b28e63c2d78c1b68 Mon Sep 17 00:00:00 2001 From: pgalic96 Date: Fri, 26 Nov 2021 09:12:39 +0100 Subject: [PATCH] fixup! console: Remove echo from console --- pkg/account/server.go | 2 +- pkg/console/console.go | 19 +++++++++---------- pkg/web/oauthclient/callback.go | 3 ++- pkg/web/oauthclient/login.go | 1 - pkg/web/oauthclient/logout.go | 1 - pkg/web/oauthclient/token.go | 1 - 6 files changed, 12 insertions(+), 15 deletions(-) diff --git a/pkg/account/server.go b/pkg/account/server.go index 26ffd8afe7f..9c6548e3a2f 100644 --- a/pkg/account/server.go +++ b/pkg/account/server.go @@ -93,7 +93,7 @@ func (s *server) RegisterRoutes(server *web.Server) { csrf.FieldName("_csrf"), csrf.Path("/"), ) - router := server.Router().NewRoute().Path(s.config.Mount).Subrouter() + router := server.Router().NewRoute().PathPrefix(s.config.Mount).Subrouter() router.Use( func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { diff --git a/pkg/console/console.go b/pkg/console/console.go index 93fb4219fa3..c16b33eb160 100644 --- a/pkg/console/console.go +++ b/pkg/console/console.go @@ -157,8 +157,8 @@ func templateMiddleware(console *Console) webmiddleware.MiddlewareFunc { // RegisterRoutes implements web.Registerer. It registers the Console to the web server. func (console *Console) RegisterRoutes(server *web.Server) { - consoleRouter := server.Router().NewRoute().Subrouter() - consoleRouter.Use( + router := server.Router().PathPrefix(console.config.Mount).Subrouter() + router.Use( mux.MiddlewareFunc(cspHeader(console)), mux.MiddlewareFunc(templateMiddleware(console)), mux.MiddlewareFunc( @@ -170,12 +170,11 @@ func (console *Console) RegisterRoutes(server *web.Server) { ), ), ) - server.Router().PathPrefix(console.config.Mount).Handler(consoleRouter) - oauthRouter := consoleRouter.NewRoute().Subrouter() - oauthRouter.Path("/token").HandlerFunc(console.oc.HandleToken).Methods(http.MethodGet) - oauthRouter.Path("/logout").HandlerFunc(console.oc.HandleLogout).Methods(http.MethodPost) - oauthRouter.Path("/oauth/callback").HandlerFunc(console.oc.HandleCallback).Methods(http.MethodGet) - oauthRouter.Path("/login/ttn-stack").HandlerFunc(console.oc.HandleLogin).Methods(http.MethodGet) - oauthRouter.PathPrefix("/").HandlerFunc(webui.Template.Render).Methods(http.MethodGet) - consoleRouter.PathPrefix("/api/auth").Handler(oauthRouter) + api := router.NewRoute().PathPrefix("/api/auth/").Subrouter() + api.Path("/token").HandlerFunc(console.oc.HandleToken).Methods(http.MethodGet) + api.Path("/logout").HandlerFunc(console.oc.HandleLogout).Methods(http.MethodPost) + + router.Path("/login/ttn-stack").HandlerFunc(console.oc.HandleLogin).Methods(http.MethodGet) + router.Path("/oauth/callback").HandlerFunc(console.oc.HandleCallback).Methods(http.MethodGet) + router.NewRoute().HandlerFunc(webui.Template.Render) } diff --git a/pkg/web/oauthclient/callback.go b/pkg/web/oauthclient/callback.go index 6afa32cbcc6..f8cbe6dabc3 100644 --- a/pkg/web/oauthclient/callback.go +++ b/pkg/web/oauthclient/callback.go @@ -60,7 +60,7 @@ func (oc *OAuthClient) HandleCallback(w http.ResponseWriter, r *http.Request) { var response oauthAuthorizeResponse err := json.NewDecoder(r.Body).Decode(&response) if err != nil { - http.Error(w, err.Error(), http.StatusBadRequest) + webhandlers.Error(w, r, err) return } if err := response.ValidateContext(r.Context()); err != nil { @@ -81,6 +81,7 @@ func (oc *OAuthClient) HandleCallback(w http.ResponseWriter, r *http.Request) { if value.AccessToken != "" { config := oc.configFromContext(r.Context()) http.Redirect(w, r, config.RootURL, http.StatusFound) + return } webhandlers.Error(w, r, err) return diff --git a/pkg/web/oauthclient/login.go b/pkg/web/oauthclient/login.go index 0bd3c306876..8c579aa4386 100644 --- a/pkg/web/oauthclient/login.go +++ b/pkg/web/oauthclient/login.go @@ -25,7 +25,6 @@ import ( // endpoint. func (oc *OAuthClient) HandleLogin(w http.ResponseWriter, r *http.Request) { next := r.URL.Query().Get(oc.nextKey) - // Only allow relative paths. if !strings.HasPrefix(next, "/") && !strings.HasPrefix(next, "#") && !strings.HasPrefix(next, "?") { next = "" diff --git a/pkg/web/oauthclient/logout.go b/pkg/web/oauthclient/logout.go index 92cd056d87e..66de551039e 100644 --- a/pkg/web/oauthclient/logout.go +++ b/pkg/web/oauthclient/logout.go @@ -75,7 +75,6 @@ func (oc *OAuthClient) HandleLogout(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) enc := json.NewEncoder(w) - enc.SetIndent("", " ") if err := enc.Encode(struct { OpLogoutURI string `json:"op_logout_uri"` }{ diff --git a/pkg/web/oauthclient/token.go b/pkg/web/oauthclient/token.go index 0f577cc195e..e54a87b8aa3 100644 --- a/pkg/web/oauthclient/token.go +++ b/pkg/web/oauthclient/token.go @@ -85,7 +85,6 @@ func (oc *OAuthClient) HandleToken(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) enc := json.NewEncoder(w) - enc.SetIndent("", " ") if err := enc.Encode(struct { AccessToken string `json:"access_token"`