Skip to content

Commit

Permalink
Add basic_auth option in authentication (#80)
Browse files Browse the repository at this point in the history
* Add basic_auth option in authentication

and inform UAA if oauth2 encoding is set

Why:
- provide a feature option for user of cf-uaa-lib, e.g. cf-uaac
- set compatiblity header for cases where UAA allows to switch

* header creation corrected
strehle authored Jan 21, 2022

Verified

This commit was signed with the committer’s verified signature.
Exirel Florian Strzelecki
1 parent 97506f9 commit e351f4d
Showing 2 changed files with 19 additions and 8 deletions.
11 changes: 9 additions & 2 deletions lib/uaa/token_issuer.rb
Original file line number Diff line number Diff line change
@@ -13,6 +13,7 @@

require 'securerandom'
require 'uaa/http'
require 'cgi'

module CF::UAA

@@ -72,8 +73,13 @@ def request_token(params)
if scope = Util.arglist(params.delete(:scope))
params[:scope] = Util.strlist(scope)
end
headers = {'content-type' => FORM_UTF8, 'accept' => JSON_UTF8,
'authorization' => Http.basic_auth(@client_id, @client_secret) }
headers = {'content-type' => FORM_UTF8, 'accept' => JSON_UTF8}
if @basic_auth
headers['authorization'] = Http.basic_auth(@client_id, @client_secret)
else
headers['X-CF-ENCODED-CREDENTIALS'] = 'true'
headers['authorization'] = Http.basic_auth(CGI.escape(@client_id), CGI.escape(@client_secret))
end
reply = json_parse_reply(@key_style, *request(@token_target, :post,
'/oauth/token', Util.encode_form(params), headers))
raise BadResponse unless reply[jkey :token_type] && reply[jkey :access_token]
@@ -109,6 +115,7 @@ def initialize(target, client_id, client_secret = nil, options = {})
@target, @client_id, @client_secret = target, client_id, client_secret
@token_target = options[:token_target] || target
@key_style = options[:symbolize_keys] ? :sym : nil
@basic_auth = options[:basic_auth] == true ? true : false
initialize_http_options(options)
end

16 changes: 10 additions & 6 deletions spec/token_issuer_spec.rb
Original file line number Diff line number Diff line change
@@ -23,13 +23,13 @@ module CF::UAA

before do
#Util.default_logger(:trace)
@issuer = TokenIssuer.new('http://test.uaa.target', 'test_client', 'test_secret', options)
@issuer = TokenIssuer.new('http://test.uaa.target', 'test_client', 'test!secret', options)
end

subject { @issuer }

describe 'initialize' do
let(:options) { {http_proxy: 'http-proxy.com', https_proxy: 'https-proxy.com', skip_ssl_validation: true} }
let(:options) { {http_proxy: 'http-proxy.com', https_proxy: 'https-proxy.com', skip_ssl_validation: true, basic_auth: false} }

it 'sets skip_ssl_validation' do
subject.skip_ssl_validation == true
@@ -42,7 +42,8 @@ module CF::UAA
subject.set_request_handler do |url, method, body, headers|
headers['content-type'].should =~ /application\/x-www-form-urlencoded/
headers['accept'].should =~ /application\/json/
# TODO check basic auth header
headers['X-CF-ENCODED-CREDENTIALS'].should == 'true'
headers['authorization'].should == 'Basic dGVzdF9jbGllbnQ6dGVzdCUyMXNlY3JldA=='
url.should == 'http://test.uaa.target/oauth/token'
method.should == :post
reply = {access_token: 'test_access_token', token_type: 'BEARER',
@@ -89,7 +90,8 @@ module CF::UAA
subject.set_request_handler do |url, method, body, headers|
headers['content-type'].should =~ /application\/x-www-form-urlencoded/
headers['accept'].should =~ /application\/json/
# TODO check basic auth header
headers['X-CF-ENCODED-CREDENTIALS'].should == 'true'
headers['authorization'].should == 'Basic dGVzdF9jbGllbnQ6dGVzdCUyMXNlY3JldA=='
url.should == 'http://test.uaa.target/oauth/token'
method.should == :post
reply = {access_token: 'test_access_token', token_type: 'BEARER',
@@ -108,7 +110,8 @@ module CF::UAA
subject.set_request_handler do |url, method, body, headers|
headers['content-type'].should =~ /application\/x-www-form-urlencoded/
headers['accept'].should =~ /application\/json/
# TODO check basic auth header
headers['X-CF-ENCODED-CREDENTIALS'].should == 'true'
headers['authorization'].should == 'Basic dGVzdF9jbGllbnQ6dGVzdCUyMXNlY3JldA=='
url.should == 'http://test.uaa.target/oauth/token'
body.should =~ /(^|&)passcode=12345($|&)/
body.should =~ /(^|&)grant_type=password($|&)/
@@ -250,7 +253,8 @@ module CF::UAA
subject.set_request_handler do |url, method, body, headers|
headers['content-type'].should =~ /application\/x-www-form-urlencoded/
headers['accept'].should =~ /application\/json/
# TODO check basic auth header
headers['X-CF-ENCODED-CREDENTIALS'].should == 'true'
headers['authorization'].should == 'Basic dGVzdF9jbGllbnQ6dGVzdCUyMXNlY3JldA=='
url.should match 'http://test.uaa.target/oauth/token'
method.should == :post
reply = {access_token: 'test_access_token', token_type: 'BEARER',

0 comments on commit e351f4d

Please sign in to comment.