diff options
author | Niall Sheridan <nsheridan@gmail.com> | 2017-04-10 21:18:42 +0100 |
---|---|---|
committer | Niall Sheridan <nsheridan@gmail.com> | 2017-04-10 21:38:33 +0100 |
commit | 30802e07b2d84fbc213b490d3402707dffe60096 (patch) | |
tree | 934aecb8f3582325dfd1aa6652193adac87d00db /vendor/golang.org/x/oauth2/internal | |
parent | da7638dc112c4c106e8929601b642d2ca4596cba (diff) |
update dependencies
Diffstat (limited to 'vendor/golang.org/x/oauth2/internal')
-rw-r--r-- | vendor/golang.org/x/oauth2/internal/token.go | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/vendor/golang.org/x/oauth2/internal/token.go b/vendor/golang.org/x/oauth2/internal/token.go index ba90a34..018b58a 100644 --- a/vendor/golang.org/x/oauth2/internal/token.go +++ b/vendor/golang.org/x/oauth2/internal/token.go @@ -122,6 +122,13 @@ var brokenAuthHeaderProviders = []string{ "https://sandbox.codeswholesale.com/oauth/token", } +// brokenAuthHeaderDomains lists broken providers that issue dynamic endpoints. +var brokenAuthHeaderDomains = []string{ + ".force.com", + ".okta.com", + ".oktapreview.com", +} + func RegisterBrokenAuthHeaderProvider(tokenURL string) { brokenAuthHeaderProviders = append(brokenAuthHeaderProviders, tokenURL) } @@ -142,6 +149,14 @@ func providerAuthHeaderWorks(tokenURL string) bool { } } + if u, err := url.Parse(tokenURL); err == nil { + for _, s := range brokenAuthHeaderDomains { + if strings.HasSuffix(u.Host, s) { + return false + } + } + } + // Assume the provider implements the spec properly // otherwise. We can add more exceptions as they're // discovered. We will _not_ be adding configurable hooks @@ -155,9 +170,13 @@ func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, return nil, err } bustedAuth := !providerAuthHeaderWorks(tokenURL) - if bustedAuth && clientSecret != "" { - v.Set("client_id", clientID) - v.Set("client_secret", clientSecret) + if bustedAuth { + if clientID != "" { + v.Set("client_id", clientID) + } + if clientSecret != "" { + v.Set("client_secret", clientSecret) + } } req, err := http.NewRequest("POST", tokenURL, strings.NewReader(v.Encode())) if err != nil { |