From e7203d3dcd19913449dbc3155c149274a199ab4e Mon Sep 17 00:00:00 2001 From: Justin Slowik Date: Wed, 28 Aug 2019 14:33:35 -0400 Subject: [PATCH 1/6] Enable Locale claim in the OIDC Connector Enabled the locale claim --- .gitignore | 1 + connector/connector.go | 4 +-- connector/oidc/oidc.go | 3 ++ server/handlers.go | 3 ++ server/oauth2.go | 9 ++--- storage/conformance/conformance.go | 8 +++++ storage/etcd/types.go | 3 ++ storage/kubernetes/types.go | 3 ++ storage/sql/crud.go | 54 ++++++++++++++++-------------- storage/sql/migrate.go | 3 ++ storage/storage.go | 4 +-- 11 files changed, 61 insertions(+), 34 deletions(-) diff --git a/.gitignore b/.gitignore index db3eaf3e3a..21ad3ba82f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ bin dist _output +.idea diff --git a/connector/connector.go b/connector/connector.go index edd7fa5706..8dd82c601e 100644 --- a/connector/connector.go +++ b/connector/connector.go @@ -27,8 +27,8 @@ type Identity struct { Username string Email string EmailVerified bool - - Groups []string + Locale string + Groups []string // ConnectorData holds data used by the connector for subsequent requests after initial // authentication, such as access tokens for upstream provides. diff --git a/connector/oidc/oidc.go b/connector/oidc/oidc.go index 4a64df8b60..563aae112f 100644 --- a/connector/oidc/oidc.go +++ b/connector/oidc/oidc.go @@ -259,11 +259,14 @@ func (c *oidcConnector) HandleCallback(s connector.Scopes, r *http.Request) (ide } } + locale, _ := claims["locale"].(string) + identity = connector.Identity{ UserID: idToken.Subject, Username: name, Email: email, EmailVerified: emailVerified, + Locale: locale, } if c.userIDKey != "" { diff --git a/server/handlers.go b/server/handlers.go index 9bff36ee84..fb74a398de 100644 --- a/server/handlers.go +++ b/server/handlers.go @@ -484,6 +484,7 @@ func (s *Server) finalizeLogin(identity connector.Identity, authReq storage.Auth Email: identity.Email, EmailVerified: identity.EmailVerified, Groups: identity.Groups, + Locale: identity.Locale, } updater := func(a storage.AuthRequest) (storage.AuthRequest, error) { @@ -974,6 +975,7 @@ func (s *Server) handleRefreshToken(w http.ResponseWriter, r *http.Request, clie EmailVerified: refresh.Claims.EmailVerified, Groups: refresh.Claims.Groups, ConnectorData: refresh.ConnectorData, + Locale: refresh.Claims.Locale, } // Can the connector refresh the identity? If so, attempt to refresh the data @@ -997,6 +999,7 @@ func (s *Server) handleRefreshToken(w http.ResponseWriter, r *http.Request, clie Email: ident.Email, EmailVerified: ident.EmailVerified, Groups: ident.Groups, + Locale: ident.Locale, } accessToken, err := s.newAccessToken(client.ID, claims, scopes, refresh.Nonce, refresh.ConnectorID) diff --git a/server/oauth2.go b/server/oauth2.go index 6104b54988..0df6c36de3 100644 --- a/server/oauth2.go +++ b/server/oauth2.go @@ -253,10 +253,10 @@ type idTokenClaims struct { AccessTokenHash string `json:"at_hash,omitempty"` - Email string `json:"email,omitempty"` - EmailVerified *bool `json:"email_verified,omitempty"` - - Groups []string `json:"groups,omitempty"` + Email string `json:"email,omitempty"` + EmailVerified *bool `json:"email_verified,omitempty"` + Locale string `json:"locale,omitempty"` + Groups []string `json:"groups,omitempty"` Name string `json:"name,omitempty"` @@ -329,6 +329,7 @@ func (s *Server) newIDToken(clientID string, claims storage.Claims, scopes []str tok.Groups = claims.Groups case scope == scopeProfile: tok.Name = claims.Username + tok.Locale = claims.Locale case scope == scopeFederatedID: tok.FederatedIDClaims = &federatedIDClaims{ ConnectorID: connID, diff --git a/storage/conformance/conformance.go b/storage/conformance/conformance.go index a13998077c..8d9263afbe 100644 --- a/storage/conformance/conformance.go +++ b/storage/conformance/conformance.go @@ -97,6 +97,7 @@ func testAuthRequestCRUD(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a", "b"}, }, } @@ -129,6 +130,7 @@ func testAuthRequestCRUD(t *testing.T, s storage.Storage) { Username: "john", Email: "john.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a"}, }, } @@ -178,6 +180,7 @@ func testAuthCodeCRUD(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a", "b"}, }, } @@ -200,6 +203,7 @@ func testAuthCodeCRUD(t *testing.T, s storage.Storage) { Username: "john", Email: "john.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a"}, }, } @@ -321,6 +325,7 @@ func testRefreshTokenCRUD(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a", "b"}, }, ConnectorData: []byte(`{"some":"data"}`), @@ -375,6 +380,7 @@ func testRefreshTokenCRUD(t *testing.T, s storage.Storage) { Username: "john", Email: "john.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a", "b"}, }, ConnectorData: []byte(`{"some":"data"}`), @@ -794,6 +800,7 @@ func testGC(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a", "b"}, }, } @@ -854,6 +861,7 @@ func testTimezones(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, + Locale: "en_US", Groups: []string{"a", "b"}, }, } diff --git a/storage/etcd/types.go b/storage/etcd/types.go index 0d8f521ad4..2b4110bc61 100644 --- a/storage/etcd/types.go +++ b/storage/etcd/types.go @@ -152,6 +152,7 @@ type Claims struct { Username string `json:"username"` Email string `json:"email"` EmailVerified bool `json:"emailVerified"` + Locale string `json:"locale,omitempty"` Groups []string `json:"groups,omitempty"` } @@ -161,6 +162,7 @@ func fromStorageClaims(i storage.Claims) Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, + Locale: i.Locale, Groups: i.Groups, } } @@ -171,6 +173,7 @@ func toStorageClaims(i Claims) storage.Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, + Locale: i.Locale, Groups: i.Groups, } } diff --git a/storage/kubernetes/types.go b/storage/kubernetes/types.go index 1ed405b50a..923e2b8a28 100644 --- a/storage/kubernetes/types.go +++ b/storage/kubernetes/types.go @@ -214,6 +214,7 @@ type Claims struct { Username string `json:"username"` Email string `json:"email"` EmailVerified bool `json:"emailVerified"` + Locale string `json:"locale,omitempty"` Groups []string `json:"groups,omitempty"` } @@ -223,6 +224,7 @@ func fromStorageClaims(i storage.Claims) Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, + Locale: i.Locale, Groups: i.Groups, } } @@ -233,6 +235,7 @@ func toStorageClaims(i Claims) storage.Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, + Locale: i.Locale, Groups: i.Groups, } } diff --git a/storage/sql/crud.go b/storage/sql/crud.go index d7c055ab18..316ca23e3b 100644 --- a/storage/sql/crud.go +++ b/storage/sql/crud.go @@ -109,18 +109,18 @@ func (c *conn) CreateAuthRequest(a storage.AuthRequest) error { id, client_id, response_types, scopes, redirect_uri, nonce, state, force_approval_prompt, logged_in, claims_user_id, claims_username, claims_email, claims_email_verified, - claims_groups, + claims_groups, claims_locale, connector_id, connector_data, expiry ) values ( - $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17 + $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18 ); `, a.ID, a.ClientID, encoder(a.ResponseTypes), encoder(a.Scopes), a.RedirectURI, a.Nonce, a.State, a.ForceApprovalPrompt, a.LoggedIn, a.Claims.UserID, a.Claims.Username, a.Claims.Email, a.Claims.EmailVerified, - encoder(a.Claims.Groups), + encoder(a.Claims.Groups), a.Claims.Locale, a.ConnectorID, a.ConnectorData, a.Expiry, ) @@ -152,14 +152,15 @@ func (c *conn) UpdateAuthRequest(id string, updater func(a storage.AuthRequest) claims_user_id = $9, claims_username = $10, claims_email = $11, claims_email_verified = $12, claims_groups = $13, - connector_id = $14, connector_data = $15, - expiry = $16 - where id = $17; + claims_locale = $14, + connector_id = $15, connector_data = $16, + expiry = $17 + where id = $18; `, a.ClientID, encoder(a.ResponseTypes), encoder(a.Scopes), a.RedirectURI, a.Nonce, a.State, a.ForceApprovalPrompt, a.LoggedIn, a.Claims.UserID, a.Claims.Username, a.Claims.Email, a.Claims.EmailVerified, - encoder(a.Claims.Groups), + encoder(a.Claims.Groups), a.Claims.Locale, a.ConnectorID, a.ConnectorData, a.Expiry, r.ID, ) @@ -181,14 +182,14 @@ func getAuthRequest(q querier, id string) (a storage.AuthRequest, err error) { id, client_id, response_types, scopes, redirect_uri, nonce, state, force_approval_prompt, logged_in, claims_user_id, claims_username, claims_email, claims_email_verified, - claims_groups, + claims_groups, claims_locale, connector_id, connector_data, expiry from auth_request where id = $1; `, id).Scan( &a.ID, &a.ClientID, decoder(&a.ResponseTypes), decoder(&a.Scopes), &a.RedirectURI, &a.Nonce, &a.State, &a.ForceApprovalPrompt, &a.LoggedIn, &a.Claims.UserID, &a.Claims.Username, &a.Claims.Email, &a.Claims.EmailVerified, - decoder(&a.Claims.Groups), + decoder(&a.Claims.Groups), &a.Claims.Locale, &a.ConnectorID, &a.ConnectorData, &a.Expiry, ) if err != nil { @@ -205,15 +206,15 @@ func (c *conn) CreateAuthCode(a storage.AuthCode) error { insert into auth_code ( id, client_id, scopes, nonce, redirect_uri, claims_user_id, claims_username, - claims_email, claims_email_verified, claims_groups, + claims_email, claims_email_verified, claims_groups, claims_locale, connector_id, connector_data, expiry ) - values ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13); + values ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14); `, a.ID, a.ClientID, encoder(a.Scopes), a.Nonce, a.RedirectURI, a.Claims.UserID, a.Claims.Username, a.Claims.Email, a.Claims.EmailVerified, encoder(a.Claims.Groups), - a.ConnectorID, a.ConnectorData, a.Expiry, + a.Claims.Locale, a.ConnectorID, a.ConnectorData, a.Expiry, ) if err != nil { @@ -231,13 +232,13 @@ func (c *conn) GetAuthCode(id string) (a storage.AuthCode, err error) { id, client_id, scopes, nonce, redirect_uri, claims_user_id, claims_username, claims_email, claims_email_verified, claims_groups, - connector_id, connector_data, + claims_locale, connector_id, connector_data, expiry from auth_code where id = $1; `, id).Scan( &a.ID, &a.ClientID, decoder(&a.Scopes), &a.Nonce, &a.RedirectURI, &a.Claims.UserID, &a.Claims.Username, &a.Claims.Email, &a.Claims.EmailVerified, decoder(&a.Claims.Groups), - &a.ConnectorID, &a.ConnectorData, &a.Expiry, + &a.Claims.Locale, &a.ConnectorID, &a.ConnectorData, &a.Expiry, ) if err != nil { if err == sql.ErrNoRows { @@ -253,15 +254,15 @@ func (c *conn) CreateRefresh(r storage.RefreshToken) error { insert into refresh_token ( id, client_id, scopes, nonce, claims_user_id, claims_username, claims_email, claims_email_verified, - claims_groups, + claims_groups, claims_locale, connector_id, connector_data, token, created_at, last_used ) - values ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14); + values ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15); `, r.ID, r.ClientID, encoder(r.Scopes), r.Nonce, r.Claims.UserID, r.Claims.Username, r.Claims.Email, r.Claims.EmailVerified, - encoder(r.Claims.Groups), + encoder(r.Claims.Groups), r.Claims.Locale, r.ConnectorID, r.ConnectorData, r.Token, r.CreatedAt, r.LastUsed, ) @@ -294,17 +295,18 @@ func (c *conn) UpdateRefreshToken(id string, updater func(old storage.RefreshTok claims_email = $6, claims_email_verified = $7, claims_groups = $8, - connector_id = $9, - connector_data = $10, - token = $11, - created_at = $12, - last_used = $13 + claims_locale = $9, + connector_id = $10, + connector_data = $11, + token = $12, + created_at = $13, + last_used = $14 where id = $14 `, r.ClientID, encoder(r.Scopes), r.Nonce, r.Claims.UserID, r.Claims.Username, r.Claims.Email, r.Claims.EmailVerified, - encoder(r.Claims.Groups), + encoder(r.Claims.Groups), r.Claims.Locale, r.ConnectorID, r.ConnectorData, r.Token, r.CreatedAt, r.LastUsed, id, ) @@ -324,7 +326,7 @@ func getRefresh(q querier, id string) (storage.RefreshToken, error) { select id, client_id, scopes, nonce, claims_user_id, claims_username, claims_email, claims_email_verified, - claims_groups, + claims_groups, claims_locale, connector_id, connector_data, token, created_at, last_used from refresh_token where id = $1; @@ -336,7 +338,7 @@ func (c *conn) ListRefreshTokens() ([]storage.RefreshToken, error) { select id, client_id, scopes, nonce, claims_user_id, claims_username, claims_email, claims_email_verified, - claims_groups, + claims_groups, claims_locale, connector_id, connector_data, token, created_at, last_used from refresh_token; @@ -362,7 +364,7 @@ func scanRefresh(s scanner) (r storage.RefreshToken, err error) { err = s.Scan( &r.ID, &r.ClientID, decoder(&r.Scopes), &r.Nonce, &r.Claims.UserID, &r.Claims.Username, &r.Claims.Email, &r.Claims.EmailVerified, - decoder(&r.Claims.Groups), + decoder(&r.Claims.Groups), &r.Claims.Locale, &r.ConnectorID, &r.ConnectorData, &r.Token, &r.CreatedAt, &r.LastUsed, ) diff --git a/storage/sql/migrate.go b/storage/sql/migrate.go index e30629e742..e615a09759 100644 --- a/storage/sql/migrate.go +++ b/storage/sql/migrate.go @@ -98,6 +98,7 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings + claims_locale not null, connector_id text not null, connector_data bytea, @@ -117,6 +118,7 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings + claims_locale not null, connector_id text not null, connector_data bytea, @@ -135,6 +137,7 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings + claims_locale not null, connector_id text not null, connector_data bytea diff --git a/storage/storage.go b/storage/storage.go index 893fb10035..5fda4bb014 100644 --- a/storage/storage.go +++ b/storage/storage.go @@ -141,8 +141,8 @@ type Claims struct { Username string Email string EmailVerified bool - - Groups []string + Locale string + Groups []string } // AuthRequest represents a OAuth2 client authorization request. It holds the state From c231041b2a38c954a777e5285024172170532e07 Mon Sep 17 00:00:00 2001 From: Justin Slowik Date: Wed, 28 Aug 2019 14:53:35 -0400 Subject: [PATCH 2/6] Update migrate.go --- storage/sql/migrate.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/storage/sql/migrate.go b/storage/sql/migrate.go index e615a09759..b9710d94ff 100644 --- a/storage/sql/migrate.go +++ b/storage/sql/migrate.go @@ -98,7 +98,7 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings - claims_locale not null, + claims_locale text not null, connector_id text not null, connector_data bytea, @@ -118,7 +118,7 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings - claims_locale not null, + claims_locale text not null, connector_id text not null, connector_data bytea, @@ -137,7 +137,7 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings - claims_locale not null, + claims_locale text not null, connector_id text not null, connector_data bytea From becb3d22a338dd3df56f13929b9062b110331b12 Mon Sep 17 00:00:00 2001 From: Justin Slowik Date: Wed, 28 Aug 2019 15:13:36 -0400 Subject: [PATCH 3/6] Fix crud variable order in UpdateRefreshToken --- storage/sql/crud.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/storage/sql/crud.go b/storage/sql/crud.go index 316ca23e3b..94ea702091 100644 --- a/storage/sql/crud.go +++ b/storage/sql/crud.go @@ -302,7 +302,7 @@ func (c *conn) UpdateRefreshToken(id string, updater func(old storage.RefreshTok created_at = $13, last_used = $14 where - id = $14 + id = $15 `, r.ClientID, encoder(r.Scopes), r.Nonce, r.Claims.UserID, r.Claims.Username, r.Claims.Email, r.Claims.EmailVerified, From 78ef63d5bd9f4796ea70c2ecfba1cad62571c0f3 Mon Sep 17 00:00:00 2001 From: Justin Slowik Date: Wed, 28 Aug 2019 16:37:03 -0400 Subject: [PATCH 4/6] Re-ordered structs to put locale last --- connector/connector.go | 2 +- server/oauth2.go | 2 +- storage/conformance/conformance.go | 16 ++++++++-------- storage/etcd/types.go | 6 +++--- storage/kubernetes/types.go | 6 +++--- storage/storage.go | 2 +- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/connector/connector.go b/connector/connector.go index 8dd82c601e..19eed05497 100644 --- a/connector/connector.go +++ b/connector/connector.go @@ -27,8 +27,8 @@ type Identity struct { Username string Email string EmailVerified bool - Locale string Groups []string + Locale string // ConnectorData holds data used by the connector for subsequent requests after initial // authentication, such as access tokens for upstream provides. diff --git a/server/oauth2.go b/server/oauth2.go index 0df6c36de3..1bfa6c7952 100644 --- a/server/oauth2.go +++ b/server/oauth2.go @@ -255,8 +255,8 @@ type idTokenClaims struct { Email string `json:"email,omitempty"` EmailVerified *bool `json:"email_verified,omitempty"` - Locale string `json:"locale,omitempty"` Groups []string `json:"groups,omitempty"` + Locale string `json:"locale,omitempty"` Name string `json:"name,omitempty"` diff --git a/storage/conformance/conformance.go b/storage/conformance/conformance.go index 8d9263afbe..3303044ee0 100644 --- a/storage/conformance/conformance.go +++ b/storage/conformance/conformance.go @@ -97,8 +97,8 @@ func testAuthRequestCRUD(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a", "b"}, + Locale: "en_US", }, } @@ -130,8 +130,8 @@ func testAuthRequestCRUD(t *testing.T, s storage.Storage) { Username: "john", Email: "john.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a"}, + Locale: "en_US", }, } @@ -180,8 +180,8 @@ func testAuthCodeCRUD(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a", "b"}, + Locale: "en_US", }, } @@ -203,8 +203,8 @@ func testAuthCodeCRUD(t *testing.T, s storage.Storage) { Username: "john", Email: "john.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a"}, + Locale: "en_US", }, } @@ -325,8 +325,8 @@ func testRefreshTokenCRUD(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a", "b"}, + Locale: "en_US", }, ConnectorData: []byte(`{"some":"data"}`), } @@ -380,8 +380,8 @@ func testRefreshTokenCRUD(t *testing.T, s storage.Storage) { Username: "john", Email: "john.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a", "b"}, + Locale: "en_US", }, ConnectorData: []byte(`{"some":"data"}`), } @@ -800,8 +800,8 @@ func testGC(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a", "b"}, + Locale: "en_US", }, } @@ -861,8 +861,8 @@ func testTimezones(t *testing.T, s storage.Storage) { Username: "jane", Email: "jane.doe@example.com", EmailVerified: true, - Locale: "en_US", Groups: []string{"a", "b"}, + Locale: "en_US", }, } if err := s.CreateAuthCode(c); err != nil { diff --git a/storage/etcd/types.go b/storage/etcd/types.go index 2b4110bc61..b6637a5c53 100644 --- a/storage/etcd/types.go +++ b/storage/etcd/types.go @@ -152,8 +152,8 @@ type Claims struct { Username string `json:"username"` Email string `json:"email"` EmailVerified bool `json:"emailVerified"` - Locale string `json:"locale,omitempty"` Groups []string `json:"groups,omitempty"` + Locale string `json:"locale,omitempty"` } func fromStorageClaims(i storage.Claims) Claims { @@ -162,8 +162,8 @@ func fromStorageClaims(i storage.Claims) Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, - Locale: i.Locale, Groups: i.Groups, + Locale: i.Locale, } } @@ -173,8 +173,8 @@ func toStorageClaims(i Claims) storage.Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, - Locale: i.Locale, Groups: i.Groups, + Locale: i.Locale, } } diff --git a/storage/kubernetes/types.go b/storage/kubernetes/types.go index 923e2b8a28..2ca56fc103 100644 --- a/storage/kubernetes/types.go +++ b/storage/kubernetes/types.go @@ -214,8 +214,8 @@ type Claims struct { Username string `json:"username"` Email string `json:"email"` EmailVerified bool `json:"emailVerified"` - Locale string `json:"locale,omitempty"` Groups []string `json:"groups,omitempty"` + Locale string `json:"locale,omitempty"` } func fromStorageClaims(i storage.Claims) Claims { @@ -224,8 +224,8 @@ func fromStorageClaims(i storage.Claims) Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, - Locale: i.Locale, Groups: i.Groups, + Locale: i.Locale, } } @@ -235,8 +235,8 @@ func toStorageClaims(i Claims) storage.Claims { Username: i.Username, Email: i.Email, EmailVerified: i.EmailVerified, - Locale: i.Locale, Groups: i.Groups, + Locale: i.Locale, } } diff --git a/storage/storage.go b/storage/storage.go index 5fda4bb014..9003dba136 100644 --- a/storage/storage.go +++ b/storage/storage.go @@ -141,8 +141,8 @@ type Claims struct { Username string Email string EmailVerified bool - Locale string Groups []string + Locale string } // AuthRequest represents a OAuth2 client authorization request. It holds the state From f565bc401945f34866a8affc77bebc7bb338ff8f Mon Sep 17 00:00:00 2001 From: Justin Slowik Date: Thu, 29 Aug 2019 13:52:31 -0400 Subject: [PATCH 5/6] Updated migrate to proper alter sql columns --- .gitignore | 1 + storage/sql/migrate.go | 15 ++++++++++++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 21ad3ba82f..20d0d22d3f 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ bin dist _output .idea +.DS_Store \ No newline at end of file diff --git a/storage/sql/migrate.go b/storage/sql/migrate.go index b9710d94ff..1c15068dc4 100644 --- a/storage/sql/migrate.go +++ b/storage/sql/migrate.go @@ -98,7 +98,6 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings - claims_locale text not null, connector_id text not null, connector_data bytea, @@ -118,7 +117,6 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings - claims_locale text not null, connector_id text not null, connector_data bytea, @@ -137,7 +135,6 @@ var migrations = []migration{ claims_email text not null, claims_email_verified boolean not null, claims_groups bytea not null, -- JSON array of strings - claims_locale text not null, connector_id text not null, connector_data bytea @@ -193,4 +190,16 @@ var migrations = []migration{ );`, }, }, + { + stmts: []string{` + alter table auth_request + add column claims_locale text not null default '';`, + ` + alter table auth_code + add column claims_locale text not null default '';`, + ` + alter table refresh_token + add column claims_locale text not null default '';`, + }, + }, } From bdfdc184390d834717b321c57603d8f53534e61d Mon Sep 17 00:00:00 2001 From: Justin Slowik Date: Fri, 6 Sep 2019 14:00:16 -0400 Subject: [PATCH 6/6] Updated based on PR comments. Modified Conformance unit tests to not have Locale in secondary use cases. Removed the "not null default '' " from the migrate statements. --- storage/conformance/conformance.go | 3 --- storage/sql/crud.go | 3 +-- storage/sql/migrate.go | 6 +++--- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/storage/conformance/conformance.go b/storage/conformance/conformance.go index 3303044ee0..357b1638ad 100644 --- a/storage/conformance/conformance.go +++ b/storage/conformance/conformance.go @@ -131,7 +131,6 @@ func testAuthRequestCRUD(t *testing.T, s storage.Storage) { Email: "john.doe@example.com", EmailVerified: true, Groups: []string{"a"}, - Locale: "en_US", }, } @@ -204,7 +203,6 @@ func testAuthCodeCRUD(t *testing.T, s storage.Storage) { Email: "john.doe@example.com", EmailVerified: true, Groups: []string{"a"}, - Locale: "en_US", }, } @@ -381,7 +379,6 @@ func testRefreshTokenCRUD(t *testing.T, s storage.Storage) { Email: "john.doe@example.com", EmailVerified: true, Groups: []string{"a", "b"}, - Locale: "en_US", }, ConnectorData: []byte(`{"some":"data"}`), } diff --git a/storage/sql/crud.go b/storage/sql/crud.go index 94ea702091..bc9be186b6 100644 --- a/storage/sql/crud.go +++ b/storage/sql/crud.go @@ -151,8 +151,7 @@ func (c *conn) UpdateAuthRequest(id string, updater func(a storage.AuthRequest) nonce = $5, state = $6, force_approval_prompt = $7, logged_in = $8, claims_user_id = $9, claims_username = $10, claims_email = $11, claims_email_verified = $12, - claims_groups = $13, - claims_locale = $14, + claims_groups = $13, claims_locale = $14, connector_id = $15, connector_data = $16, expiry = $17 where id = $18; diff --git a/storage/sql/migrate.go b/storage/sql/migrate.go index 1c15068dc4..7468d00042 100644 --- a/storage/sql/migrate.go +++ b/storage/sql/migrate.go @@ -193,13 +193,13 @@ var migrations = []migration{ { stmts: []string{` alter table auth_request - add column claims_locale text not null default '';`, + add column claims_locale text;`, ` alter table auth_code - add column claims_locale text not null default '';`, + add column claims_locale text;`, ` alter table refresh_token - add column claims_locale text not null default '';`, + add column claims_locale text;`, }, }, }