diff options
| -rw-r--r-- | internal/oauth2/google.go | 6 | ||||
| -rw-r--r-- | internal/oauth2/oidc.go | 15 |
2 files changed, 16 insertions, 5 deletions
diff --git a/internal/oauth2/google.go b/internal/oauth2/google.go index 495a69b0..82267ddf 100644 --- a/internal/oauth2/google.go +++ b/internal/oauth2/google.go @@ -49,20 +49,20 @@ func (g *googleProvider) GetProfile(ctx context.Context, code, codeVerifier stri conf := g.GetConfig() token, err := conf.Exchange(ctx, code, oauth2.SetAuthURLParam("code_verifier", codeVerifier)) if err != nil { - return nil, err + return nil, fmt.Errorf("google: failed to exchange token: %w", err) } client := conf.Client(ctx, token) resp, err := client.Get("https://www.googleapis.com/oauth2/v3/userinfo") if err != nil { - return nil, err + return nil, fmt.Errorf("google: failed to get user info: %w", err) } defer resp.Body.Close() var user googleProfile decoder := json.NewDecoder(resp.Body) if err := decoder.Decode(&user); err != nil { - return nil, fmt.Errorf("oauth2: unable to unserialize google profile: %v", err) + return nil, fmt.Errorf("google: unable to unserialize Google profile: %w", err) } profile := &Profile{Key: g.GetUserExtraKey(), ID: user.Sub, Username: user.Email} diff --git a/internal/oauth2/oidc.go b/internal/oauth2/oidc.go index c65f11ae..8fcb5527 100644 --- a/internal/oauth2/oidc.go +++ b/internal/oauth2/oidc.go @@ -5,6 +5,8 @@ package oauth2 // import "miniflux.app/v2/internal/oauth2" import ( "context" + "errors" + "fmt" "miniflux.app/v2/internal/model" @@ -12,6 +14,10 @@ import ( "golang.org/x/oauth2" ) +var ( + ErrEmptyUsername = errors.New("oidc: username is empty") +) + type oidcProvider struct { clientID string clientSecret string @@ -46,15 +52,20 @@ func (o *oidcProvider) GetProfile(ctx context.Context, code, codeVerifier string conf := o.GetConfig() token, err := conf.Exchange(ctx, code, oauth2.SetAuthURLParam("code_verifier", codeVerifier)) if err != nil { - return nil, err + return nil, fmt.Errorf(`oidc: failed to exchange token: %w`, err) } userInfo, err := o.provider.UserInfo(ctx, oauth2.StaticTokenSource(token)) if err != nil { - return nil, err + return nil, fmt.Errorf(`oidc: failed to get user info: %w`, err) } profile := &Profile{Key: o.GetUserExtraKey(), ID: userInfo.Subject, Username: userInfo.Email} + + if profile.Username == "" { + return nil, ErrEmptyUsername + } + return profile, nil } |