Fix lint error and remove accidental direct dep on ory/x
Fixing some mistakes from previous commit on feature branch.
This commit is contained in:
parent
c12ffad29e
commit
0495286f97
@ -13,7 +13,6 @@ import (
|
||||
"github.com/ory/fosite/compose"
|
||||
"github.com/ory/fosite/handler/oauth2"
|
||||
"github.com/ory/fosite/handler/openid"
|
||||
"github.com/ory/x/errorsx"
|
||||
"github.com/pkg/errors"
|
||||
|
||||
"go.pinniped.dev/internal/oidc/clientregistry"
|
||||
@ -75,13 +74,13 @@ func (t *TokenExchangeHandler) PopulateTokenEndpointResponse(ctx context.Context
|
||||
// Check that the currently authenticated client and the client which was originally used to get the access token are the same.
|
||||
if originalRequester.GetClient().GetID() != requester.GetClient().GetID() {
|
||||
// This error message is copied from the similar check in fosite's flow_authorize_code_token.go.
|
||||
return errorsx.WithStack(fosite.ErrInvalidGrant.WithHint("The OAuth 2.0 Client ID from this request does not match the one from the authorize request."))
|
||||
return errors.WithStack(fosite.ErrInvalidGrant.WithHint("The OAuth 2.0 Client ID from this request does not match the one from the authorize request."))
|
||||
}
|
||||
|
||||
// Check that the client is allowed to perform this grant type.
|
||||
if !requester.GetClient().GetGrantTypes().Has(tokenExchangeGrantType) {
|
||||
// This error message is trying to be similar to the analogous one in fosite's flow_authorize_code_token.go.
|
||||
return errorsx.WithStack(fosite.ErrUnauthorizedClient.WithHintf("The OAuth 2.0 Client is not allowed to use token exchange grant \"%s\".", tokenExchangeGrantType))
|
||||
return errors.WithStack(fosite.ErrUnauthorizedClient.WithHintf(`The OAuth 2.0 Client is not allowed to use token exchange grant "%s".`, tokenExchangeGrantType))
|
||||
}
|
||||
|
||||
// Require that the incoming access token has the pinniped:request-audience and OpenID scopes.
|
||||
|
@ -1748,9 +1748,8 @@ func testSupervisorLogin(
|
||||
require.EqualError(t, err, wantAuthcodeExchangeError)
|
||||
// The authcode exchange has failed, so can't continue the login flow, making this the end of the test case.
|
||||
return
|
||||
} else {
|
||||
require.NoError(t, err)
|
||||
}
|
||||
require.NoError(t, err)
|
||||
expectedIDTokenClaims := []string{"iss", "exp", "sub", "aud", "auth_time", "iat", "jti", "nonce", "rat", "username"}
|
||||
if slices.Contains(downstreamScopes, "groups") {
|
||||
expectedIDTokenClaims = append(expectedIDTokenClaims, "groups")
|
||||
|
Loading…
Reference in New Issue
Block a user