diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2023-08-20 13:00:00 +1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-20 13:00:00 +1000 |
| commit | 321a3803f52b01324fcbf0e5b12ae014bf075c1e (patch) | |
| tree | 7e434d9ec3128cf83d59922a5eb493a7035e0c90 /internal/storage/sql_provider.go | |
| parent | e42bbca1efa3a596aaa7289a9a8c61e108d13a52 (diff) | |
fix(oidc): par consent state error (#5880)
This fixes a state error during a PAR session were if the session requires consent the flow fails.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Diffstat (limited to 'internal/storage/sql_provider.go')
| -rw-r--r-- | internal/storage/sql_provider.go | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/internal/storage/sql_provider.go b/internal/storage/sql_provider.go index 98964ae4f..7d8f1c14b 100644 --- a/internal/storage/sql_provider.go +++ b/internal/storage/sql_provider.go @@ -74,6 +74,7 @@ func NewSQLProvider(config *schema.Configuration, name, driverName, dataSourceNa sqlSelectOAuth2BlacklistedJTI: fmt.Sprintf(queryFmtSelectOAuth2BlacklistedJTI, tableOAuth2BlacklistedJTI), sqlInsertOAuth2PARContext: fmt.Sprintf(queryFmtInsertOAuth2PARContext, tableOAuth2PARContext), + sqlUpdateOAuth2PARContext: fmt.Sprintf(queryFmtUpdateOAuth2PARContext, tableOAuth2PARContext), sqlSelectOAuth2PARContext: fmt.Sprintf(queryFmtSelectOAuth2PARContext, tableOAuth2PARContext), sqlRevokeOAuth2PARContext: fmt.Sprintf(queryFmtRevokeOAuth2Session, tableOAuth2PARContext), @@ -238,6 +239,7 @@ type SQLProvider struct { // Table: oauth2_par_context. sqlInsertOAuth2PARContext string + sqlUpdateOAuth2PARContext string sqlSelectOAuth2PARContext string sqlRevokeOAuth2PARContext string @@ -687,6 +689,25 @@ func (p *SQLProvider) SaveOAuth2PARContext(ctx context.Context, par model.OAuth2 return nil } +// UpdateOAuth2PARContext updates an existing OAuth2PARContext in the database. +func (p *SQLProvider) UpdateOAuth2PARContext(ctx context.Context, par model.OAuth2PARContext) (err error) { + if par.ID == 0 { + return fmt.Errorf("error updating oauth2 pushed authorization request context data with signature '%s' and request id '%s': the id was a zero value", par.Signature, par.RequestID) + } + + if par.Session, err = p.encrypt(par.Session); err != nil { + return fmt.Errorf("error encrypting oauth2 pushed authorization request context data with id '%d' and signature '%s' and request id '%s': %w", par.ID, par.Signature, par.RequestID, err) + } + + if _, err = p.db.ExecContext(ctx, p.sqlUpdateOAuth2PARContext, + par.Signature, par.RequestID, par.ClientID, par.RequestedAt, par.Scopes, par.Audience, par.HandledResponseTypes, + par.ResponseMode, par.DefaultResponseMode, par.Revoked, par.Form, par.Session, par.ID); err != nil { + return fmt.Errorf("error updating oauth2 pushed authorization request context data with id '%d' and signature '%s' and request id '%s': %w", par.ID, par.Signature, par.RequestID, err) + } + + return nil +} + // LoadOAuth2PARContext loads a OAuth2PARContext from the database. func (p *SQLProvider) LoadOAuth2PARContext(ctx context.Context, signature string) (par *model.OAuth2PARContext, err error) { par = &model.OAuth2PARContext{} |