Skip to content

Commit 558e687

Browse files
author
Anis Eleuch
committed
openid: Gather the refresh token if found.
With this commit, when the openid login page sends the refresh token in the login redirection url, the code will get it. This is helpful to support refresh openid user claims routine.
1 parent 076b803 commit 558e687

File tree

3 files changed

+35
-28
lines changed

3 files changed

+35
-28
lines changed

go.mod

Lines changed: 12 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ go 1.22
55
require (
66
github.com/blang/semver/v4 v4.0.0
77
github.com/cheggaaa/pb/v3 v3.1.5
8-
github.com/dustin/go-humanize v1.0.1
8+
github.com/dustin/go-humanize v1.0.1 // indirect
99
github.com/fatih/color v1.17.0
1010
github.com/go-openapi/errors v0.22.0
1111
github.com/go-openapi/loads v0.22.0
@@ -17,34 +17,31 @@ require (
1717
github.com/golang-jwt/jwt/v4 v4.5.1
1818
github.com/google/uuid v1.6.0
1919
github.com/jessevdk/go-flags v1.6.1
20-
github.com/klauspost/compress v1.17.9
20+
github.com/klauspost/compress v1.17.11
2121
github.com/minio/cli v1.24.2
2222
github.com/minio/highwayhash v1.0.3
2323
github.com/minio/kes v0.23.0
2424
github.com/minio/madmin-go/v3 v3.0.68
2525
github.com/minio/mc v0.0.0-20240815155011-479171e7be9c
26-
github.com/minio/minio-go/v7 v7.0.76
26+
github.com/minio/minio-go/v7 v7.0.81-0.20241125171916-a563333c01ef
2727
github.com/minio/selfupdate v0.6.0
2828
github.com/minio/websocket v1.6.0
2929
github.com/mitchellh/go-homedir v1.1.0
30-
github.com/rs/xid v1.6.0
30+
github.com/rs/xid v1.6.0 // indirect
3131
github.com/secure-io/sio-go v0.3.1
3232
github.com/stretchr/testify v1.9.0
33-
github.com/tidwall/gjson v1.17.3
33+
github.com/tidwall/gjson v1.17.3 // indirect
3434
github.com/unrolled/secure v1.15.0
35-
golang.org/x/crypto v0.27.0
36-
golang.org/x/net v0.29.0
35+
golang.org/x/crypto v0.28.0
36+
golang.org/x/net v0.30.0
3737
golang.org/x/oauth2 v0.22.0
3838
// Added to include security fix for
3939
// https://github.com/golang/go/issues/56152
40-
golang.org/x/text v0.18.0 // indirect
40+
golang.org/x/text v0.19.0 // indirect
4141
gopkg.in/yaml.v2 v2.4.0 // indirect
4242
)
4343

44-
require (
45-
github.com/mattn/go-ieproxy v0.0.12
46-
github.com/minio/pkg/v3 v3.0.22
47-
)
44+
require github.com/minio/pkg/v3 v3.0.22
4845

4946
require (
5047
aead.dev/mem v0.2.0 // indirect
@@ -96,6 +93,7 @@ require (
9693
github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 // indirect
9794
github.com/mailru/easyjson v0.7.7 // indirect
9895
github.com/mattn/go-colorable v0.1.13 // indirect
96+
github.com/mattn/go-ieproxy v0.0.12 // indirect
9997
github.com/mattn/go-isatty v0.0.20 // indirect
10098
github.com/mattn/go-localereader v0.0.1 // indirect
10199
github.com/mattn/go-runewidth v0.0.16 // indirect
@@ -145,8 +143,8 @@ require (
145143
go.uber.org/multierr v1.11.0 // indirect
146144
go.uber.org/zap v1.27.0 // indirect
147145
golang.org/x/sync v0.8.0 // indirect
148-
golang.org/x/sys v0.25.0 // indirect
149-
golang.org/x/term v0.24.0 // indirect
146+
golang.org/x/sys v0.26.0 // indirect
147+
golang.org/x/term v0.25.0 // indirect
150148
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect
151149
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
152150
google.golang.org/grpc v1.66.2 // indirect

go.sum

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -115,8 +115,8 @@ github.com/juju/ratelimit v1.0.2 h1:sRxmtRiajbvrcLQT7S+JbqU0ntsb9W2yhSdNN8tWfaI=
115115
github.com/juju/ratelimit v1.0.2/go.mod h1:qapgC/Gy+xNh9UxzV13HGGl/6UXNN+ct+vwSgWNm/qk=
116116
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
117117
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
118-
github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
119-
github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
118+
github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
119+
github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
120120
github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
121121
github.com/klauspost/cpuid/v2 v2.2.8 h1:+StwCXwm9PdpiEkPyzBXIy+M9KUb4ODm0Zarf1kS5BM=
122122
github.com/klauspost/cpuid/v2 v2.2.8/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
@@ -182,8 +182,8 @@ github.com/minio/mc v0.0.0-20240815155011-479171e7be9c h1:0tzuJ1nV6oZstqKQ/CwK1d
182182
github.com/minio/mc v0.0.0-20240815155011-479171e7be9c/go.mod h1:Cr4x7eiMJfOTWwg40Rk3EaOI7i+DUyOAtqLO7x+heiA=
183183
github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
184184
github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
185-
github.com/minio/minio-go/v7 v7.0.76 h1:9nxHH2XDai61cT/EFhyIw/wW4vJfpPNvl7lSFpRt+Ng=
186-
github.com/minio/minio-go/v7 v7.0.76/go.mod h1:AVM3IUN6WwKzmwBxVdjzhH8xq+f57JSbbvzqvUzR6eg=
185+
github.com/minio/minio-go/v7 v7.0.81-0.20241125171916-a563333c01ef h1:DB3ArSCJHnKOXzcqVTRoPOpehiDGFO/HcEoynvBa+B0=
186+
github.com/minio/minio-go/v7 v7.0.81-0.20241125171916-a563333c01ef/go.mod h1:84gmIilaX4zcvAWWzJ5Z1WI5axN+hAbM5w25xf8xvC0=
187187
github.com/minio/mux v1.9.0 h1:dWafQFyEfGhJvK6AwLOt83bIG5bxKxKJnKMCi0XAaoA=
188188
github.com/minio/mux v1.9.0/go.mod h1:1pAare17ZRL5GpmNL+9YmqHoWnLmMZF9C/ioUCfy0BQ=
189189
github.com/minio/pkg/v3 v3.0.22 h1:KkwmMtKoVJRLnDmf7KLa3E0NV6C8LHtq//ZFWeajJfg=
@@ -306,8 +306,8 @@ golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPh
306306
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
307307
golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
308308
golang.org/x/crypto v0.0.0-20211209193657-4570a0811e8b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
309-
golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
310-
golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
309+
golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
310+
golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
311311
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA=
312312
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
313313
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
@@ -317,8 +317,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
317317
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
318318
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
319319
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
320-
golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
321-
golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
320+
golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
321+
golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
322322
golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
323323
golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
324324
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -347,17 +347,17 @@ golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
347347
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
348348
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
349349
golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
350-
golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
351-
golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
350+
golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
351+
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
352352
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
353353
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
354-
golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM=
355-
golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
354+
golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24=
355+
golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
356356
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
357357
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
358358
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
359-
golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
360-
golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
359+
golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
360+
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
361361
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
362362
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
363363
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=

pkg/auth/idp/oauth2/provider.go

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -321,6 +321,15 @@ func (client *Provider) VerifyIdentity(ctx context.Context, code, state, roleARN
321321
return nil, errors.New("missing access_token")
322322
}
323323
token.AccessToken = accessToken.(string)
324+
refreshToken := oauth2Token.Extra("refresh_token")
325+
if refreshToken != nil {
326+
token.RefreshToken = refreshToken.(string)
327+
} else { //nolint:revive,staticcheck
328+
// TODO in Nov 2026 : add an error when the refresh token is not found.
329+
// This is not done yet because users may not have access_offline scope
330+
// and this may break their deployments
331+
}
332+
324333
}
325334
return token, nil
326335
}

0 commit comments

Comments
 (0)