From 45a062593f796a12671b120dfe3e30cc942f5222 Mon Sep 17 00:00:00 2001 From: hnajib <100145638+najib-houcine@users.noreply.github.com> Date: Thu, 7 Jul 2022 05:09:35 +0200 Subject: [PATCH] [KS-OIDC] Remove special characters form sub OIDC standard claim (#5018) * [KS-OIDC] Remove special characters form sub OIDC standard claim * [KS-OIDC] Change to base64 RawURLEncoding * [KS-OIDC] Import encoding/base64 * [KS-OIDC] Change import * [KS-OIDC] Damn Go * [KS-OIDC] Damn Spaces * [KS-OIDC] Backport to test * [KS-OIDC] Backport to test: the other way * [KS-OIDC] Backport to test: convert to string * [KS-OIDC] Backport to test: Hint from @wansir * [KS-OIDC] Backport to test: Damn Space --- pkg/apiserver/authentication/identityprovider/oidc/oidc.go | 3 ++- .../authentication/identityprovider/oidc/oidc_test.go | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/pkg/apiserver/authentication/identityprovider/oidc/oidc.go b/pkg/apiserver/authentication/identityprovider/oidc/oidc.go index cddb5f31a..efd821bb1 100644 --- a/pkg/apiserver/authentication/identityprovider/oidc/oidc.go +++ b/pkg/apiserver/authentication/identityprovider/oidc/oidc.go @@ -19,6 +19,7 @@ package oidc import ( "context" "crypto/tls" + "encoding/base64" "encoding/json" "errors" "fmt" @@ -115,7 +116,7 @@ type oidcIdentity struct { } func (o oidcIdentity) GetUserID() string { - return o.Sub + return base64.RawURLEncoding.EncodeToString([]byte(o.Sub)) } func (o oidcIdentity) GetUsername() string { diff --git a/pkg/apiserver/authentication/identityprovider/oidc/oidc_test.go b/pkg/apiserver/authentication/identityprovider/oidc/oidc_test.go index 5430e8924..e716672b0 100644 --- a/pkg/apiserver/authentication/identityprovider/oidc/oidc_test.go +++ b/pkg/apiserver/authentication/identityprovider/oidc/oidc_test.go @@ -198,7 +198,7 @@ var _ = Describe("OIDC", func() { req := &http.Request{URL: url} identity, err := provider.IdentityExchangeCallback(req) Expect(err).Should(BeNil()) - Expect(identity.GetUserID()).Should(Equal("110169484474386276334")) + Expect(identity.GetUserID()).Should(Equal(base64.RawURLEncoding.EncodeToString([]byte("110169484474386276334")))) Expect(identity.GetUsername()).Should(Equal("test")) Expect(identity.GetEmail()).Should(Equal("test@kubesphere.io")) })