u

ory · aeneasr · Mar 14, 2020 · Mar 13, 2020 · Mar 13, 2020 · Mar 13, 2020
commit ed7cfada268e4a6cd926c59a16009c25cd02072e
@@ -564,13 +564,12 @@ func (m *SQLManager) listUserAuthenticatedClients(ctx context.Context, subject,
 }
 
 func (m *SQLManager) CreateLogoutRequest(ctx context.Context, r *LogoutRequest) error {
-	d := newSQLLogoutRequest(r)
 	/* #nosec G201 - sqlParamsLogoutRequest is a "constant" array */
 	if _, err := m.DB.NamedExecContext(ctx, fmt.Sprintf(
 		"INSERT INTO hydra_oauth2_logout_request (%s) VALUES (%s)",
 		strings.Join(sqlParamsLogoutRequest, ", "),
 		":"+strings.Join(sqlParamsLogoutRequest, ", :"),
-	), d); err != nil {
+	), r.prepareSQL()); err != nil {
 		return sqlcon.HandleError(err)
 	}
 
@@ -593,29 +592,28 @@ func (m *SQLManager) RejectLogoutRequest(ctx context.Context, challenge string)
 }
 
 func (m *SQLManager) GetLogoutRequest(ctx context.Context, challenge string) (*LogoutRequest, error) {
-	var d sqlLogoutRequest
-	if err := m.DB.GetContext(ctx, &d, m.DB.Rebind("SELECT * FROM hydra_oauth2_logout_request WHERE challenge=? AND rejected=FALSE"), challenge); err != nil {
+	var lr LogoutRequest
+	if err := m.DB.GetContext(ctx, &lr, m.DB.Rebind("SELECT * FROM hydra_oauth2_logout_request WHERE challenge=? AND rejected=FALSE"), challenge); err != nil {
 		if err == sql.ErrNoRows {
 			return nil, errors.WithStack(x.ErrNotFound)
 		}
 		return nil, sqlcon.HandleError(err)
 	}
 
-	if d.Client.Valid {
-		c, err := m.r.ClientManager().GetConcreteClient(ctx, d.Client.String)
+	if lr.ClientID.Valid {
+		var err error
+		lr.Client, err = m.r.ClientManager().GetConcreteClient(ctx, lr.ClientID.String)
 		if err != nil {
 			return nil, err
 		}
-
-		return d.ToLogoutRequest(c), nil
 	}
 
-	return d.ToLogoutRequest(nil), nil
+	return &lr, nil
 }
 
 func (m *SQLManager) VerifyAndInvalidateLogoutRequest(ctx context.Context, verifier string) (*LogoutRequest, error) {
-	var d sqlLogoutRequest
-	if err := m.DB.GetContext(ctx, &d, m.DB.Rebind("SELECT * FROM hydra_oauth2_logout_request WHERE verifier=? AND was_used=FALSE AND accepted=TRUE AND rejected=FALSE"), verifier); err != nil {
+	var lr LogoutRequest
+	if err := m.DB.GetContext(ctx, &lr, m.DB.Rebind("SELECT * FROM hydra_oauth2_logout_request WHERE verifier=? AND was_used=FALSE AND accepted=TRUE AND rejected=FALSE"), verifier); err != nil {
 		if err == sql.ErrNoRows {
 			return nil, errors.WithStack(x.ErrNotFound)
 		}
@@ -626,5 +624,5 @@ func (m *SQLManager) VerifyAndInvalidateLogoutRequest(ctx context.Context, verif
 		return nil, sqlcon.HandleError(err)
 	}
 
-	return m.GetLogoutRequest(ctx, d.Challenge)
+	return m.GetLogoutRequest(ctx, lr.Challenge)
 }
@@ -130,58 +130,6 @@ var sqlParamsLogoutRequest = []string{
 	"rp_initiated",
 }
 
-type sqlLogoutRequest struct {
-	Challenge             string         `db:"challenge"`
-	Verifier              string         `db:"verifier"`
-	Subject               string         `db:"subject"`
-	SessionID             string         `db:"sid"`
-	RequestURL            string         `db:"request_url"`
-	PostLogoutRedirectURI string         `db:"redir_url"`
-	WasUsed               bool           `db:"was_used"`
-	Accepted              bool           `db:"accepted"`
-	Rejected              bool           `db:"rejected"`
-	Client                sql.NullString `db:"client_id"`
-	RPInitiated           bool           `db:"rp_initiated"`
-}
-
-func newSQLLogoutRequest(c *LogoutRequest) *sqlLogoutRequest {
-	var clientID sql.NullString
-	if c.Client != nil {
-		clientID = sql.NullString{
-			Valid:  true,
-			String: c.Client.ClientID,
-		}
-	}
-
-	return &sqlLogoutRequest{
-		Challenge:             c.Challenge,
-		Verifier:              c.Verifier,
-		Subject:               c.Subject,
-		SessionID:             c.SessionID,
-		RequestURL:            c.RequestURL,
-		PostLogoutRedirectURI: c.PostLogoutRedirectURI,
-		WasUsed:               c.WasUsed,
-		Accepted:              c.Accepted,
-		Client:                clientID,
-		RPInitiated:           c.RPInitiated,
-	}
-}
-
-func (r *sqlLogoutRequest) ToLogoutRequest(c *client.Client) *LogoutRequest {
-	return &LogoutRequest{
-		Challenge:             r.Challenge,
-		Verifier:              r.Verifier,
-		Subject:               r.Subject,
-		SessionID:             r.SessionID,
-		RequestURL:            r.RequestURL,
-		PostLogoutRedirectURI: r.PostLogoutRedirectURI,
-		WasUsed:               r.WasUsed,
-		Accepted:              r.Accepted,
-		Client:                c,
-		RPInitiated:           r.RPInitiated,
-	}
-}
-
 type sqlAuthenticationRequest struct {
 	OpenIDConnectContext string         `db:"oidc_context"`
 	Client               string         `db:"client_id"`

@@ -21,6 +21,7 @@
 package consent
 
 import (
+	"database/sql"
 	"time"
 
 	"github.com/ory/fosite"
@@ -239,25 +240,37 @@ type OpenIDConnectContext struct {
 type LogoutRequest struct {
 	// Challenge is the identifier ("logout challenge") of the logout authentication request. It is used to
 	// identify the session.
-	Challenge string `json:"-"`
+	Challenge string `json:"-" db:"challenge"`
 
 	// Subject is the user for whom the logout was request.
-	Subject string `json:"subject"`
+	Subject string `json:"subject" db:"subject"`
 
 	// SessionID is the login session ID that was requested to log out.
-	SessionID string `json:"sid,omitempty"`
+	SessionID string `json:"sid,omitempty" db:"sid"`
 
 	// RequestURL is the original Logout URL requested.
-	RequestURL string `json:"request_url"`
+	RequestURL string `json:"request_url" db:"request_url"`
 
 	// RPInitiated is set to true if the request was initiated by a Relying Party (RP), also known as an OAuth 2.0 Client.
-	RPInitiated bool `json:"rp_initiated"`
+	RPInitiated bool `json:"rp_initiated" db:"rp_initiated"`
+
+	Verifier              string         `json:"-" db:"verifier"`
+	PostLogoutRedirectURI string         `json:"-" db:"redir_url"`
+	WasUsed               bool           `json:"-" db:"was_used"`
+	Accepted              bool           `json:"-" db:"accepted"`
+	Rejected              bool           `db:"rejected" json:"-"`
+	ClientID              sql.NullString `json:"-" db:"client_id"`
+	Client                *client.Client `json:"-" db:"-"`
+}
 
-	Verifier              string         `json:"-"`
-	PostLogoutRedirectURI string         `json:"-"`
-	WasUsed               bool           `json:"-"`
-	Accepted              bool           `json:"-"`
-	Client                *client.Client `json:"-"`
+func (r *LogoutRequest) prepareSQL() *LogoutRequest {
+	if r.Client != nil {
+		r.ClientID = sql.NullString{
+			Valid:  true,
+			String: r.Client.ClientID,
+		}
+	}
+	return r
 }
 
 // Returned when the log out request was used.

@@ -35,7 +35,7 @@ require (
 	github.com/ory/herodot v0.6.2
 	github.com/ory/sdk/swagutil v0.0.0-20200219090358-f796db673877
 	github.com/ory/viper v1.5.6
-	github.com/ory/x v0.0.99
+	github.com/ory/x v0.0.100
 	github.com/pborman/uuid v1.2.0
 	github.com/pelletier/go-toml v1.6.0 // indirect
 	github.com/phayes/freeport v0.0.0-20171002181615-b8543db493a5
@@ -60,19 +60,13 @@ require (
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	go.opentelemetry.io/otel v0.2.1
 	golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d
+	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
 	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
 	golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527 // indirect
-	golang.org/x/tools v0.0.0-20200228135638-5c7c66ced534
+	golang.org/x/tools v0.0.0-20200313205530-4303120df7d8
 	gopkg.in/gorp.v1 v1.7.2 // indirect
 	gopkg.in/ini.v1 v1.54.0 // indirect
 	gopkg.in/square/go-jose.v2 v2.4.1
 )
 
-replace git.apache.org/thrift.git => github.com/apache/thrift v0.0.0-20180902110319-2566ecd5d999
-
-// Fix for https://github.com/golang/lint/issues/436
-replace github.com/golang/lint => github.com/golang/lint v0.0.0-20190227174305-8f45f776aaf1
-
-replace github.com/ory/x => ../x
-
 go 1.14