Easily addressable PR feedback (#99)

* run go mod

* strip unused err

* strip inconsequential cases

* refactor go var name id_token to idToken

* fix test

* rename id_token in another place

* update logic in parseMounts

* Put back error

* Restore parseMount

Co-authored-by: Jim Kalafut <jim@kalafut.net>

path_config.go

@@ -323,7 +323,7 @@ type jwtConfig struct {
 	OIDCClientID         string   `json:"oidc_client_id"`
 	OIDCClientSecret     string   `json:"oidc_client_secret"`
 	OIDCResponseMode     string   `json:"oidc_response_mode"`
-	OIDCResponseTypes    []string `json:"oidc_response_types`
+	OIDCResponseTypes    []string `json:"oidc_response_types"`
 	JWKSURL              string   `json:"jwks_url"`
 	JWKSCAPEM            string   `json:"jwks_ca_pem"`
 	JWTValidationPubKeys []string `json:"jwt_validation_pubkeys"`

path_oidc.go

@@ -39,7 +39,7 @@ type oidcState struct {
 	nonce       string
 	redirectURI string
 	code        string
-	id_token    string
+	idToken     string
 }
 
 func pathOIDC(b *jwtAuthBackend) []*framework.Path {
@@ -115,7 +115,7 @@ func (b *jwtAuthBackend) pathCallbackPost(ctx context.Context, req *logical.Requ
 
 	stateID := d.Get("state").(string)
 	code := d.Get("code").(string)
-	id_token := d.Get("id_token").(string)
+	idToken := d.Get("id_token").(string)
 
 	resp := &logical.Response{
 		Data: map[string]interface{}{
@@ -125,7 +125,7 @@ func (b *jwtAuthBackend) pathCallbackPost(ctx context.Context, req *logical.Requ
 	}
 
 	// Store the provided code and/or token into state, which must already exist.
-	state, err := b.amendState(stateID, code, id_token)
+	state, err := b.amendState(stateID, code, idToken)
 	if err != nil {
 		resp.Data[logical.HTTPRawBody] = []byte(errorHTML(errLoginFailed, "Expired or missing OAuth state."))
 		resp.Data[logical.HTTPStatusCode] = http.StatusBadRequest
@@ -204,10 +204,10 @@ func (b *jwtAuthBackend) pathCallback(ctx context.Context, req *logical.Request,
 	}
 
 	if code == "" {
-		if state.id_token == "" {
+		if state.idToken == "" {
 			return logical.ErrorResponse(errLoginFailed + " No code or id_token received."), nil
 		}
-		rawToken = state.id_token
+		rawToken = state.idToken
 	} else {
 		oauth2Token, err = oauth2Config.Exchange(oidcCtx, code)
 		if err != nil {
@@ -440,15 +440,15 @@ func (b *jwtAuthBackend) createState(rolename, redirectURI string) (string, stri
 	return stateID, nonce, nil
 }
 
-func (b *jwtAuthBackend) amendState(stateID, code, id_token string) (*oidcState, error) {
+func (b *jwtAuthBackend) amendState(stateID, code, idToken string) (*oidcState, error) {
 	stateRaw, ok := b.oidcStates.Get(stateID)
 	if !ok {
 		return nil, errors.New("OIDC state not found")
 	}
 
 	state := stateRaw.(*oidcState)
 	state.code = code
-	state.id_token = id_token
+	state.idToken = idToken
 
 	b.oidcStates.SetDefault(stateID, state)
 

path_oidc_test.go

@@ -942,3 +942,15 @@ func sampleClaims(nonce string) map[string]interface{} {
 		"password": "foo",
 	}
 }
+
+func TestParseMount(t *testing.T) {
+	if result := parseMount("https://example.com/v1/auth/oidc"); result != "oidc" {
+		t.Fatalf("unexpected result: %s", result)
+	}
+	if result := parseMount("https://example.com/v1/auth/oidc/foo"); result != "oidc" {
+		t.Fatalf("unexpected result: %s", result)
+	}
+	if result := parseMount("https://example.com/v1/auth/oidc/foo/a/b/c"); result != "oidc" {
+		t.Fatalf("unexpected result: %s", result)
+	}
+}