chore(oauth): replace pkce package with 'official' oauth2 package

axiomhq · Dec 13, 2023 · 435f10f · 435f10f
1 parent 254b73b
commit 435f10f
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 246 deletions.
diff --git a/internal/client/auth/auth.go b/internal/client/auth/auth.go
@@ -15,7 +15,6 @@ import (
 	"golang.org/x/oauth2"
 
 	"github.com/axiomhq/cli/internal/client/auth/assets"
-	"github.com/axiomhq/cli/internal/client/auth/pkce"
 )
 
 const (
@@ -71,12 +70,8 @@ func Login(ctx context.Context, clientID, baseURL string, loginFunc LoginFunc) (
 		Scopes:      []string{"*"},
 	}
 
-	// Create the PKCE Code Verifier and S256 Code Challenge.
-	method := pkce.MethodS256
-	codeVerifier, err := pkce.New()
-	if err != nil {
-		return "", err
-	}
+	// Create the PKCE Code Verifier for the S256 Code Challenge.
+	codeVerifier := oauth2.GenerateVerifier()
 
 	// Generate a random state to prevent CSRF. It is hex-encoded to make it
 	// URL-safe.
@@ -130,7 +125,7 @@ func Login(ctx context.Context, clientID, baseURL string, loginFunc LoginFunc) (
 			}
 
 			var exchangeErr error
-			if token, exchangeErr = config.Exchange(r.Context(), code, codeVerifier.AuthCodeOption()); exchangeErr != nil {
+			if token, exchangeErr = config.Exchange(r.Context(), code, oauth2.VerifierOption(codeVerifier)); exchangeErr != nil {
 				writeResponse(exchangeErr)
 				return
 			}
@@ -158,10 +153,7 @@ func Login(ctx context.Context, clientID, baseURL string, loginFunc LoginFunc) (
 
 	// Construct the login URL and call the login function provided by the
 	// caller.
-	loginURL := config.AuthCodeURL(state,
-		codeVerifier.Challenge(method).AuthCodeOption(),
-		method.AuthCodeOption(),
-	)
+	loginURL := config.AuthCodeURL(state, oauth2.S256ChallengeOption(codeVerifier))
 
 	if err = loginFunc(ctx, loginURL); err != nil {
 		return "", err

diff --git a/internal/client/auth/auth_test.go b/internal/client/auth/auth_test.go
@@ -9,9 +9,9 @@ import (
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+	"golang.org/x/oauth2"
 
 	"github.com/axiomhq/cli/internal/client/auth"
-	"github.com/axiomhq/cli/internal/client/auth/pkce"
 )
 
 func TestLogin(t *testing.T) {
@@ -53,10 +53,8 @@ func TestLogin(t *testing.T) {
 		assert.Contains(t, r.Form, "code_verifier")
 
 		// Server side PKCE verification.
-		codeVerifier := pkce.VerifierFromString(r.FormValue("code_verifier"))
-		codeChallenge := pkce.ChallengeFromString(globalCodeChallenge)
-
-		assert.True(t, codeChallenge.Verify(codeVerifier, pkce.MethodS256))
+		codeChallenge := oauth2.S256ChallengeFromVerifier(r.FormValue("code_verifier"))
+		assert.Equal(t, globalCodeChallenge, codeChallenge)
 
 		w.Header().Set("Cache-Control", "no-store")
 		w.Header().Set("Pragma", "no-cache")

diff --git a/internal/client/auth/pkce/pkce.go b/internal/client/auth/pkce/pkce.go
diff --git a/internal/client/auth/pkce/pkce_string.go b/internal/client/auth/pkce/pkce_string.go
diff --git a/internal/client/auth/pkce/pkce_test.go b/internal/client/auth/pkce/pkce_test.go