fixes

Signed-off-by: Grant Linville <[email protected]>
obot-platform · Jan 2, 2025 · 11e3542 · 11e3542
1 parent f5abc79
commit 11e3542
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 8 deletions.
diff --git a/pkg/bootstrap/bootstrap.go b/pkg/bootstrap/bootstrap.go
@@ -5,7 +5,7 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/obot-platform/obot/pkg/storage/authz"
+	"github.com/obot-platform/obot/pkg/api/authz"
 	"k8s.io/apiserver/pkg/authentication/authenticator"
 	"k8s.io/apiserver/pkg/authentication/user"
 )
@@ -21,7 +21,7 @@ func New() (*Bootstrap, error) {
 		return nil, fmt.Errorf("failed to generate random token: %w", err)
 	}
 
-	// TODO: print the token somewhere
+	fmt.Printf("Bootstrap token: %s\n", fmt.Sprintf("%x", bytes))
 
 	return &Bootstrap{
 		token: fmt.Sprintf("%x", bytes),
@@ -35,11 +35,11 @@ func (b *Bootstrap) AuthenticateRequest(req *http.Request) (*authenticator.Respo
 
 	return &authenticator.Response{
 		User: &user.DefaultInfo{
-			Name: authz.AdminName,
-			UID:  authz.AdminName,
+			Name: "bootstrap",
+			UID:  "bootstrap",
 			Groups: []string{
-				authz.AuthenticatedGroup,
 				authz.AdminGroup,
+				authz.AuthenticatedGroup,
 			},
 		},
 	}, true, nil

diff --git a/pkg/gateway/client/user.go b/pkg/gateway/client/user.go
@@ -65,7 +65,7 @@ func (c *Client) UpdateProfileIconIfNeeded(ctx context.Context, user *types.User
 }
 
 func (c *Client) fetchProfileIconURL(ctx context.Context, authProviderURL, accessToken string) (string, error) {
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, authProviderURL+"/obotGetIcon", nil)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, authProviderURL+"/obot-get-icon-url", nil)
 	if err != nil {
 		return "", fmt.Errorf("failed to create request: %w", err)
 	}

diff --git a/pkg/proxy/proxy.go b/pkg/proxy/proxy.go
@@ -52,6 +52,13 @@ func (pm *Manager) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			http.Error(w, "missing auth provider", http.StatusBadRequest)
 			return
 		}
+
+		// Set it as a cookie for the future.
+		http.SetCookie(w, &http.Cookie{
+			Name:  authProviderCookie,
+			Value: provider,
+			Path:  "/",
+		})
 	} else {
 		provider = c.Value
 		if provider == "" {
@@ -103,8 +110,18 @@ func newProxy(providerName, providerNamespace, providerURL string) (*Proxy, erro
 }
 
 func (p *Proxy) serveHTTP(w http.ResponseWriter, r *http.Request) {
+	// Make sure the path is something that we expect.
+	switch r.URL.Path {
+	case "/oauth2/start":
+	case "/oauth2/redirect":
+	case "/oauth2/sign_out":
+	case "/oauth2/callback":
+	default:
+		http.Error(w, "not found", http.StatusNotFound)
+		return
+	}
+
 	p.proxy.ServeHTTP(w, r)
-	w.Header().Set("Set-Cookie", fmt.Sprintf("%s=%s; Path=/", authProviderCookie, p.namespace+"/"+p.name))
 }
 
 type SerializableRequest struct {
@@ -136,7 +153,7 @@ func (p *Proxy) authenticateRequest(req *http.Request) (*authenticator.Response,
 		return nil, false, err
 	}
 
-	stateRequest, err := http.NewRequest(http.MethodPost, p.url+"/obotGetState", strings.NewReader(string(srJSON)))
+	stateRequest, err := http.NewRequest(http.MethodPost, p.url+"/obot-get-state", strings.NewReader(string(srJSON)))
 	if err != nil {
 		return nil, false, err
 	}