fix: make client secret argument optional

mougams · mougams · commit 00a3fc7e3589 · 2024-06-21T15:51:39.000+02:00
The client secret is not required in PKCE authentication mode. See dexidp/dex#2244 for more info
diff --git a/internal/auth/authenticator_oidc.go b/internal/auth/authenticator_oidc.go
@@ -271,12 +271,15 @@ func extractOAuth2Args(msg *message.Message, readClientInfoFromMessages bool) (O
 		}
 	}
 
-	if clientid == nil || clientsecret == nil || redirecturl == nil {
+	if clientid == nil || redirecturl == nil {
 		temp := ""
 		clientid = &temp
-		clientsecret = &temp
 		redirecturl = &temp
 	}
+	if clientsecret == nil {
+		temp := ""
+		clientsecret = &temp
+	}
 	return OAuthArgs{ssl: ssl, host: host, pathq: pathq,
 					 cookie: cookie, clientid: *clientid,
 					 clientsecret: *clientsecret, redirecturl: *redirecturl},

Original file line number	Diff line number	Diff line change
`@@ -271,12 +271,15 @@ func extractOAuth2Args(msg *message.Message, readClientInfoFromMessages bool) (O`
`271`	`271`	`}`
`272`	`272`	`}`
`273`	`273`
`274`		`- if clientid == nil \|\| clientsecret == nil \|\| redirecturl == nil {`
	`274`	`+ if clientid == nil \|\| redirecturl == nil {`
`275`	`275`	`temp := ""`
`276`	`276`	`clientid = &temp`
`277`		`- clientsecret = &temp`
`278`	`277`	`redirecturl = &temp`
`279`	`278`	`}`
	`279`	`+ if clientsecret == nil {`
	`280`	`+ temp := ""`
	`281`	`+ clientsecret = &temp`
	`282`	`+ }`
`280`	`283`	`return OAuthArgs{ssl: ssl, host: host, pathq: pathq,`
`281`	`284`	`cookie: cookie, clientid: *clientid,`
`282`	`285`	`clientsecret: clientsecret, redirecturl: redirecturl},`