From 9818f70fb78c4a4b12590e7afaad12474671b89c Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Sun, 4 Dec 2022 21:04:53 +0800 Subject: [PATCH 01/10] feat: add lark provider --- selfservice/strategy/oidc/provider_lark.go | 176 +++++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 selfservice/strategy/oidc/provider_lark.go diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go new file mode 100644 index 000000000000..0dd0aaee2f19 --- /dev/null +++ b/selfservice/strategy/oidc/provider_lark.go @@ -0,0 +1,176 @@ +// Copyright © 2022 Ory Corp +// SPDX-License-Identifier: Apache-2.0 + +package oidc + +import ( + "context" + "encoding/json" + "net/url" + "strings" + "time" + + "github.com/hashicorp/go-retryablehttp" + "github.com/ory/herodot" + "github.com/ory/x/httpx" + "github.com/pkg/errors" + "golang.org/x/oauth2" +) + +type ProviderLark struct { + config *Configuration + reg dependencies +} + +func NewProviderProviderLark( + config *Configuration, + reg dependencies, +) *ProviderLark { + return &ProviderLark{ + config: config, + reg: reg, + } +} + +type larkClaim struct { + Sub string `json:"sub"` + Name string `json:"name"` + Picture string `json:"picture"` + OpenID string `json:"open_id"` + UnionID string `json:"union_id"` + EnName string `json:"en_name"` + TenantKey string `json:"tenant_key"` + AvatarURL string `json:"avatar_url"` + AvatarThumb string `json:"avatar_thumb"` + AvatarMiddle string `json:"avatar_middle"` + AvatarBig string `json:"avatar_big"` + Email string `json:"email"` + UserID string `json:"user_id"` + Mobile string `json:"mobile"` +} + +func (g *ProviderLark) Config() *Configuration { + return g.config +} + +func (g *ProviderLark) OAuth2(ctx context.Context) (*oauth2.Config, error) { + var endpoint = oauth2.Endpoint{ + AuthURL: "https://passport.feishu.cn/suite/passport/oauth/authorize", + TokenURL: "https://passport.feishu.cn/suite/passport/oauth/token", + AuthStyle: oauth2.AuthStyleInParams, + } + + return &oauth2.Config{ + ClientID: g.config.ClientID, + ClientSecret: g.config.ClientSecret, + Endpoint: endpoint, + // DingTalk only allow to set scopes: openid or openid corpid + Scopes: g.config.Scope, + RedirectURL: g.config.Redir(g.reg.Config().OIDCRedirectURIBase(ctx)), + }, nil + +} + +func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query url.Values) (*Claims, error) { + var ( + userEndpoint = "https://passport.feishu.cn/suite/passport/oauth/userinfo" + accessToken = exchange.AccessToken + client = g.reg.HTTPClient(ctx, httpx.ResilientClientDisallowInternalIPs()) + user larkClaim + ) + + req, err := retryablehttp.NewRequest("GET", userEndpoint, nil) + if err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + + req.Header.Add("Authorization", "Bearer "+accessToken) + resp, err := client.Do(req) + if err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + defer resp.Body.Close() + + if err := json.NewDecoder(resp.Body).Decode(&user); err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + + return &Claims{ + Issuer: userEndpoint, + Subject: user.OpenID, + Name: user.Name, + Nickname: user.Name, + Picture: user.AvatarURL, + Email: user.Email, + PhoneNumber: user.Mobile, + }, nil + +} + +func (pl *ProviderLark) AuthCodeURLOptions(r ider) []oauth2.AuthCodeOption { + return []oauth2.AuthCodeOption{} +} + +func (g *ProviderLark) Exchange(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error) { + + type ( + larkExchangeReq struct { + ClientId string `json:"client_id"` + ClientSecret string `json:"client_secret"` + Code string `json:"code"` + GrantType string `json:"grant_type"` + } + larkTokenResp struct { + AccessToken string `json:"access_token"` + TokenType string `json:"token_type"` + ExpiresIn int64 `json:"expires_in"` + RefreshToken string `json:"refresh_token"` + RefreshExpiresIn int64 `json:"refresh_expires_in"` + } + ) + + conf, err := g.OAuth2(ctx) + if err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + + pTokenParams := &larkExchangeReq{ + ClientId: conf.ClientID, + ClientSecret: conf.ClientSecret, + Code: code, + GrantType: "authorization_code", + } + + bs, err := json.Marshal(pTokenParams) + if err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + + r := strings.NewReader(string(bs)) + client := g.reg.HTTPClient(ctx, httpx.ResilientClientDisallowInternalIPs()) + req, err := retryablehttp.NewRequest("POST", conf.Endpoint.TokenURL, r) + if err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + + req.Header.Add("Content-Type", "application/json;charset=UTF-8") + + resp, err := client.Do(req) + if err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + defer resp.Body.Close() + + var dToken larkTokenResp + if err := json.NewDecoder(resp.Body).Decode(&dToken); err != nil { + return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) + } + token := &oauth2.Token{ + AccessToken: dToken.AccessToken, + TokenType: dToken.TokenType, + RefreshToken: dToken.RefreshToken, + Expiry: time.Unix(time.Now().Unix()+int64(dToken.ExpiresIn), 0), + } + + return token, nil +} From 8c14c216c1cf515f6bdb9c160af03e78005caadf Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Sun, 4 Dec 2022 21:09:17 +0800 Subject: [PATCH 02/10] feat: add lark to provider_config --- selfservice/strategy/oidc/provider_config.go | 2 ++ selfservice/strategy/oidc/provider_lark.go | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/selfservice/strategy/oidc/provider_config.go b/selfservice/strategy/oidc/provider_config.go index 88f8296a66a7..8be144dbb1c8 100644 --- a/selfservice/strategy/oidc/provider_config.go +++ b/selfservice/strategy/oidc/provider_config.go @@ -167,6 +167,8 @@ func (c ConfigurationCollection) Provider(id string, reg dependencies) (Provider return NewProviderLinkedIn(&p, reg), nil case addProviderName("patreon"): return NewProviderPatreon(&p, reg), nil + case addProviderName("lark"): + return NewProviderLark(&p, reg), nil } return nil, errors.Errorf("provider type %s is not supported, supported are: %v", p.Provider, providerNames) } diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 0dd0aaee2f19..7e24760120b3 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -22,7 +22,7 @@ type ProviderLark struct { reg dependencies } -func NewProviderProviderLark( +func NewProviderLark( config *Configuration, reg dependencies, ) *ProviderLark { From cc298dbd93db46e7d6478c0710a54f11de5a3151 Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Mon, 5 Dec 2022 12:21:43 +0800 Subject: [PATCH 03/10] feat: update schema use buffer --- .schemastore/config.schema.json | 3 +- embedx/config.schema.json | 5 +-- selfservice/strategy/oidc/provider_lark.go | 39 ++++++++++------------ 3 files changed, 23 insertions(+), 24 deletions(-) diff --git a/.schemastore/config.schema.json b/.schemastore/config.schema.json index df8fb64d20dd..09fa2fcdcf98 100644 --- a/.schemastore/config.schema.json +++ b/.schemastore/config.schema.json @@ -414,7 +414,8 @@ "netid", "dingtalk", "patreon", - "linkedin" + "linkedin", + "lark" ], "examples": [ "google" diff --git a/embedx/config.schema.json b/embedx/config.schema.json index e79adc2a3866..db4d6bb3ef1b 100644 --- a/embedx/config.schema.json +++ b/embedx/config.schema.json @@ -414,7 +414,8 @@ "netid", "dingtalk", "patreon", - "linkedin" + "linkedin", + "lark" ], "examples": [ "google" @@ -2668,4 +2669,4 @@ "selfservice" ], "additionalProperties": false -} +} \ No newline at end of file diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 7e24760120b3..d8d910045ccf 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -4,10 +4,10 @@ package oidc import ( + "bytes" "context" "encoding/json" "net/url" - "strings" "time" "github.com/hashicorp/go-retryablehttp" @@ -32,23 +32,6 @@ func NewProviderLark( } } -type larkClaim struct { - Sub string `json:"sub"` - Name string `json:"name"` - Picture string `json:"picture"` - OpenID string `json:"open_id"` - UnionID string `json:"union_id"` - EnName string `json:"en_name"` - TenantKey string `json:"tenant_key"` - AvatarURL string `json:"avatar_url"` - AvatarThumb string `json:"avatar_thumb"` - AvatarMiddle string `json:"avatar_middle"` - AvatarBig string `json:"avatar_big"` - Email string `json:"email"` - UserID string `json:"user_id"` - Mobile string `json:"mobile"` -} - func (g *ProviderLark) Config() *Configuration { return g.config } @@ -72,6 +55,22 @@ func (g *ProviderLark) OAuth2(ctx context.Context) (*oauth2.Config, error) { } func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query url.Values) (*Claims, error) { + type larkClaim struct { + Sub string `json:"sub"` + Name string `json:"name"` + Picture string `json:"picture"` + OpenID string `json:"open_id"` + UnionID string `json:"union_id"` + EnName string `json:"en_name"` + TenantKey string `json:"tenant_key"` + AvatarURL string `json:"avatar_url"` + AvatarThumb string `json:"avatar_thumb"` + AvatarMiddle string `json:"avatar_middle"` + AvatarBig string `json:"avatar_big"` + Email string `json:"email"` + UserID string `json:"user_id"` + Mobile string `json:"mobile"` + } var ( userEndpoint = "https://passport.feishu.cn/suite/passport/oauth/userinfo" accessToken = exchange.AccessToken @@ -146,13 +145,11 @@ func (g *ProviderLark) Exchange(ctx context.Context, code string, opts ...oauth2 return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) } - r := strings.NewReader(string(bs)) client := g.reg.HTTPClient(ctx, httpx.ResilientClientDisallowInternalIPs()) - req, err := retryablehttp.NewRequest("POST", conf.Endpoint.TokenURL, r) + req, err := retryablehttp.NewRequest("POST", conf.Endpoint.TokenURL, bytes.NewBuffer(bs)) if err != nil { return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) } - req.Header.Add("Content-Type", "application/json;charset=UTF-8") resp, err := client.Do(req) From 73a605e319597b5a543755f143b9231a589796ac Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Mon, 5 Dec 2022 12:40:38 +0800 Subject: [PATCH 04/10] refactor: fix format issue --- selfservice/strategy/oidc/provider_lark.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index d8d910045ccf..1efe2d06f6b0 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -11,10 +11,11 @@ import ( "time" "github.com/hashicorp/go-retryablehttp" - "github.com/ory/herodot" - "github.com/ory/x/httpx" "github.com/pkg/errors" "golang.org/x/oauth2" + + "github.com/ory/herodot" + "github.com/ory/x/httpx" ) type ProviderLark struct { From ec900791f3eb3f926cda0f2654f5d72132c53af1 Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Mon, 5 Dec 2022 16:23:18 +0800 Subject: [PATCH 05/10] fix: add missing params --- selfservice/strategy/oidc/provider_lark.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 1efe2d06f6b0..62714c76f768 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -119,6 +119,7 @@ func (g *ProviderLark) Exchange(ctx context.Context, code string, opts ...oauth2 ClientSecret string `json:"client_secret"` Code string `json:"code"` GrantType string `json:"grant_type"` + RedirectURI string `json:"redirect_uri"` } larkTokenResp struct { AccessToken string `json:"access_token"` @@ -139,6 +140,7 @@ func (g *ProviderLark) Exchange(ctx context.Context, code string, opts ...oauth2 ClientSecret: conf.ClientSecret, Code: code, GrantType: "authorization_code", + RedirectURI: g.config.Redir(g.reg.Config().OIDCRedirectURIBase(ctx)), } bs, err := json.Marshal(pTokenParams) From 3ba2576e563ee953363c35bf7ec6c264867615a1 Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Wed, 7 Dec 2022 07:30:35 +0800 Subject: [PATCH 06/10] docs: add document url for lark claim --- selfservice/strategy/oidc/provider_lark.go | 1 + 1 file changed, 1 insertion(+) diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 62714c76f768..53c5a55749f6 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -56,6 +56,7 @@ func (g *ProviderLark) OAuth2(ctx context.Context) (*oauth2.Config, error) { } func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query url.Values) (*Claims, error) { + // larkClaim is defined in the https://open.feishu.cn/document/common-capabilities/sso/api/get-user-info type larkClaim struct { Sub string `json:"sub"` Name string `json:"name"` From a514441f893985f38d1fe2bc6bc11cd1486dc406 Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Thu, 8 Dec 2022 08:01:17 +0800 Subject: [PATCH 07/10] feat: use standard oAuth token exchanger --- selfservice/strategy/oidc/provider_lark.go | 77 ++-------------------- 1 file changed, 6 insertions(+), 71 deletions(-) diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 53c5a55749f6..0c7edb0b5269 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -4,11 +4,9 @@ package oidc import ( - "bytes" "context" "encoding/json" "net/url" - "time" "github.com/hashicorp/go-retryablehttp" "github.com/pkg/errors" @@ -19,8 +17,7 @@ import ( ) type ProviderLark struct { - config *Configuration - reg dependencies + *ProviderGenericOIDC } func NewProviderLark( @@ -28,8 +25,10 @@ func NewProviderLark( reg dependencies, ) *ProviderLark { return &ProviderLark{ - config: config, - reg: reg, + &ProviderGenericOIDC{ + config: config, + reg: reg, + }, } } @@ -48,7 +47,7 @@ func (g *ProviderLark) OAuth2(ctx context.Context) (*oauth2.Config, error) { ClientID: g.config.ClientID, ClientSecret: g.config.ClientSecret, Endpoint: endpoint, - // DingTalk only allow to set scopes: openid or openid corpid + // Lark uses fixed scope that can not be configured in runtime Scopes: g.config.Scope, RedirectURL: g.config.Redir(g.reg.Config().OIDCRedirectURIBase(ctx)), }, nil @@ -111,67 +110,3 @@ func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query func (pl *ProviderLark) AuthCodeURLOptions(r ider) []oauth2.AuthCodeOption { return []oauth2.AuthCodeOption{} } - -func (g *ProviderLark) Exchange(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (*oauth2.Token, error) { - - type ( - larkExchangeReq struct { - ClientId string `json:"client_id"` - ClientSecret string `json:"client_secret"` - Code string `json:"code"` - GrantType string `json:"grant_type"` - RedirectURI string `json:"redirect_uri"` - } - larkTokenResp struct { - AccessToken string `json:"access_token"` - TokenType string `json:"token_type"` - ExpiresIn int64 `json:"expires_in"` - RefreshToken string `json:"refresh_token"` - RefreshExpiresIn int64 `json:"refresh_expires_in"` - } - ) - - conf, err := g.OAuth2(ctx) - if err != nil { - return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) - } - - pTokenParams := &larkExchangeReq{ - ClientId: conf.ClientID, - ClientSecret: conf.ClientSecret, - Code: code, - GrantType: "authorization_code", - RedirectURI: g.config.Redir(g.reg.Config().OIDCRedirectURIBase(ctx)), - } - - bs, err := json.Marshal(pTokenParams) - if err != nil { - return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) - } - - client := g.reg.HTTPClient(ctx, httpx.ResilientClientDisallowInternalIPs()) - req, err := retryablehttp.NewRequest("POST", conf.Endpoint.TokenURL, bytes.NewBuffer(bs)) - if err != nil { - return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) - } - req.Header.Add("Content-Type", "application/json;charset=UTF-8") - - resp, err := client.Do(req) - if err != nil { - return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) - } - defer resp.Body.Close() - - var dToken larkTokenResp - if err := json.NewDecoder(resp.Body).Decode(&dToken); err != nil { - return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) - } - token := &oauth2.Token{ - AccessToken: dToken.AccessToken, - TokenType: dToken.TokenType, - RefreshToken: dToken.RefreshToken, - Expiry: time.Unix(time.Now().Unix()+int64(dToken.ExpiresIn), 0), - } - - return token, nil -} From 2483cbe68617732c87b05bfdb2c17bf2e0891250 Mon Sep 17 00:00:00 2001 From: Liu Hancheng Date: Mon, 26 Dec 2022 10:04:48 +0800 Subject: [PATCH 08/10] nit: refactor code --- selfservice/strategy/oidc/provider_lark.go | 28 ++++++++++++---------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 0c7edb0b5269..2075d0f5f66a 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -20,6 +20,15 @@ type ProviderLark struct { *ProviderGenericOIDC } +var ( + larkAuthEndpoint = oauth2.Endpoint{ + AuthURL: "https://passport.feishu.cn/suite/passport/oauth/authorize", + TokenURL: "https://passport.feishu.cn/suite/passport/oauth/token", + AuthStyle: oauth2.AuthStyleInParams, + } + larkUserEndpoint = "https://passport.feishu.cn/suite/passport/oauth/userinfo" +) + func NewProviderLark( config *Configuration, reg dependencies, @@ -37,16 +46,11 @@ func (g *ProviderLark) Config() *Configuration { } func (g *ProviderLark) OAuth2(ctx context.Context) (*oauth2.Config, error) { - var endpoint = oauth2.Endpoint{ - AuthURL: "https://passport.feishu.cn/suite/passport/oauth/authorize", - TokenURL: "https://passport.feishu.cn/suite/passport/oauth/token", - AuthStyle: oauth2.AuthStyleInParams, - } return &oauth2.Config{ ClientID: g.config.ClientID, ClientSecret: g.config.ClientSecret, - Endpoint: endpoint, + Endpoint: larkAuthEndpoint, // Lark uses fixed scope that can not be configured in runtime Scopes: g.config.Scope, RedirectURL: g.config.Redir(g.reg.Config().OIDCRedirectURIBase(ctx)), @@ -73,18 +77,16 @@ func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query Mobile string `json:"mobile"` } var ( - userEndpoint = "https://passport.feishu.cn/suite/passport/oauth/userinfo" - accessToken = exchange.AccessToken - client = g.reg.HTTPClient(ctx, httpx.ResilientClientDisallowInternalIPs()) - user larkClaim + client = g.reg.HTTPClient(ctx, httpx.ResilientClientDisallowInternalIPs()) + user larkClaim ) - req, err := retryablehttp.NewRequest("GET", userEndpoint, nil) + req, err := retryablehttp.NewRequest("GET", larkUserEndpoint, nil) if err != nil { return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) } - req.Header.Add("Authorization", "Bearer "+accessToken) + exchange.SetAuthHeader(req.Request) resp, err := client.Do(req) if err != nil { return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) @@ -96,7 +98,7 @@ func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query } return &Claims{ - Issuer: userEndpoint, + Issuer: larkUserEndpoint, Subject: user.OpenID, Name: user.Name, Nickname: user.Name, From effd4a46105bd7db09226c84ef7b31a62a4d1c01 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Thu, 25 May 2023 10:45:12 +0200 Subject: [PATCH 09/10] chore: code review --- selfservice/strategy/oidc/provider_lark.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 2075d0f5f66a..40202b61abad 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -87,13 +87,17 @@ func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query } exchange.SetAuthHeader(req.Request) - resp, err := client.Do(req) + res, err := client.Do(req) if err != nil { return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) } - defer resp.Body.Close() + defer res.Body.Close() - if err := json.NewDecoder(resp.Body).Decode(&user); err != nil { + if err := logUpstreamError(d.reg.Logger(), res); err != nil { + return nil, err + } + + if err := json.NewDecoder(res.Body).Decode(&user); err != nil { return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err)) } @@ -106,7 +110,6 @@ func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query Email: user.Email, PhoneNumber: user.Mobile, }, nil - } func (pl *ProviderLark) AuthCodeURLOptions(r ider) []oauth2.AuthCodeOption { From b7761a295139f488d30af29413d2041f3a2c98c5 Mon Sep 17 00:00:00 2001 From: LiuHancheng Date: Sat, 24 Jun 2023 14:24:16 +0000 Subject: [PATCH 10/10] fix typo --- selfservice/strategy/oidc/provider_lark.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/selfservice/strategy/oidc/provider_lark.go b/selfservice/strategy/oidc/provider_lark.go index 40202b61abad..5541a73335af 100644 --- a/selfservice/strategy/oidc/provider_lark.go +++ b/selfservice/strategy/oidc/provider_lark.go @@ -93,7 +93,7 @@ func (g *ProviderLark) Claims(ctx context.Context, exchange *oauth2.Token, query } defer res.Body.Close() - if err := logUpstreamError(d.reg.Logger(), res); err != nil { + if err := logUpstreamError(g.reg.Logger(), res); err != nil { return nil, err }