Merge pull request #463 from okta/fix-empty-nonce-for-dpop

fix empty nonce for dpop
okta · Jun 4, 2024 · 6739ea3 · 6739ea3
2 parents 90b60d8 + 610231f
commit 6739ea3
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 10 deletions.
diff --git a/.generator/config.yaml b/.generator/config.yaml
@@ -8,7 +8,7 @@ additionalProperties:
   enumClassPrefix: true
   generateInterfaces: true
   packageName: okta
-  packageVersion: 4.1.0
+  packageVersion: 4.1.1
   useOneOfDiscriminatorLookup: true
   disallowAdditionalPropertiesIfNotPresent: false
 files:

diff --git a/.generator/okta-management-APIs-oasv3-noEnums-inheritance.yaml b/.generator/okta-management-APIs-oasv3-noEnums-inheritance.yaml
@@ -33112,9 +33112,7 @@ components:
           readOnly: true
         detailEntry:
           type: object
-          additionalProperties:
-            type: object
-            properties: {}
+          additionalProperties: true
           readOnly: true
         displayName:
           type: string

diff --git a/.generator/templates/client.mustache b/.generator/templates/client.mustache
@@ -161,13 +161,13 @@ func NewPrivateKeyAuth(config PrivateKeyAuthConfig) *PrivateKeyAuth {
 
 func (a *PrivateKeyAuth) Authorize(method, URL string) error {
 	accessToken, hasToken := a.tokenCache.Get(AccessTokenCacheKey)
-	if hasToken {
+	if hasToken && accessToken != "" {
 		accessTokenWithTokenType := accessToken.(string)
 		a.req.Header.Add("Authorization", accessTokenWithTokenType)
 		nonce, hasNonce := a.tokenCache.Get(DpopAccessTokenNonce)
-		if hasNonce {
+		if hasNonce && nonce != "" {
 			privateKey, ok := a.tokenCache.Get(DpopAccessTokenPrivateKey)
-			if ok {
+			if ok && privateKey != nil {
 				res := strings.Split(accessTokenWithTokenType, " ")
 				if len(res) != 2 {
 					return errors.New("Unidentified access token")
@@ -178,6 +178,8 @@ func (a *PrivateKeyAuth) Authorize(method, URL string) error {
 				}
 				a.req.Header.Set("Dpop", dpopJWT)
 				a.req.Header.Set("x-okta-user-agent-extended", "isDPoP:true")
+			} else {
+				return errors.New("Using Dpop but signing key not found")
 			}
 		}
 	} else {
@@ -259,13 +261,13 @@ func NewJWTAuth(config JWTAuthConfig) *JWTAuth {
 
 func (a *JWTAuth) Authorize(method, URL string) error {
 	accessToken, hasToken := a.tokenCache.Get(AccessTokenCacheKey)
-	if hasToken {
+	if hasToken && accessToken != "" {
 		accessTokenWithTokenType := accessToken.(string)
 		a.req.Header.Add("Authorization", accessTokenWithTokenType)
 		nonce, hasNonce := a.tokenCache.Get(DpopAccessTokenNonce)
-		if hasNonce {
+		if hasNonce && nonce != "" {
 			privateKey, ok := a.tokenCache.Get(DpopAccessTokenPrivateKey)
-			if ok {
+			if ok && privateKey != nil {
 				res := strings.Split(accessTokenWithTokenType, " ")
 				if len(res) != 2 {
 					return errors.New("Unidentified access token")
@@ -276,6 +278,8 @@ func (a *JWTAuth) Authorize(method, URL string) error {
 				}
 				a.req.Header.Set("Dpop", dpopJWT)
 				a.req.Header.Set("x-okta-user-agent-extended", "isDPoP:true")
+			} else {
+				return errors.New("Using Dpop but signing key not found")
 			}
 		}
 	} else {

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
 # Changelog
 Running changelog of releases since `2.0.0-rc.4`
 
+## v4.1.0
+ - Fix panic issue when using bearer token (#463) Thanks [@duytiennguyen-okta]
+ - Fix object that does not have additional properties (#463) Thanks [@duytiennguyen-okta]
+
 ## v4.1.0
  - Add support for dpop (#454) Thanks [@duytiennguyen-okta]
  - Fix object that does not have additional properties (#456) Thanks [@duytiennguyen-okta]