Mercurial > dovecot > core-2.2

changeset 21736:7d3ad0620805

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
auth: oauth2 - make it easier to see where db_oauth2_callback() is called Doesn't fix anything, but places the db_oauth2_callback() calls into the end of _continue() calls so it's clearer that they're always being called exactly once.
author Timo Sirainen <timo.sirainen@dovecot.fi>
date Thu, 16 Mar 2017 00:51:15 +0200
parents 4119b7774573
children 036d9f649c8b
files src/auth/db-oauth2.c
diffstat 1 files changed, 37 insertions(+), 31 deletions(-) [+]
line wrap: on
line diff
--- a/src/auth/db-oauth2.c	Thu Mar 16 01:35:38 2017 +0200
+++ b/src/auth/db-oauth2.c	Thu Mar 16 00:51:15 2017 +0200
@@ -491,35 +491,40 @@
 	return TRUE;
 }
 
-static void db_oauth2_process_fields(struct db_oauth2_request *req)
+static void db_oauth2_process_fields(struct db_oauth2_request *req,
+				     enum passdb_result *result_r,
+				     const char **error_r)
 {
-	enum passdb_result result;
-	const char *error = NULL;
-	if (db_oauth2_validate_username(req, &result, &error) &&
-	    db_oauth2_user_is_enabled(req, &result, &error) &&
-	    db_oauth2_token_in_scope(req, &result, &error) &&
-	    db_oauth2_template_export(req, &result, &error)) {
-		result = PASSDB_RESULT_OK;
+	*error_r = NULL;
+
+	if (db_oauth2_validate_username(req, result_r, error_r) &&
+	    db_oauth2_user_is_enabled(req, result_r, error_r) &&
+	    db_oauth2_token_in_scope(req, result_r, error_r) &&
+	    db_oauth2_template_export(req, result_r, error_r)) {
+		*result_r = PASSDB_RESULT_OK;
 	} else {
-		i_assert(result != PASSDB_RESULT_OK && error != NULL);
+		i_assert(*result_r != PASSDB_RESULT_OK && *error_r != NULL);
 	}
-
-	db_oauth2_callback(req, result, error);
 }
 
 static void
 db_oauth2_introspect_continue(struct oauth2_introspection_result *result,
 			      struct db_oauth2_request *req)
 {
+	enum passdb_result passdb_result;
+	const char *error;
+
 	req->req = NULL;
 
 	if (!result->success) {
 		/* fail here */
-		db_oauth2_callback(req, PASSDB_RESULT_INTERNAL_FAILURE, result->error);
-		return;
+		passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
+		error = result->error;
+	} else {
+		db_oauth2_fields_merge(req, result->fields);
+		db_oauth2_process_fields(req, &passdb_result, &error);
 	}
-	db_oauth2_fields_merge(req, result->fields);
-	db_oauth2_process_fields(req);
+	db_oauth2_callback(req, passdb_result, error);
 }
 
 static void db_oauth2_lookup_introspect(struct db_oauth2_request *req)
@@ -546,27 +551,28 @@
 db_oauth2_lookup_continue(struct oauth2_token_validation_result *result,
 			  struct db_oauth2_request *req)
 {
+	enum passdb_result passdb_result;
+	const char *error;
+
 	req->req = NULL;
 
 	if (!result->success) {
-		db_oauth2_callback(req, PASSDB_RESULT_INTERNAL_FAILURE,
-				   result->error);
-		return;
+		passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
+		error = result->error;
 	} else if (!result->valid) {
-		db_oauth2_callback(req, PASSDB_RESULT_PASSWORD_MISMATCH,
-				   "Invalid token");
-		return;
+		passdb_result = PASSDB_RESULT_PASSWORD_MISMATCH;
+		error = "Invalid token";
+	} else {
+		db_oauth2_fields_merge(req, result->fields);
+		if (*req->db->set.introspection_url != '\0' &&
+		    (req->db->set.force_introspection ||
+		     !db_oauth2_have_all_fields(req))) {
+			db_oauth2_lookup_introspect(req);
+			return;
+		}
+		db_oauth2_process_fields(req, &passdb_result, &error);
 	}
-
-	db_oauth2_fields_merge(req, result->fields);
-
-	if (*req->db->set.introspection_url != '\0' &&
-	    (req->db->set.force_introspection ||
-	     !db_oauth2_have_all_fields(req))) {
-		db_oauth2_lookup_introspect(req);
-	} else {
-		db_oauth2_process_fields(req);
-	}
+	db_oauth2_callback(req, passdb_result, error);
 }
 
 #undef db_oauth2_lookup