User: ListGroupMemberships #5
Conversation
|
@manicminer is pagination supported by Golang / base or is it something that needs to be implemented? Not sure how many groups needs to be created to actually test it. |
There was a problem hiding this comment.
@simongottschlag Thanks for the PR, this is great! I just have one niggly request on the method name.
For pagination, there's no capability at present but I can look to add this quickly as it's essential and I'm sure to run into issues myself any time now without it.
|
@manicminer I will update the name tomorrow. Used the same as they have in the graphrbac client because that's what I've been using. I will create a new issue for pagination. |
|
@manicminer I've updated the method names. |
| @@ -30,7 +31,7 @@ func ParseClaims(token *oauth2.Token) (claims Claims, err error) { | |||
| return | |||
| } | |||
| jwt := strings.Split(token.AccessToken, ".") | |||
| payload, err := base64.StdEncoding.DecodeString(jwt[1]) | |||
| payload, err := base64.RawStdEncoding.DecodeString(jwt[1]) | |||
There was a problem hiding this comment.
@manicminer the reason RawStdEncoding is required is because JWTs are not padded, and StdEncoding expects padding.
https://www.rfc-editor.org/rfc/rfc7515.html#section-2
Base64url Encoding
Base64 encoding using the URL- and filename-safe character set
defined in Section 5 of RFC 4648 [RFC4648], with all trailing '='
characters omitted (as permitted by Section 3.2) and without the
inclusion of any line breaks, whitespace, or other additional
characters. Note that the base64url encoding of the empty octet
sequence is the empty string. (See Appendix C for notes on
implementing base64url encoding without padding.)
There was a problem hiding this comment.
Thanks this makes sense. I didn't hit any encoding issues in testing presumably because my JWT payloads were short (minimal set of claims).
There was a problem hiding this comment.
@manicminer I think you have something in 1/4 to not get padding. 👍
Changes:
ListGroupMembershipsto list user transitive memberOfListGroupMembershipsbase64.StdEncoding.tobase64.RawStdEncoding.to fix error decoding access token. This is because JWTs are not padded which StdEncoding is expecting.Any and all feedback, help, suggestions, edits etc is welcome!