Code refactoring, adding injection of sub field as consumer id

nokia · Sep 19, 2017 · a67801f · a67801f
1 parent 4e82988
commit a67801f
Showing 1 changed file with 26 additions and 17 deletions.
diff --git a/kong/plugins/oidc/handler.lua b/kong/plugins/oidc/handler.lua
@@ -29,34 +29,43 @@ function CustomHandler:access(config)
 
     session.configure(config)
 
-    if tryIntrospect(oidcConfig) then
+    doAuthentication(oidcConfig)
 
-      ngx.log(ngx.DEBUG, "In plugin CustomHandler:proceeding with two legged authentication, requested path: " .. ngx.var.request_uri)
+  else
+    ngx.log(ngx.DEBUG, "In plugin CustomHandler:access NOT calling authenticate, requested path: " .. ngx.var.request_uri)
+  end
+
+  ngx.log(ngx.DEBUG, "In plugin CustomHandler:access Done")
+end
 
-    else
+function doAuthentication(oidcConfig)
 
-      local res, err = require("resty.openidc").authenticate(oidcConfig)
+  res = tryIntrospect(oidcConfig)
+  if res then
 
-      if err then
-        if config.recovery_page_path then
-          ngx.log(ngx.DEBUG, "Entering recovery page: " .. config.recovery_page_path)
-          return ngx.redirect(config.recovery_page_path)
-        end
-        utils.exit(500, err, ngx.HTTP_INTERNAL_SERVER_ERROR)
-      end
+    ngx.log(ngx.DEBUG, "In plugin CustomHandler:Valid access token detected, passing connection, requested path: " .. ngx.var.request_uri)
+
+    utils.injectUser({sub = res.sub})
 
-      if res and res.user then
-        utils.injectUser(res.user)
-        ngx.req.set_header("X-Userinfo", require("cjson").encode(res.user))
+  else
+
+    local res, err = require("resty.openidc").authenticate(oidcConfig)
+
+    if err then
+      if config.recovery_page_path then
+        ngx.log(ngx.DEBUG, "Entering recovery page: " .. config.recovery_page_path)
+        return ngx.redirect(config.recovery_page_path)
       end
+      utils.exit(500, err, ngx.HTTP_INTERNAL_SERVER_ERROR)
+    end
 
+    if res and res.user then
+      utils.injectUser(res.user)
+      ngx.req.set_header("X-Userinfo", require("cjson").encode(res.user))
     end
 
-  else
-    ngx.log(ngx.DEBUG, "In plugin CustomHandler:access NOT calling authenticate, requested path: " .. ngx.var.request_uri)
   end
 
-  ngx.log(ngx.DEBUG, "In plugin CustomHandler:access Done")
 end
 
 function tryIntrospect(oidcConfig)