search

cloudentity / oauth2c

User-friendly OAuth2 CLI
https://cloudentity.github.io/oauth2c/
Apache License 2.0
741 stars 29 forks source link

Ctrl-C not aborting #75

Closed schlomo closed 1 year ago

schlomo commented 1 year ago

I noticed that Ctrl-C doesn't abort while waiting for the callback to the redirect URL. If the redirect URL is not allowed for the OAuth2 client, then this tool will wait forever.

Please add support for aborting via Ctrl-C

mbilski commented 1 year ago

It works fine for me

oauth2c on  feature/callback-timeout [$] via 🐹 v1.21.0
❯ go run . https://oauth2c.us.authz.cloudentity.io/oauth2c/demo \
  --client-id cauktionbud6q8ftlqq0 \
  --client-secret HCwQ5uuUWBRHd04ivjX5Kl0Rz8zxMOekeLtqzki0GPc \
  --response-types code \
  --response-mode query --callback-timeout 10s \
  --grant-type authorization_code \
  --auth-method client_secret_basic \
  --scopes openid,email,offline_access
┌───────────────────────────────────────────────────────────────────────┐
| Issuer URL     | https://oauth2c.us.authz.cloudentity.io/oauth2c/demo |
| Grant type     | authorization_code                                   |
| Auth method    | client_secret_basic                                  |
| Scopes         | openid, email, offline_access                        |
| Response types | code                                                 |
| Response mode  | query                                                |
| PKCE           | false                                                |
| Client ID      | cauktionbud6q8ftlqq0                                 |
| Client secret  | HCwQ5uuUWBRHd04ivjX5Kl0Rz8zxMOekeLtqzki0GPc          |
└───────────────────────────────────────────────────────────────────────┘

                                                                                                    Authorization Code Flow

# Request authorization

GET https://oauth2c.us.authz.cloudentity.io/oauth2c/demo/oauth2/authorize
Query params:
  client_id: cauktionbud6q8ftlqq0
  nonce: 5wztVEgToh3pbEdjkDZ48s
  redirect_uri: http://localhost:9876/callback
  response_mode: query
  response_type: code
  scope: openid email offline_access
  state: X5twYCGfe24Pgo2zg2YSRD

Open the following URL:

https://oauth2c.us.authz.cloudentity.io/oauth2c/demo/oauth2/authorize?client_id=cauktionbud6q8ftlqq0&nonce=5wztVEgToh3pbEdjkDZ48s&redirect_uri=http%3A%2F%2Flocalhost%3A9876%2Fcallback&response_mode=query&response_type=code&scope=openid+email+offline_access&state=X5twYCGfe24Pgo2zg2YSRD

  ERROR   interrupted
exit status 1

In the code we handle the INT and TERM signals.

    go func() {
        defer close(done)

        if serr := srv.ListenAndServe(); serr != http.ErrServerClosed {
            err = serr
        }
    }()

    signalChan := make(chan os.Signal, 1)
    signal.Notify(signalChan, syscall.SIGINT, syscall.SIGTERM)

    timeout := time.After(clientConfig.CallbackTimeout)

    select {
    case <-signalChan:
        return request, errors.New("interrupted")
    case <-timeout:
        return request, errors.New("timeout")
    case <-done:
        return request, err
    }

How can I reproduce it? What system and terminal are you using?

schlomo commented 1 year ago

Good point. Now I can't reproduce it but when I opened the issue I had it all the time. My problem was aborting with Ctrl-C while waiting for the call back to happen.

I use iTerm2 and fish shell.

I guess we can close this and I'll open it again when I manage to reproduce. Thanks for checking it out.

mbilski commented 1 year ago

Maybe this will help https://github.com/cloudentity/oauth2c/pull/79 but I am not able to reproduce it