feat(saml): use ory/x fetcher

Signed-off-by: ThibaultHerard <[email protected]> Co-authored-by: sebferrer <[email protected]>
ory · Nov 25, 2022 · 111050d · 111050d
1 parent c0f06b3
commit 111050d
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 27 deletions.
diff --git a/selfservice/strategy/saml/handler.go b/selfservice/strategy/saml/handler.go
@@ -11,7 +11,6 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
-	"path/filepath"
 	"strings"
 
 	"github.com/pkg/errors"
@@ -29,6 +28,7 @@ import (
 	"github.com/ory/kratos/session"
 	"github.com/ory/kratos/x"
 	"github.com/ory/x/decoderx"
+	"github.com/ory/x/fetcher"
 	"github.com/ory/x/jsonx"
 )
 
@@ -168,29 +168,20 @@ func (h *Handler) instantiateMiddleware(ctx context.Context, config config.Confi
 
 		// The metadata file is provided
 		metadataURL := providerConfig.IDPInformation["idp_metadata_url"]
-		if strings.HasPrefix(metadataURL, "file://") {
-			metadataURL = strings.Replace(metadataURL, "file://", "", 1)
-			metadataURL = filepath.Clean(metadataURL)
-			metadataPlainText, err := ioutil.ReadFile(metadataURL)
-			if err != nil {
-				return err
-			}
 
-			idpMetadata, err = samlsp.ParseMetadata([]byte(metadataPlainText))
-			if err != nil {
-				return err
-			}
+		metadataBuffer, err := fetcher.NewFetcher().Fetch(metadataURL)
+		if err != nil {
+			return err
+		}
 
-		} else {
-			idpMetadataURL, err := url.Parse(metadataURL)
-			if err != nil {
-				return err
-			}
-			// Parse the content of metadata file into a Golang struct
-			idpMetadata, err = samlsp.FetchMetadata(context.Background(), http.DefaultClient, *idpMetadataURL)
-			if err != nil {
-				return err
-			}
+		metadata, err := ioutil.ReadAll(metadataBuffer)
+		if err != nil {
+			return err
+		}
+
+		idpMetadata, err = samlsp.ParseMetadata(metadata)
+		if err != nil {
+			return err
 		}
 
 	} else {
@@ -214,7 +205,12 @@ func (h *Handler) instantiateMiddleware(ctx context.Context, config config.Confi
 		}
 
 		// The certificate of the IDP
-		certificate, err := ioutil.ReadFile(strings.Replace(providerConfig.IDPInformation["idp_certificate_path"], "file://", "", 1))
+		certificateBuffer, err := fetcher.NewFetcher().Fetch(providerConfig.IDPInformation["idp_certificate_path"])
+		if err != nil {
+			return err
+		}
+
+		certificate, err := ioutil.ReadAll(certificateBuffer)
 		if err != nil {
 			return err
 		}

diff --git a/selfservice/strategy/saml/handler_test.go b/selfservice/strategy/saml/handler_test.go
@@ -5,6 +5,7 @@ import (
 	"testing"
 
 	"github.com/ory/kratos/selfservice/strategy/saml"
+	"github.com/ory/x/fetcher"
 	"github.com/stretchr/testify/require"
 
 	"gotest.tools/assert"
@@ -73,7 +74,10 @@ func TestMustParseCertificate(t *testing.T) {
 
 	saml.DestroyMiddlewareIfExists("samlProvider")
 
-	certificate, err := ioutil.ReadFile("testdata/samlkratos.crt")
+	certificateBuffer, err := fetcher.NewFetcher().Fetch("file://testdata/samlkratos.crt")
+	require.NoError(t, err)
+
+	certificate, err := ioutil.ReadAll(certificateBuffer)
 	require.NoError(t, err)
 
 	cert, err := saml.MustParseCertificate(certificate)

diff --git a/selfservice/strategy/saml/metadata_test.go b/selfservice/strategy/saml/metadata_test.go
@@ -10,6 +10,7 @@ import (
 	"testing"
 
 	"github.com/ory/kratos/selfservice/strategy/saml"
+	"github.com/ory/x/fetcher"
 	"github.com/stretchr/testify/require"
 	"gotest.tools/assert"
 	is "gotest.tools/assert/cmp"
@@ -95,8 +96,11 @@ func TestXmlMetadataValues(t *testing.T) {
 	assert.Check(t, is.Equal("text/xml",
 		res.Header.Get("Content-Type")))
 
-	expectedMetadata, err := ioutil.ReadFile("./testdata/expected_metadata.xml")
-	assert.NilError(t, err)
+	expectedMetadataBuffer, err := fetcher.NewFetcher().Fetch("file://testdata/expected_metadata.xml")
+	require.NoError(t, err)
+
+	expectedMetadata, err := ioutil.ReadAll(expectedMetadataBuffer)
+	require.NoError(t, err)
 
 	// The string is parse to a struct
 	var expectedStructMetadata Metadata

diff --git a/selfservice/strategy/saml/strategy_helper_test.go b/selfservice/strategy/saml/strategy_helper_test.go
@@ -31,6 +31,7 @@ import (
 	"github.com/ory/kratos/internal/testhelpers"
 	"github.com/ory/kratos/selfservice/strategy/saml"
 	"github.com/ory/kratos/x"
+	"github.com/ory/x/fetcher"
 )
 
 var TimeNow = func() time.Time { return time.Now().UTC() }
@@ -162,7 +163,10 @@ func InitTestMiddlewareWithoutMetadata(t *testing.T, idpSsoUrl string, idpEntity
 
 func GetAndDecryptAssertion(t *testing.T, samlResponseFile string, key *rsa.PrivateKey) (*crewjamsaml.Assertion, error) {
 	// Load saml response test file
-	samlResponse, err := ioutil.ReadFile(samlResponseFile)
+	samlResponseBuffer, err := fetcher.NewFetcher().Fetch("file://" + samlResponseFile)
+	require.NoError(t, err)
+
+	samlResponse, err := ioutil.ReadAll(samlResponseBuffer)
 	require.NoError(t, err)
 
 	// Decrypt saml response assertion