From d7c7d424661d04a7bcf4521b7d764206f46b147c Mon Sep 17 00:00:00 2001
From: Stephan Renatus <srenatus@chef.io>
Date: Wed, 24 Jul 2019 12:26:51 +0200
Subject: [PATCH] cmd/example-app: check all errors, pass claims as string to
 renderToken

Signed-off-by: Stephan Renatus <srenatus@chef.io>
---
 cmd/example-app/main.go      | 14 ++++++++++----
 cmd/example-app/templates.go |  4 ++--
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/cmd/example-app/main.go b/cmd/example-app/main.go
index ccf9c4ca..a21b2e86 100644
--- a/cmd/example-app/main.go
+++ b/cmd/example-app/main.go
@@ -314,7 +314,7 @@ func (a *app) handleCallback(w http.ResponseWriter, r *http.Request) {
 
 	idToken, err := a.verifier.Verify(r.Context(), rawIDToken)
 	if err != nil {
-		http.Error(w, fmt.Sprintf("Failed to verify ID token: %v", err), http.StatusInternalServerError)
+		http.Error(w, fmt.Sprintf("failed to verify ID token: %v", err), http.StatusInternalServerError)
 		return
 	}
 
@@ -325,10 +325,16 @@ func (a *app) handleCallback(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var claims json.RawMessage
-	idToken.Claims(&claims)
+	if err := idToken.Claims(&claims); err != nil {
+		http.Error(w, fmt.Sprintf("error decoding ID token claims: %v", err), http.StatusInternalServerError)
+		return
+	}
 
 	buff := new(bytes.Buffer)
-	json.Indent(buff, []byte(claims), "", "  ")
+	if err := json.Indent(buff, []byte(claims), "", "  "); err != nil {
+		http.Error(w, fmt.Sprintf("error indenting ID token claims: %v", err), http.StatusInternalServerError)
+		return
+	}
 
-	renderToken(w, a.redirectURI, rawIDToken, accessToken, token.RefreshToken, buff.Bytes())
+	renderToken(w, a.redirectURI, rawIDToken, accessToken, token.RefreshToken, buff.String())
 }
diff --git a/cmd/example-app/templates.go b/cmd/example-app/templates.go
index 09b4150a..497eb8a7 100644
--- a/cmd/example-app/templates.go
+++ b/cmd/example-app/templates.go
@@ -66,13 +66,13 @@ pre {
 </html>
 `))
 
-func renderToken(w http.ResponseWriter, redirectURL, idToken, accessToken, refreshToken string, claims []byte) {
+func renderToken(w http.ResponseWriter, redirectURL, idToken, accessToken, refreshToken, claims string) {
 	renderTemplate(w, tokenTmpl, tokenTmplData{
 		IDToken:      idToken,
 		AccessToken:  accessToken,
 		RefreshToken: refreshToken,
 		RedirectURL:  redirectURL,
-		Claims:       string(claims),
+		Claims:       claims,
 	})
 }
 
-- 
GitLab