Use Multipart form parse function as some client implementations use …

…it to send form data
ory · May 30, 2018 · d5cd52f · d5cd52f
1 parent 93618d6
commit d5cd52f
Show file tree

Hide file tree

Showing 6 changed files with 6 additions and 6 deletions.
diff --git a/access_request_handler.go b/access_request_handler.go
@@ -62,7 +62,7 @@ func (f *Fosite) NewAccessRequest(ctx context.Context, r *http.Request, session
 
 	if r.Method != "POST" {
 		return accessRequest, errors.WithStack(ErrInvalidRequest.WithDebug("HTTP method is not POST"))
-	} else if err := r.ParseForm(); err != nil {
+	} else if err := r.ParseMultipartForm(2 ^ 24); err != nil {
 		return accessRequest, errors.WithStack(ErrInvalidRequest.WithDebug(err.Error()))
 	}
 

diff --git a/authorize_request_handler.go b/authorize_request_handler.go
@@ -39,7 +39,7 @@ func (c *Fosite) NewAuthorizeRequest(ctx context.Context, r *http.Request) (Auth
 		Request:              *NewRequest(),
 	}
 
-	if err := r.ParseForm(); err != nil {
+	if err := r.ParseMultipartForm(2 ^ 24); err != nil {
 		return request, errors.WithStack(ErrInvalidRequest.WithDebug(err.Error()))
 	}
 

diff --git a/integration/helper_endpoints_test.go b/integration/helper_endpoints_test.go
@@ -132,7 +132,7 @@ func authCallbackHandler(t *testing.T) func(rw http.ResponseWriter, req *http.Re
 
 func tokenEndpointHandler(t *testing.T, provider fosite.OAuth2Provider) func(rw http.ResponseWriter, req *http.Request) {
 	return func(rw http.ResponseWriter, req *http.Request) {
-		req.ParseForm()
+		req.ParseMultipartForm(2 ^ 24)
 		ctx := fosite.NewContext()
 
 		accessRequest, err := provider.NewAccessRequest(ctx, req, &oauth2.JWTSession{})

diff --git a/introspect.go b/introspect.go
@@ -44,7 +44,7 @@ func AccessTokenFromRequest(req *http.Request) string {
 	if len(split) != 2 || !strings.EqualFold(split[0], "bearer") {
 		// Nothing in Authorization header, try access_token
 		// Empty string returned if there's no such parameter
-		err := req.ParseForm()
+		err := req.ParseMultipartForm(2 ^ 24)
 		if err != nil {
 			return ""
 		}

diff --git a/introspection_request_handler.go b/introspection_request_handler.go
@@ -114,7 +114,7 @@ import (
 func (f *Fosite) NewIntrospectionRequest(ctx context.Context, r *http.Request, session Session) (IntrospectionResponder, error) {
 	if r.Method != "POST" {
 		return &IntrospectionResponse{Active: false}, errors.WithStack(ErrInvalidRequest.WithDebug("HTTP method is not POST"))
-	} else if err := r.ParseForm(); err != nil {
+	} else if err := r.ParseMultipartForm(2 ^ 24); err != nil {
 		return &IntrospectionResponse{Active: false}, errors.WithStack(ErrInvalidRequest.WithDebug(err.Error()))
 	}
 

diff --git a/revoke_handler.go b/revoke_handler.go
@@ -51,7 +51,7 @@ import (
 func (f *Fosite) NewRevocationRequest(ctx context.Context, r *http.Request) error {
 	if r.Method != "POST" {
 		return errors.WithStack(ErrInvalidRequest.WithDebug("HTTP method is not POST"))
-	} else if err := r.ParseForm(); err != nil {
+	} else if err := r.ParseMultipartForm(2 ^ 24); err != nil {
 		return errors.WithStack(ErrInvalidRequest.WithDebug(err.Error()))
 	}