svchost/disco: Tolerate unpopulated OAuth endpoints

A server is allowed to omit AuthorizationURL if it's using the "password" grant type, and other future grant type implementations may have similar accommodations.
2019-08-29 18:01:51 -07:00 · 2019-08-29 18:01:51 -07:00 · bc9756882e
parent 75d3f1e62e
commit bc9756882e
1 changed files with 10 additions and 4 deletions
--- a/svchost/disco/oauth_client.go
+++ b/svchost/disco/oauth_client.go
@ -51,15 +51,21 @@ type OAuthClient struct {
 // Endpoint returns an oauth2.Endpoint value ready to be used with the oauth2
 // library, representing the URLs from the receiver.
 func (c *OAuthClient) Endpoint() oauth2.Endpoint {
-	return oauth2.Endpoint{
-		AuthURL:  c.AuthorizationURL.String(),
-		TokenURL: c.TokenURL.String(),
-
+	ep := oauth2.Endpoint{
 		// We don't actually auth because we're not a server-based OAuth client,
 		// so this instead just means that we include client_id as an argument
 		// in our requests.
 		AuthStyle: oauth2.AuthStyleInParams,
 	}
+
+	if c.AuthorizationURL != nil {
+		ep.AuthURL = c.AuthorizationURL.String()
+	}
+	if c.TokenURL != nil {
+		ep.TokenURL = c.TokenURL.String()
+	}
+
+	return ep
 }

 // OAuthGrantType is an enumeration of grant type strings that a host can