cmd/example-app: check all errors, pass claims as string to renderToken

Signed-off-by: Stephan Renatus <srenatus@chef.io>

cmd/example-app/main.go

@@ -314,7 +314,7 @@ func (a *app) handleCallback(w http.ResponseWriter, r *http.Request) {
 
 	idToken, err := a.verifier.Verify(r.Context(), rawIDToken)
 	if err != nil {
-		http.Error(w, fmt.Sprintf("Failed to verify ID token: %v", err), http.StatusInternalServerError)
+		http.Error(w, fmt.Sprintf("failed to verify ID token: %v", err), http.StatusInternalServerError)
 		return
 	}
 
@@ -325,10 +325,16 @@ func (a *app) handleCallback(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var claims json.RawMessage
-	idToken.Claims(&claims)
+	if err := idToken.Claims(&claims); err != nil {
+		http.Error(w, fmt.Sprintf("error decoding ID token claims: %v", err), http.StatusInternalServerError)
+		return
+	}
 
 	buff := new(bytes.Buffer)
-	json.Indent(buff, []byte(claims), "", "  ")
+	if err := json.Indent(buff, []byte(claims), "", "  "); err != nil {
+		http.Error(w, fmt.Sprintf("error indenting ID token claims: %v", err), http.StatusInternalServerError)
+		return
+	}
 
-	renderToken(w, a.redirectURI, rawIDToken, accessToken, token.RefreshToken, buff.Bytes())
+	renderToken(w, a.redirectURI, rawIDToken, accessToken, token.RefreshToken, buff.String())
 }

cmd/example-app/templates.go

@@ -66,13 +66,13 @@ pre {
 </html>
 `))
 
-func renderToken(w http.ResponseWriter, redirectURL, idToken, accessToken, refreshToken string, claims []byte) {
+func renderToken(w http.ResponseWriter, redirectURL, idToken, accessToken, refreshToken, claims string) {
 	renderTemplate(w, tokenTmpl, tokenTmplData{
 		IDToken:      idToken,
 		AccessToken:  accessToken,
 		RefreshToken: refreshToken,
 		RedirectURL:  redirectURL,
-		Claims:       string(claims),
+		Claims:       claims,
 	})
 }