2014-11-09 21:51:10 +02:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"net/url"
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Configuration Options that can be set by Command Line Flag, or Config File
|
|
|
|
type Options struct {
|
|
|
|
HttpAddress string `flag:"http-address" cfg:"http_address"`
|
|
|
|
RedirectUrl string `flag:"redirect-url" cfg:"redirect_url"`
|
2014-11-10 04:07:02 +02:00
|
|
|
ClientID string `flag:"client-id" cfg:"client_id" env:"GOOGLE_AUTH_PROXY_CLIENT_ID"`
|
|
|
|
ClientSecret string `flag:"client-secret" cfg:"client_secret" env:"GOOGLE_AUTH_PROXY_CLIENT_SECRET"`
|
2014-11-09 21:51:10 +02:00
|
|
|
PassBasicAuth bool `flag:"pass-basic-auth" cfg:"pass_basic_auth"`
|
|
|
|
HtpasswdFile string `flag:"htpasswd-file" cfg:"htpasswd_file"`
|
2014-11-10 04:07:02 +02:00
|
|
|
CookieSecret string `flag:"cookie-secret" cfg:"cookie_secret" env:"GOOGLE_AUTH_PROXY_COOKIE_SECRET"`
|
|
|
|
CookieDomain string `flag:"cookie-domain" cfg:"cookie_domain" env:"GOOGLE_AUTH_PROXY_COOKIE_DOMAIN"`
|
|
|
|
CookieExpire time.Duration `flag:"cookie-expire" cfg:"cookie_expire" env:"GOOGLE_AUTH_PROXY_COOKIE_EXPIRE"`
|
2014-11-09 21:51:10 +02:00
|
|
|
CookieHttpsOnly bool `flag:"cookie-https-only" cfg:"cookie_https_only"`
|
|
|
|
AuthenticatedEmailsFile string `flag:"authenticated-emails-file" cfg:"authenticated_emails_file"`
|
|
|
|
GoogleAppsDomains []string `flag:"google-apps-domain" cfg:"google_apps_domains"`
|
|
|
|
Upstreams []string `flag:"upstream" cfg:"upstreams"`
|
|
|
|
|
|
|
|
// internal values that are set after config validation
|
|
|
|
redirectUrl *url.URL
|
|
|
|
proxyUrls []*url.URL
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewOptions() *Options {
|
|
|
|
return &Options{}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (o *Options) Validate() error {
|
|
|
|
if len(o.Upstreams) < 1 {
|
2014-11-10 04:07:02 +02:00
|
|
|
return errors.New("missing setting: upstream")
|
2014-11-09 21:51:10 +02:00
|
|
|
}
|
|
|
|
if o.CookieSecret == "" {
|
2014-11-10 04:07:02 +02:00
|
|
|
errors.New("missing setting: cookie-secret")
|
2014-11-09 21:51:10 +02:00
|
|
|
}
|
|
|
|
if o.ClientID == "" {
|
2014-11-10 04:07:02 +02:00
|
|
|
return errors.New("missing setting: client-id")
|
2014-11-09 21:51:10 +02:00
|
|
|
}
|
|
|
|
if o.ClientSecret == "" {
|
2014-11-10 04:07:02 +02:00
|
|
|
return errors.New("missing setting: client-secret")
|
2014-11-09 21:51:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
redirectUrl, err := url.Parse(o.RedirectUrl)
|
|
|
|
if err != nil {
|
2014-11-10 04:07:02 +02:00
|
|
|
return fmt.Errorf("error parsing redirect-url=%q %s", o.RedirectUrl, err)
|
2014-11-09 21:51:10 +02:00
|
|
|
}
|
|
|
|
o.redirectUrl = redirectUrl
|
|
|
|
|
|
|
|
for _, u := range o.Upstreams {
|
|
|
|
upstreamUrl, err := url.Parse(u)
|
|
|
|
if err != nil {
|
2014-11-10 04:07:02 +02:00
|
|
|
return fmt.Errorf("error parsing upstream=%q %s", upstreamUrl, err)
|
2014-11-09 21:51:10 +02:00
|
|
|
}
|
|
|
|
if upstreamUrl.Path == "" {
|
|
|
|
upstreamUrl.Path = "/"
|
|
|
|
}
|
|
|
|
o.proxyUrls = append(o.proxyUrls, upstreamUrl)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|