go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-01-08 04:03:58 +02:00
Code Issues Releases Activity
a1877434b2
oauth2-proxy/providers/provider_data.go

97 lines
2.7 KiB
Go
Raw Normal View History

Create providers package with Google default
2015-03-30 21:30:27 +02:00
package providers
import (
Support for client secret file. (#355) * added ClientSecretFile in ProviderData * add documentation notes on client secret file * added Changelog entry for Client Secret File PR * fixing configuration.md * addressing PR issue of ClientSecret property naming * Update providers/provider_data.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * corrected changelog entry * fixed typo in GetClientSecret Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-02-15 15:44:39 +02:00
"errors"
"io/ioutil"
Create providers package with Google default
2015-03-30 21:30:27 +02:00
"net/url"
Cleaned up source to make golangci-lint pass (#418) * cleaned up source to make golangci-lint pass * providers/azure_test.go: use build in POST constant * options_test.go: do not export unnecessary variables Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-03-14 11:58:29 +02:00
Generalize and extend default CreateSessionFromToken
2020-11-16 04:57:48 +02:00
"github.com/coreos/go-oidc"
Fix import path for v7 (#800) * fix import path for v7 find ./ -name "*.go" | xargs sed -i -e 's|"github.com/oauth2-proxy/oauth2-proxy|"github.com/oauth2-proxy/oauth2-proxy/v7|' * fix module path * go mod tidy * fix installation docs * update CHANGELOG * Update CHANGELOG.md Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-09-29 18:44:42 +02:00
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
Create providers package with Google default
2015-03-30 21:30:27 +02:00
)
Add comments to exported methods for providers package
2018-12-20 12:37:59 +02:00
// ProviderData contains information required to configure all implementations
// of OAuth2 providers
Create providers package with Google default
2015-03-30 21:30:27 +02:00
type ProviderData struct {
Add Azure Provider
2015-11-09 10:28:34 +02:00
ProviderName string
LoginURL *url.URL
RedeemURL *url.URL
ProfileURL *url.URL
ProtectedResource *url.URL
ValidateURL *url.URL
Fix #381, expose acr_values to all providers (#445)
2020-03-17 19:57:33 +02:00
// Auth request params & related, see
//https://openid.net/specs/openid-connect-basic-1_0.html#rfc.section.2.1.1.1
AcrValues string
ApprovalPrompt string // NOTE: Renamed to "prompt" in OAuth2
ClientID string
ClientSecret string
ClientSecretFile string
Scope string
Prompt string
Generalize and extend default CreateSessionFromToken
2020-11-16 04:57:48 +02:00
Verifier *oidc.IDTokenVerifier
Move AllowedGroups to DefaultProvider for default Authorize usage
2020-09-27 04:00:44 +02:00
// Universal Group authorization data structure
// any provider can set to consume
AllowedGroups map[string]struct{}
Create providers package with Google default
2015-03-30 21:30:27 +02:00
}
Add comments to exported methods for providers package
2018-12-20 12:37:59 +02:00
// Data returns the ProviderData
Create providers package with Google default
2015-03-30 21:30:27 +02:00
func (p *ProviderData) Data() *ProviderData { return p }
Support for client secret file. (#355) * added ClientSecretFile in ProviderData * add documentation notes on client secret file * added Changelog entry for Client Secret File PR * fixing configuration.md * addressing PR issue of ClientSecret property naming * Update providers/provider_data.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * corrected changelog entry * fixed typo in GetClientSecret Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-02-15 15:44:39 +02:00
Add new linters (#486) * add new linters and fix issues * fix deprecated warnings * simplify return * update CHANGELOG * fix staticcheck issues * remove a deprecated linter, minor fixes of variable initialization
2020-04-14 10:36:44 +02:00
func (p *ProviderData) GetClientSecret() (clientSecret string, err error) {
Support for client secret file. (#355) * added ClientSecretFile in ProviderData * add documentation notes on client secret file * added Changelog entry for Client Secret File PR * fixing configuration.md * addressing PR issue of ClientSecret property naming * Update providers/provider_data.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * corrected changelog entry * fixed typo in GetClientSecret Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-02-15 15:44:39 +02:00
if p.ClientSecret != "" || p.ClientSecretFile == "" {
return p.ClientSecret, nil
}
// Getting ClientSecret can fail in runtime so we need to report it without returning the file name to the user
fileClientSecret, err := ioutil.ReadFile(p.ClientSecretFile)
if err != nil {
Allow Logging to stdout with separate Error Log Channel (#718) * Add dedicated error logging writer * Document new errors to stdout flag * Update changelog * Thread-safe the log buffer * Address feedback * Remove duplication by adding log level * Clean up error formatting * Apply suggestions from code review Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-08-10 12:44:08 +02:00
logger.Errorf("error reading client secret file %s: %s", p.ClientSecretFile, err)
Support for client secret file. (#355) * added ClientSecretFile in ProviderData * add documentation notes on client secret file * added Changelog entry for Client Secret File PR * fixing configuration.md * addressing PR issue of ClientSecret property naming * Update providers/provider_data.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * corrected changelog entry * fixed typo in GetClientSecret Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-02-15 15:44:39 +02:00
return "", errors.New("could not read client secret file")
}
return string(fileClientSecret), nil
}
Move provider URLs to package level vars
2020-05-25 14:08:04 +02:00
Move AllowedGroups to DefaultProvider for default Authorize usage
2020-09-27 04:00:44 +02:00
// SetAllowedGroups organizes a group list into the AllowedGroups map
// to be consumed by Authorize implementations
func (p *ProviderData) SetAllowedGroups(groups []string) {
Streamline Google to use default Authorize
2020-09-27 04:24:06 +02:00
p.AllowedGroups = make(map[string]struct{}, len(groups))
Move AllowedGroups to DefaultProvider for default Authorize usage
2020-09-27 04:00:44 +02:00
for _, group := range groups {
p.AllowedGroups[group] = struct{}{}
}
}
Move provider URLs to package level vars
2020-05-25 14:08:04 +02:00
type providerDefaults struct {
name string
loginURL *url.URL
redeemURL *url.URL
profileURL *url.URL
validateURL *url.URL
scope string
}
func (p *ProviderData) setProviderDefaults(defaults providerDefaults) {
p.ProviderName = defaults.name
p.LoginURL = defaultURL(p.LoginURL, defaults.loginURL)
p.RedeemURL = defaultURL(p.RedeemURL, defaults.redeemURL)
p.ProfileURL = defaultURL(p.ProfileURL, defaults.profileURL)
p.ValidateURL = defaultURL(p.ValidateURL, defaults.validateURL)
if p.Scope == "" {
p.Scope = defaults.scope
}
}
// defaultURL will set return a default value if the given value is not set.
func defaultURL(u *url.URL, d *url.URL) *url.URL {
if u != nil && u.String() != "" {
// The value is already set
return u
}
// If the default is given, return that
if d != nil {
return d
}
return &url.URL{}
}
Reference in New Issue Copy Permalink