diff --git a/oauthproxy.go b/oauthproxy.go index cd2a3311..fd136271 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -568,26 +568,26 @@ func (p *OAuthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code redirectURL = "/" } - p.pageWriter.WriteSignInPage(rw, req, redirectURL) + p.pageWriter.WriteSignInPage(rw, req, redirectURL, code) } // ManualSignIn handles basic auth logins to the proxy -func (p *OAuthProxy) ManualSignIn(req *http.Request) (string, bool) { +func (p *OAuthProxy) ManualSignIn(req *http.Request) (string, bool, int) { if req.Method != "POST" || p.basicAuthValidator == nil { - return "", false + return "", false, http.StatusOK } user := req.FormValue("username") passwd := req.FormValue("password") if user == "" { - return "", false + return "", false, http.StatusBadRequest } // check auth if p.basicAuthValidator.Validate(user, passwd) { logger.PrintAuthf(user, req, logger.AuthSuccess, "Authenticated via HtpasswdFile") - return user, true + return user, true, http.StatusOK } logger.PrintAuthf(user, req, logger.AuthFailure, "Invalid authentication via HtpasswdFile") - return "", false + return "", false, http.StatusUnauthorized } // SignIn serves a page prompting users to sign in @@ -599,7 +599,7 @@ func (p *OAuthProxy) SignIn(rw http.ResponseWriter, req *http.Request) { return } - user, ok := p.ManualSignIn(req) + user, ok, statusCode := p.ManualSignIn(req) if ok { session := &sessionsapi.SessionState{User: user, Groups: p.basicAuthGroups} err = p.SaveSession(rw, req, session) @@ -614,7 +614,7 @@ func (p *OAuthProxy) SignIn(rw http.ResponseWriter, req *http.Request) { p.OAuthStart(rw, req) } else { // TODO - should we pass on /oauth2/sign_in query params to /oauth2/start? - p.SignInPage(rw, req, http.StatusOK) + p.SignInPage(rw, req, statusCode) } } } diff --git a/pkg/app/pagewriter/pagewriter.go b/pkg/app/pagewriter/pagewriter.go index 9bf7c2e2..8da82a87 100644 --- a/pkg/app/pagewriter/pagewriter.go +++ b/pkg/app/pagewriter/pagewriter.go @@ -10,7 +10,7 @@ import ( // It can also be used to write errors for the http.ReverseProxy used in the // upstream package. type Writer interface { - WriteSignInPage(rw http.ResponseWriter, req *http.Request, redirectURL string) + WriteSignInPage(rw http.ResponseWriter, req *http.Request, redirectURL string, statusCode int) WriteErrorPage(rw http.ResponseWriter, opts ErrorPageOpts) ProxyErrorHandler(rw http.ResponseWriter, req *http.Request, proxyErr error) WriteRobotsTxt(rw http.ResponseWriter, req *http.Request) @@ -108,7 +108,7 @@ func NewWriter(opts Opts) (Writer, error) { // If any of the funcs are not provided, a default implementation will be used. // This is primarily for us in testing. type WriterFuncs struct { - SignInPageFunc func(rw http.ResponseWriter, req *http.Request, redirectURL string) + SignInPageFunc func(rw http.ResponseWriter, req *http.Request, redirectURL string, statusCode int) ErrorPageFunc func(rw http.ResponseWriter, opts ErrorPageOpts) ProxyErrorFunc func(rw http.ResponseWriter, req *http.Request, proxyErr error) RobotsTxtfunc func(rw http.ResponseWriter, req *http.Request) @@ -117,9 +117,9 @@ type WriterFuncs struct { // WriteSignInPage implements the Writer interface. // If the SignInPageFunc is provided, this will be used, else a default // implementation will be used. -func (w *WriterFuncs) WriteSignInPage(rw http.ResponseWriter, req *http.Request, redirectURL string) { +func (w *WriterFuncs) WriteSignInPage(rw http.ResponseWriter, req *http.Request, redirectURL string, statusCode int) { if w.SignInPageFunc != nil { - w.SignInPageFunc(rw, req, redirectURL) + w.SignInPageFunc(rw, req, redirectURL, statusCode) return } diff --git a/pkg/app/pagewriter/sign_in.html b/pkg/app/pagewriter/sign_in.html index b68966c5..5aafada1 100644 --- a/pkg/app/pagewriter/sign_in.html +++ b/pkg/app/pagewriter/sign_in.html @@ -18,6 +18,28 @@ .logo-box { margin: 1.5rem 3rem; } + .alert { + padding: 5px; + background-color: #f44336; /* Red */ + color: white; + margin-bottom: 5px; + border-radius: 5px + } + /* The close button */ + .closebtn { + margin-left: 10px; + color: white; + font-weight: bold; + float: right; + font-size: 22px; + line-height: 20px; + cursor: pointer; + transition: 0.3s; + } + /* When moving the mouse over the close button */ + .closebtn:hover { + color: black; + } footer a { text-decoration: underline; } @@ -62,6 +84,18 @@ {{ end }} + + {{ if eq .StatusCode 400 401 }} +