go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-12-24 00:01:15 +02:00
Code Issues Releases Activity

deref everything... but why?

Browse Source 
Signed-off-by: Jan Larwig <jan@larwig.com>
This commit is contained in:
Jan Larwig
2025-10-31 16:11:54 +01:00
parent 527c72f23f
commit ceb9a387b1
14 changed files with 61 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/validation/providers.go
View File

@@ -5,6 +5,7 @@ import (
"os"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/util/ptr"
)
// validateProviders is the initial validation migration for multiple providrers
@@ -64,7 +65,7 @@ func validateProvider(provider options.Provider, providerIDs map[string]struct{}
// providerRequiresClientSecret checks if provider requires client secret to be set
// or it can be omitted in favor of JWT token to authenticate oAuth client
func providerRequiresClientSecret(provider options.Provider) bool {
if provider.Type == "entra-id" && *provider.MicrosoftEntraIDConfig.FederatedTokenAuth {
if provider.Type == "entra-id" && ptr.Deref(provider.MicrosoftEntraIDConfig.FederatedTokenAuth, false) {
return false
}
@@ -96,9 +97,9 @@ func validateGoogleConfig(provider options.Provider) []string {
hasAdminEmail := provider.GoogleConfig.AdminEmail != ""
hasSAJSON := provider.GoogleConfig.ServiceAccountJSON != ""
useADC := provider.GoogleConfig.UseApplicationDefaultCredentials
useADC := ptr.Deref(provider.GoogleConfig.UseApplicationDefaultCredentials, false)
if !hasAdminEmail && !hasSAJSON && !(*useADC) {
if !hasAdminEmail && !hasSAJSON && !useADC {
return msgs
}
@@ -107,7 +108,7 @@ func validateGoogleConfig(provider options.Provider) []string {
}
_, err := os.Stat(provider.GoogleConfig.ServiceAccountJSON)
if !(*useADC) {
if !useADC {
if !hasSAJSON {
msgs = append(msgs, "missing setting: google-service-account-json or google-use-application-default-credentials")
} else if err != nil {
@@ -123,7 +124,7 @@ func validateGoogleConfig(provider options.Provider) []string {
func validateEntraConfig(provider options.Provider) []string {
msgs := []string{}
if *provider.MicrosoftEntraIDConfig.FederatedTokenAuth {
if ptr.Deref(provider.MicrosoftEntraIDConfig.FederatedTokenAuth, false) {
federatedTokenPath := os.Getenv("AZURE_FEDERATED_TOKEN_FILE")
if federatedTokenPath == "" {