diff --git a/CHANGELOG.md b/CHANGELOG.md index bedad34a..4ad5a064 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ ## Breaking Changes ## Changes since v7.5.0 + +- [#2221](https://github.com/oauth2-proxy/oauth2-proxy/pull/2221) Backwards compatible fix for wrong environment variable name (OAUTH2_PROXY_GOOGLE_GROUPS) (@kvanzuijlen) - [#1989](https://github.com/oauth2-proxy/oauth2-proxy/pull/1989) Fix default scope for keycloak-oidc provider # V7.5.0 diff --git a/pkg/apis/options/legacy_options.go b/pkg/apis/options/legacy_options.go index db1b0bf7..7dfe64e6 100644 --- a/pkg/apis/options/legacy_options.go +++ b/pkg/apis/options/legacy_options.go @@ -3,6 +3,7 @@ package options import ( "fmt" "net/url" + "reflect" "strconv" "strings" "time" @@ -494,7 +495,8 @@ type LegacyProvider struct { GitHubUsers []string `flag:"github-user" cfg:"github_users"` GitLabGroup []string `flag:"gitlab-group" cfg:"gitlab_groups"` GitLabProjects []string `flag:"gitlab-project" cfg:"gitlab_projects"` - GoogleGroups []string `flag:"google-group" cfg:"google_group"` + GoogleGroupsLegacy []string `flag:"google-group" cfg:"google_group"` + GoogleGroups []string `flag:"google-group" cfg:"google_groups"` GoogleAdminEmail string `flag:"google-admin-email" cfg:"google_admin_email"` GoogleServiceAccountJSON string `flag:"google-service-account-json" cfg:"google_service_account_json"` GoogleUseApplicationDefaultCredentials bool `flag:"google-use-application-default-credentials" cfg:"google_use_application_default_credentials"` @@ -727,6 +729,13 @@ func (l *LegacyProvider) convert() (Providers, error) { Repository: l.BitbucketRepository, } case "google": + if len(l.GoogleGroupsLegacy) != 0 && !reflect.DeepEqual(l.GoogleGroupsLegacy, l.GoogleGroups) { + // Log the deprecation notice + logger.Error( + "WARNING: The 'OAUTH2_PROXY_GOOGLE_GROUP' environment variable is deprecated and will likely be removed in the next major release. Use 'OAUTH2_PROXY_GOOGLE_GROUPS' instead.", + ) + l.GoogleGroups = l.GoogleGroupsLegacy + } provider.GoogleConfig = GoogleOptions{ Groups: l.GoogleGroups, AdminEmail: l.GoogleAdminEmail, diff --git a/pkg/apis/options/legacy_options_test.go b/pkg/apis/options/legacy_options_test.go index 03f874ca..4ad7d9fc 100644 --- a/pkg/apis/options/legacy_options_test.go +++ b/pkg/apis/options/legacy_options_test.go @@ -991,6 +991,14 @@ var _ = Describe("Legacy Options", func() { GoogleServiceAccountJSON: "test.json", GoogleGroups: []string{"1", "2"}, } + + legacyConfigLegacyProvider := LegacyProvider{ + ClientID: clientID, + ProviderType: "google", + GoogleAdminEmail: "email@email.com", + GoogleServiceAccountJSON: "test.json", + GoogleGroupsLegacy: []string{"1", "2"}, + } DescribeTable("convertLegacyProviders", func(in *convertProvidersTableInput) { providers, err := in.legacyProvider.convert() @@ -1024,6 +1032,11 @@ var _ = Describe("Legacy Options", func() { expectedProviders: Providers{internalConfigProvider}, errMsg: "", }), + Entry("with legacy provider config", &convertProvidersTableInput{ + legacyProvider: legacyConfigLegacyProvider, + expectedProviders: Providers{internalConfigProvider}, + errMsg: "", + }), ) }) }) diff --git a/pkg/apis/options/load.go b/pkg/apis/options/load.go index ec39cd5c..4c752285 100644 --- a/pkg/apis/options/load.go +++ b/pkg/apis/options/load.go @@ -43,8 +43,8 @@ func Load(configFileName string, flagSet *pflag.FlagSet, into interface{}) error return fmt.Errorf("unable to register flags: %w", err) } - // UnmarhsalExact will return an error if the config includes options that are - // not mapped to felds of the into struct + // UnmarshalExact will return an error if the config includes options that are + // not mapped to fields of the into struct err = v.UnmarshalExact(into, decodeFromCfgTag) if err != nil { return fmt.Errorf("error unmarshalling config: %w", err)