Skip to content
This repository has been archived by the owner on Jan 24, 2019. It is now read-only.

Allow hiding custom login UI even if an htpasswd file is provided. #46

Merged
merged 1 commit into from
Dec 9, 2014
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ func main() {
flagSet.String("client-secret", "", "the OAuth Client Secret")
flagSet.String("authenticated-emails-file", "", "authenticate against emails via file (one per line)")
flagSet.String("htpasswd-file", "", "additionally authenticate against a htpasswd file. Entries must be created with \"htpasswd -s\" for SHA encryption")
flagSet.Bool("display-htpasswd-form", true, "display username / password login form if an htpasswd file is provided")

flagSet.String("cookie-secret", "", "the seed string for secure cookies")
flagSet.String("cookie-domain", "", "an optional cookie domain to force cookies to (ie: .yourcompany.com)*")
Expand Down Expand Up @@ -78,6 +79,7 @@ func main() {
if opts.HtpasswdFile != "" {
log.Printf("using htpasswd file %s", opts.HtpasswdFile)
oauthproxy.HtpasswdFile, err = NewHtpasswdFromFile(opts.HtpasswdFile)
oauthproxy.DisplayHtpasswdForm = opts.DisplayHtpasswdForm
if err != nil {
log.Fatalf("FATAL: unable to open %s %s", opts.HtpasswdFile, err)
}
Expand Down
29 changes: 17 additions & 12 deletions oauthproxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,16 +29,17 @@ type OauthProxy struct {
CookieExpire time.Duration
Validator func(string) bool

redirectUrl *url.URL // the url to receive requests at
oauthRedemptionUrl *url.URL // endpoint to redeem the code
oauthLoginUrl *url.URL // to redirect the user to
oauthScope string
clientID string
clientSecret string
SignInMessage string
HtpasswdFile *HtpasswdFile
serveMux *http.ServeMux
PassBasicAuth bool
redirectUrl *url.URL // the url to receive requests at
oauthRedemptionUrl *url.URL // endpoint to redeem the code
oauthLoginUrl *url.URL // to redirect the user to
oauthScope string
clientID string
clientSecret string
SignInMessage string
HtpasswdFile *HtpasswdFile
DisplayHtpasswdForm bool
serveMux *http.ServeMux
PassBasicAuth bool
}

func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy {
Expand Down Expand Up @@ -114,6 +115,10 @@ func apiRequest(req *http.Request) (*simplejson.Json, error) {
return data, nil
}

func (p *OauthProxy) displayCustomLoginForm() bool {
return p.HtpasswdFile != nil && p.DisplayHtpasswdForm
}

func (p *OauthProxy) redeemCode(code string) (string, string, error) {
if code == "" {
return "", "", errors.New("missing code")
Expand Down Expand Up @@ -232,12 +237,12 @@ func (p *OauthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code

t := struct {
SignInMessage string
Htpasswd bool
CustomLogin bool
Redirect string
Version string
}{
SignInMessage: p.SignInMessage,
Htpasswd: p.HtpasswdFile != nil,
CustomLogin: p.displayCustomLoginForm(),
Redirect: req.URL.RequestURI(),
Version: VERSION,
}
Expand Down
10 changes: 6 additions & 4 deletions options.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ type Options struct {
ClientSecret string `flag:"client-secret" cfg:"client_secret" env:"GOOGLE_AUTH_PROXY_CLIENT_SECRET"`
PassBasicAuth bool `flag:"pass-basic-auth" cfg:"pass_basic_auth"`
HtpasswdFile string `flag:"htpasswd-file" cfg:"htpasswd_file"`
DisplayHtpasswdForm bool `flag:"display-htpasswd-form" cfg:"display_htpasswd_form"`
CookieSecret string `flag:"cookie-secret" cfg:"cookie_secret" env:"GOOGLE_AUTH_PROXY_COOKIE_SECRET"`
CookieDomain string `flag:"cookie-domain" cfg:"cookie_domain" env:"GOOGLE_AUTH_PROXY_COOKIE_DOMAIN"`
CookieExpire time.Duration `flag:"cookie-expire" cfg:"cookie_expire" env:"GOOGLE_AUTH_PROXY_COOKIE_EXPIRE"`
Expand All @@ -30,10 +31,11 @@ type Options struct {

func NewOptions() *Options {
return &Options{
HttpAddress: "127.0.0.1:4180",
CookieHttpsOnly: true,
PassBasicAuth: true,
CookieExpire: time.Duration(168) * time.Hour,
HttpAddress: "127.0.0.1:4180",
DisplayHtpasswdForm: true,
CookieHttpsOnly: true,
PassBasicAuth: true,
CookieExpire: time.Duration(168) * time.Hour,
}
}

Expand Down
4 changes: 2 additions & 2 deletions templates.go
Original file line number Diff line number Diff line change
Expand Up @@ -105,8 +105,8 @@ func getTemplates() *template.Template {
<button type="submit" class="btn">Sign in with a Google Account</button><br/>
</form>
</div>
{{ if .Htpasswd }}

{{ if .CustomLogin }}
<div class="signin">
<form method="POST" action="/oauth2/sign_in">
<input type="hidden" name="rd" value="{{.Redirect}}">
Expand Down
1 change: 0 additions & 1 deletion templates_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,4 @@ import (
func TestTemplatesCompile(t *testing.T) {
templates := getTemplates()
assert.NotEqual(t, templates, nil)

}