oauth2_proxy/options.go

package main

import (
	"fmt"
	"net/url"
	"regexp"
	"strings"
	"time"

	"github.com/bitly/oauth2_proxy/providers"
)

// Configuration Options that can be set by Command Line Flag, or Config File
type Options struct {
	ProxyPrefix  string `flag:"proxy-prefix" cfg:"proxy-prefix"`
	HttpAddress  string `flag:"http-address" cfg:"http_address"`
	HttpsAddress string `flag:"https-address" cfg:"https_address"`
	RedirectUrl  string `flag:"redirect-url" cfg:"redirect_url"`
	ClientID     string `flag:"client-id" cfg:"client_id" env:"OAUTH2_PROXY_CLIENT_ID"`
	ClientSecret string `flag:"client-secret" cfg:"client_secret" env:"OAUTH2_PROXY_CLIENT_SECRET"`
	TLSCertFile  string `flag:"tls-cert" cfg:"tls_cert_file"`
	TLSKeyFile   string `flag:"tls-key" cfg:"tls_key_file"`

	AuthenticatedEmailsFile string   `flag:"authenticated-emails-file" cfg:"authenticated_emails_file"`
	EmailDomains            []string `flag:"email-domain" cfg:"email_domains"`
	GitHubOrg               string   `flag:"github-org" cfg:"github_org"`
	GitHubTeam              string   `flag:"github-team" cfg:"github_team"`
	HtpasswdFile            string   `flag:"htpasswd-file" cfg:"htpasswd_file"`
	DisplayHtpasswdForm     bool     `flag:"display-htpasswd-form" cfg:"display_htpasswd_form"`
	CustomTemplatesDir      string   `flag:"custom-templates-dir" cfg:"custom_templates_dir"`

	CookieName     string        `flag:"cookie-name" cfg:"cookie_name" env:"OAUTH2_PROXY_COOKIE_NAME"`
	CookieSecret   string        `flag:"cookie-secret" cfg:"cookie_secret" env:"OAUTH2_PROXY_COOKIE_SECRET"`
	CookieDomain   string        `flag:"cookie-domain" cfg:"cookie_domain" env:"OAUTH2_PROXY_COOKIE_DOMAIN"`
	CookieExpire   time.Duration `flag:"cookie-expire" cfg:"cookie_expire" env:"OAUTH2_PROXY_COOKIE_EXPIRE"`
	CookieRefresh  time.Duration `flag:"cookie-refresh" cfg:"cookie_refresh" env:"OAUTH2_PROXY_COOKIE_REFRESH"`
	CookieSecure   bool          `flag:"cookie-secure" cfg:"cookie_secure"`
	CookieHttpOnly bool          `flag:"cookie-httponly" cfg:"cookie_httponly"`

	Upstreams         []string `flag:"upstream" cfg:"upstreams"`
	SkipAuthRegex     []string `flag:"skip-auth-regex" cfg:"skip_auth_regex"`
	PassBasicAuth     bool     `flag:"pass-basic-auth" cfg:"pass_basic_auth"`
	BasicAuthPassword string   `flag:"basic-auth-password" cfg:"basic_auth_password"`
	PassAccessToken   bool     `flag:"pass-access-token" cfg:"pass_access_token"`
	PassHostHeader    bool     `flag:"pass-host-header" cfg:"pass_host_header"`

	// These options allow for other providers besides Google, with
	// potential overrides.
	Provider       string `flag:"provider" cfg:"provider"`
	LoginUrl       string `flag:"login-url" cfg:"login_url"`
	RedeemUrl      string `flag:"redeem-url" cfg:"redeem_url"`
	ProfileUrl     string `flag:"profile-url" cfg:"profile_url"`
	ValidateUrl    string `flag:"validate-url" cfg:"validate_url"`
	Scope          string `flag:"scope" cfg:"scope"`
	ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`

	RequestLogging bool `flag:"request-logging" cfg:"request_logging"`

	// internal values that are set after config validation
	redirectUrl   *url.URL
	proxyUrls     []*url.URL
	CompiledRegex []*regexp.Regexp
	provider      providers.Provider
}

func NewOptions() *Options {
	return &Options{
		ProxyPrefix:         "/oauth2",
		HttpAddress:         "127.0.0.1:4180",
		HttpsAddress:        ":443",
		DisplayHtpasswdForm: true,
		CookieName:          "_oauth2_proxy",
		CookieSecure:        true,
		CookieHttpOnly:      true,
		CookieExpire:        time.Duration(168) * time.Hour,
		CookieRefresh:       time.Duration(0),
		PassBasicAuth:       true,
		PassAccessToken:     false,
		PassHostHeader:      true,
		ApprovalPrompt:      "force",
		RequestLogging:      true,
	}
}

func parseUrl(to_parse string, urltype string, msgs []string) (*url.URL, []string) {
	parsed, err := url.Parse(to_parse)
	if err != nil {
		return nil, append(msgs, fmt.Sprintf(
			"error parsing %s-url=%q %s", urltype, to_parse, err))
	}
	return parsed, msgs
}

func (o *Options) Validate() error {
	msgs := make([]string, 0)
	if len(o.Upstreams) < 1 {
		msgs = append(msgs, "missing setting: upstream")
	}
	if o.CookieSecret == "" {
		msgs = append(msgs, "missing setting: cookie-secret")
	}
	if o.ClientID == "" {
		msgs = append(msgs, "missing setting: client-id")
	}
	if o.ClientSecret == "" {
		msgs = append(msgs, "missing setting: client-secret")
	}
	if o.AuthenticatedEmailsFile == "" && len(o.EmailDomains) == 0 && o.HtpasswdFile == "" {
		msgs = append(msgs, "missing setting for email validation: email-domain or authenticated-emails-file required.\n      use email-domain=* to authorize all email addresses")
	}

	o.redirectUrl, msgs = parseUrl(o.RedirectUrl, "redirect", msgs)

	for _, u := range o.Upstreams {
		upstreamUrl, err := url.Parse(u)
		if err != nil {
			msgs = append(msgs, fmt.Sprintf(
				"error parsing upstream=%q %s",
				upstreamUrl, err))
		}
		if upstreamUrl.Path == "" {
			upstreamUrl.Path = "/"
		}
		o.proxyUrls = append(o.proxyUrls, upstreamUrl)
	}

	for _, u := range o.SkipAuthRegex {
		CompiledRegex, err := regexp.Compile(u)
		if err != nil {
			msgs = append(msgs, fmt.Sprintf(
				"error compiling regex=%q %s", u, err))
		}
		o.CompiledRegex = append(o.CompiledRegex, CompiledRegex)
	}
	msgs = parseProviderInfo(o, msgs)

	if o.PassAccessToken || (o.CookieRefresh != time.Duration(0)) {
		valid_cookie_secret_size := false
		for _, i := range []int{16, 24, 32} {
			if len(o.CookieSecret) == i {
				valid_cookie_secret_size = true
			}
		}
		if valid_cookie_secret_size == false {
			msgs = append(msgs, fmt.Sprintf(
				"cookie_secret must be 16, 24, or 32 bytes "+
					"to create an AES cipher when "+
					"pass_access_token == true or "+
					"cookie_refresh != 0, but is %d bytes",
				len(o.CookieSecret)))
		}
	}

	if o.CookieRefresh >= o.CookieExpire {
		msgs = append(msgs, fmt.Sprintf(
			"cookie_refresh (%s) must be less than "+
				"cookie_expire (%s)",
			o.CookieRefresh.String(),
			o.CookieExpire.String()))
	}

	if len(msgs) != 0 {
		return fmt.Errorf("Invalid configuration:\n  %s",
			strings.Join(msgs, "\n  "))
	}
	return nil
}

func parseProviderInfo(o *Options, msgs []string) []string {
	p := &providers.ProviderData{
		Scope:          o.Scope,
		ClientID:       o.ClientID,
		ClientSecret:   o.ClientSecret,
		ApprovalPrompt: o.ApprovalPrompt,
	}
	p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs)
	p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs)
	p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs)
	p.ValidateUrl, msgs = parseUrl(o.ValidateUrl, "validate", msgs)

	o.provider = providers.New(o.Provider, p)
	switch p := o.provider.(type) {
	case *providers.GitHubProvider:
		p.SetOrgTeam(o.GitHubOrg, o.GitHubTeam)
	}
	return msgs
}
Add config file support 2014-11-09 19:51:10 +00:00			`package main`

			`import (`
			`"fmt"`
			`"net/url"`
Adding Support for multi white listed urls with regex url match. 2015-01-12 09:18:41 +00:00			`"regexp"`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`"strings"`
Run gofmt over source. 2015-01-19 16:10:37 +00:00			`"time"`
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00
Project Rename -> oauth2_proxy 2015-05-21 06:50:21 +00:00			`"github.com/bitly/oauth2_proxy/providers"`
Add config file support 2014-11-09 19:51:10 +00:00			`)`

			`// Configuration Options that can be set by Command Line Flag, or Config File`
			`type Options struct {`
Enable specific oauth2proxy path; change cookie name to _oauth2proxy 2015-05-29 22:47:40 +00:00			ProxyPrefix string `flag:"proxy-prefix" cfg:"proxy-prefix"`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00			HttpAddress string `flag:"http-address" cfg:"http_address"`
support TLS directly 2015-06-08 01:51:47 +00:00			HttpsAddress string `flag:"https-address" cfg:"https_address"`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00			RedirectUrl string `flag:"redirect-url" cfg:"redirect_url"`
Project Rename -> oauth2_proxy 2015-05-21 06:50:21 +00:00			ClientID string `flag:"client-id" cfg:"client_id" env:"OAUTH2_PROXY_CLIENT_ID"`
			ClientSecret string `flag:"client-secret" cfg:"client_secret" env:"OAUTH2_PROXY_CLIENT_SECRET"`
support TLS directly 2015-06-08 01:51:47 +00:00			TLSCertFile string `flag:"tls-cert" cfg:"tls_cert_file"`
			TLSKeyFile string `flag:"tls-key" cfg:"tls_key_file"`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00
			AuthenticatedEmailsFile string `flag:"authenticated-emails-file" cfg:"authenticated_emails_file"`
disable email validation; rename email-domain argument This adds a "*" option to --email-domain to disable email validation, and this renames `--google-apps-domain` to `--email-domain` for clarity across providers 2015-06-06 18:37:54 +00:00			EmailDomains []string `flag:"email-domain" cfg:"email_domains"`
Github provider 2015-05-21 03:23:48 +00:00			GitHubOrg string `flag:"github-org" cfg:"github_org"`
			GitHubTeam string `flag:"github-team" cfg:"github_team"`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00			HtpasswdFile string `flag:"htpasswd-file" cfg:"htpasswd_file"`
			DisplayHtpasswdForm bool `flag:"display-htpasswd-form" cfg:"display_htpasswd_form"`
support (optional) custom templates 2015-03-17 22:06:06 +00:00			CustomTemplatesDir string `flag:"custom-templates-dir" cfg:"custom_templates_dir"`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00
v2.0 & cleanup changes * bump version to 2.0 * remove --cookie-https-only option * add windows build to dist.sh * rename --cookie-key to --cookie-name 2015-06-08 03:52:28 +00:00			CookieName string `flag:"cookie-name" cfg:"cookie_name" env:"OAUTH2_PROXY_COOKIE_NAME"`
			CookieSecret string `flag:"cookie-secret" cfg:"cookie_secret" env:"OAUTH2_PROXY_COOKIE_SECRET"`
			CookieDomain string `flag:"cookie-domain" cfg:"cookie_domain" env:"OAUTH2_PROXY_COOKIE_DOMAIN"`
			CookieExpire time.Duration `flag:"cookie-expire" cfg:"cookie_expire" env:"OAUTH2_PROXY_COOKIE_EXPIRE"`
			CookieRefresh time.Duration `flag:"cookie-refresh" cfg:"cookie_refresh" env:"OAUTH2_PROXY_COOKIE_REFRESH"`
			CookieSecure bool `flag:"cookie-secure" cfg:"cookie_secure"`
			CookieHttpOnly bool `flag:"cookie-httponly" cfg:"cookie_httponly"`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00
Add support for setting the basic auth password. For tools that don't like empty passwords, this change allows one to set a shared secret password for all users. 2015-07-24 09:17:43 +00:00			Upstreams []string `flag:"upstream" cfg:"upstreams"`
			SkipAuthRegex []string `flag:"skip-auth-regex" cfg:"skip_auth_regex"`
			PassBasicAuth bool `flag:"pass-basic-auth" cfg:"pass_basic_auth"`
			BasicAuthPassword string `flag:"basic-auth-password" cfg:"basic_auth_password"`
			PassAccessToken bool `flag:"pass-access-token" cfg:"pass_access_token"`
			PassHostHeader bool `flag:"pass-host-header" cfg:"pass_host_header"`
Add config file support 2014-11-09 19:51:10 +00:00
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`// These options allow for other providers besides Google, with`
			`// potential overrides.`
Add a flag to set the value of "approval_prompt". By setting this to "force", certain providers, like Google, will interject an additional prompt on every new session. With other values, like "auto", this prompt is not forced upon the user. 2015-07-25 23:27:49 +00:00			Provider string `flag:"provider" cfg:"provider"`
			LoginUrl string `flag:"login-url" cfg:"login_url"`
			RedeemUrl string `flag:"redeem-url" cfg:"redeem_url"`
			ProfileUrl string `flag:"profile-url" cfg:"profile_url"`
			ValidateUrl string `flag:"validate-url" cfg:"validate_url"`
			Scope string `flag:"scope" cfg:"scope"`
			ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00
improve request logging (closer to Apache Common Log) 2015-03-19 20:37:16 +00:00			RequestLogging bool `flag:"request-logging" cfg:"request_logging"`

Add config file support 2014-11-09 19:51:10 +00:00			`// internal values that are set after config validation`
Run gofmt over source. 2015-01-19 16:10:37 +00:00			`redirectUrl *url.URL`
			`proxyUrls []*url.URL`
Adding Support for multi white listed urls with regex url match. 2015-01-12 09:18:41 +00:00			`CompiledRegex []*regexp.Regexp`
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`provider providers.Provider`
Add config file support 2014-11-09 19:51:10 +00:00			`}`

			`func NewOptions() *Options {`
options bug fixes; set https cookies on by default 2014-11-10 03:21:46 +00:00			`return &Options{`
Enable specific oauth2proxy path; change cookie name to _oauth2proxy 2015-05-29 22:47:40 +00:00			`ProxyPrefix: "/oauth2",`
Allow hiding custom login UI even if an htpasswd file is provided. 2014-12-09 20:38:57 +00:00			`HttpAddress: "127.0.0.1:4180",`
support TLS directly 2015-06-08 01:51:47 +00:00			`HttpsAddress: ":443",`
Allow hiding custom login UI even if an htpasswd file is provided. 2014-12-09 20:38:57 +00:00			`DisplayHtpasswdForm: true,`
v2.0 & cleanup changes * bump version to 2.0 * remove --cookie-https-only option * add windows build to dist.sh * rename --cookie-key to --cookie-name 2015-06-08 03:52:28 +00:00			`CookieName: "_oauth2_proxy",`
rename cookie secure flag 2015-03-18 03:13:45 +00:00			`CookieSecure: true,`
Add flag to enable/disable cookie's HttpOnly flag. 2015-01-19 15:52:18 +00:00			`CookieHttpOnly: true,`
Allow hiding custom login UI even if an htpasswd file is provided. 2014-12-09 20:38:57 +00:00			`CookieExpire: time.Duration(168) * time.Hour,`
Implement cookie auto-refresh The intention is to refresh the cookie whenever the user accesses an authenticated service with less than `cookie-refresh` time to go before the cookie expires. 2015-05-08 14:00:57 +00:00			`CookieRefresh: time.Duration(0),`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00			`PassBasicAuth: true,`
Pass the access token to the upstream client This is accomplished by encoding the access_token in the auth cookie and unpacking it as the X-Forwarded-Access-Token header for upstream requests. 2015-04-03 00:57:17 +00:00			`PassAccessToken: false,`
add --proxy-host-header option 2015-03-17 19:15:15 +00:00			`PassHostHeader: true,`
Add a flag to set the value of "approval_prompt". By setting this to "force", certain providers, like Google, will interject an additional prompt on every new session. With other values, like "auto", this prompt is not forced upon the user. 2015-07-25 23:27:49 +00:00			`ApprovalPrompt: "force",`
improve request logging (closer to Apache Common Log) 2015-03-19 20:37:16 +00:00			`RequestLogging: true,`
options bug fixes; set https cookies on by default 2014-11-10 03:21:46 +00:00			`}`
Add config file support 2014-11-09 19:51:10 +00:00			`}`

Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`func parseUrl(to_parse string, urltype string, msgs []string) (*url.URL, []string) {`
			`parsed, err := url.Parse(to_parse)`
			`if err != nil {`
			`return nil, append(msgs, fmt.Sprintf(`
			`"error parsing %s-url=%q %s", urltype, to_parse, err))`
			`}`
			`return parsed, msgs`
			`}`

Add config file support 2014-11-09 19:51:10 +00:00			`func (o *Options) Validate() error {`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`msgs := make([]string, 0)`
Add config file support 2014-11-09 19:51:10 +00:00			`if len(o.Upstreams) < 1 {`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`msgs = append(msgs, "missing setting: upstream")`
Add config file support 2014-11-09 19:51:10 +00:00			`}`
			`if o.CookieSecret == "" {`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`msgs = append(msgs, "missing setting: cookie-secret")`
Add config file support 2014-11-09 19:51:10 +00:00			`}`
			`if o.ClientID == "" {`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`msgs = append(msgs, "missing setting: client-id")`
Add config file support 2014-11-09 19:51:10 +00:00			`}`
			`if o.ClientSecret == "" {`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`msgs = append(msgs, "missing setting: client-secret")`
Add config file support 2014-11-09 19:51:10 +00:00			`}`
clarify required email validation settings 2015-07-24 20:09:33 +00:00			`if o.AuthenticatedEmailsFile == "" && len(o.EmailDomains) == 0 && o.HtpasswdFile == "" {`
			`msgs = append(msgs, "missing setting for email validation: email-domain or authenticated-emails-file required.\n use email-domain=* to authorize all email addresses")`
			`}`
Add config file support 2014-11-09 19:51:10 +00:00
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`o.redirectUrl, msgs = parseUrl(o.RedirectUrl, "redirect", msgs)`
Add config file support 2014-11-09 19:51:10 +00:00
			`for _, u := range o.Upstreams {`
			`upstreamUrl, err := url.Parse(u)`
			`if err != nil {`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`msgs = append(msgs, fmt.Sprintf(`
			`"error parsing upstream=%q %s",`
			`upstreamUrl, err))`
Add config file support 2014-11-09 19:51:10 +00:00			`}`
			`if upstreamUrl.Path == "" {`
			`upstreamUrl.Path = "/"`
			`}`
			`o.proxyUrls = append(o.proxyUrls, upstreamUrl)`
			`}`

Adding Support for multi white listed urls with regex url match. 2015-01-12 09:18:41 +00:00			`for _, u := range o.SkipAuthRegex {`
			`CompiledRegex, err := regexp.Compile(u)`
			`if err != nil {`
Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`msgs = append(msgs, fmt.Sprintf(`
			`"error compiling regex=%q %s", u, err))`
Adding Support for multi white listed urls with regex url match. 2015-01-12 09:18:41 +00:00			`}`
			`o.CompiledRegex = append(o.CompiledRegex, CompiledRegex)`
			`}`
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`msgs = parseProviderInfo(o, msgs)`
Adding Support for multi white listed urls with regex url match. 2015-01-12 09:18:41 +00:00
Check cookie_secret size when cookie_refresh set 2015-05-09 21:31:13 +00:00			`if o.PassAccessToken \|\| (o.CookieRefresh != time.Duration(0)) {`
Refactor pass_access_token+cookie_secret check Moves the check from NewOauthProxy() to Options.Validate() and adds a test. 2015-04-05 13:43:40 +00:00			`valid_cookie_secret_size := false`
			`for _, i := range []int{16, 24, 32} {`
			`if len(o.CookieSecret) == i {`
			`valid_cookie_secret_size = true`
			`}`
			`}`
			`if valid_cookie_secret_size == false {`
			`msgs = append(msgs, fmt.Sprintf(`
			`"cookie_secret must be 16, 24, or 32 bytes "+`
			`"to create an AES cipher when "+`
Check cookie_secret size when cookie_refresh set 2015-05-09 21:31:13 +00:00			`"pass_access_token == true or "+`
			`"cookie_refresh != 0, but is %d bytes",`
Refactor pass_access_token+cookie_secret check Moves the check from NewOauthProxy() to Options.Validate() and adds a test. 2015-04-05 13:43:40 +00:00			`len(o.CookieSecret)))`
			`}`
			`}`

Enforce that cookie_refresh < cookie_expire 2015-05-09 21:16:19 +00:00			`if o.CookieRefresh >= o.CookieExpire {`
			`msgs = append(msgs, fmt.Sprintf(`
			`"cookie_refresh (%s) must be less than "+`
			`"cookie_expire (%s)",`
			`o.CookieRefresh.String(),`
			`o.CookieExpire.String()))`
			`}`

Catch more options errors at once; add test 2015-03-15 16:23:13 +00:00			`if len(msgs) != 0 {`
			`return fmt.Errorf("Invalid configuration:\n %s",`
			`strings.Join(msgs, "\n "))`
			`}`
Add config file support 2014-11-09 19:51:10 +00:00			`return nil`
			`}`
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00
			`func parseProviderInfo(o *Options, msgs []string) []string {`
Add a flag to set the value of "approval_prompt". By setting this to "force", certain providers, like Google, will interject an additional prompt on every new session. With other values, like "auto", this prompt is not forced upon the user. 2015-07-25 23:27:49 +00:00			`p := &providers.ProviderData{`
			`Scope: o.Scope,`
			`ClientID: o.ClientID,`
			`ClientSecret: o.ClientSecret,`
			`ApprovalPrompt: o.ApprovalPrompt,`
			`}`
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs)`
			`p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs)`
			`p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs)`
Introduce `validate-url` flag/config 2015-05-08 21:13:35 +00:00			`p.ValidateUrl, msgs = parseUrl(o.ValidateUrl, "validate", msgs)`
Github provider 2015-05-21 03:23:48 +00:00
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`o.provider = providers.New(o.Provider, p)`
Github provider 2015-05-21 03:23:48 +00:00			`switch p := o.provider.(type) {`
			`case *providers.GitHubProvider:`
			`p.SetOrgTeam(o.GitHubOrg, o.GitHubTeam)`
			`}`
Integrate Provider into Options and OauthProxy 2015-03-30 19:48:30 +00:00			`return msgs`
			`}`