Merge pull request #161 from rahdjoudj/master

adding option to skip provider button sign_in page
2016-06-18 23:31:39 -04:00 · 2016-06-18 23:31:39 -04:00 · 168cff9d4b
commit 168cff9d4b
parent fe143ca9e8 35547a40cb
3 changed files with 27 additions and 18 deletions
--- a/main.go
+++ b/main.go
@ -36,6 +36,7 @@ func main() {
 	flagSet.Bool("pass-access-token", false, "pass OAuth access_token to upstream via X-Forwarded-Access-Token header")
 	flagSet.Bool("pass-host-header", true, "pass the request Host Header to upstream")
 	flagSet.Var(&skipAuthRegex, "skip-auth-regex", "bypass authentication for requests path's that match (may be given multiple times)")
+	flagSet.Bool("skip-provider-button", false, "will skip sign-in-page to directly reach the next step: oauth/start")

 	flagSet.Var(&emailDomains, "email-domain", "authenticate emails with the specified domain (may be given multiple times). Use * to authenticate any email")
 	flagSet.String("azure-tenant", "common", "go to a tenant-specific or common (tenant-independent) endpoint.")
--- a/oauthproxy.go
+++ b/oauthproxy.go
@ -59,6 +59,7 @@ type OAuthProxy struct {
 	DisplayHtpasswdForm bool
 	serveMux            http.Handler
 	PassBasicAuth       bool
+	SkipProviderButton  bool
 	BasicAuthPassword   string
 	PassAccessToken     bool
 	CookieCipher        *cookie.Cipher
@ -186,17 +187,18 @@ func NewOAuthProxy(opts *Options, validator func(string) bool) *OAuthProxy {
 		OAuthCallbackPath: fmt.Sprintf("%s/callback", opts.ProxyPrefix),
 		AuthOnlyPath:      fmt.Sprintf("%s/auth", opts.ProxyPrefix),

-		ProxyPrefix:       opts.ProxyPrefix,
-		provider:          opts.provider,
-		serveMux:          serveMux,
-		redirectURL:       redirectURL,
-		skipAuthRegex:     opts.SkipAuthRegex,
-		compiledRegex:     opts.CompiledRegex,
-		PassBasicAuth:     opts.PassBasicAuth,
-		BasicAuthPassword: opts.BasicAuthPassword,
-		PassAccessToken:   opts.PassAccessToken,
-		CookieCipher:      cipher,
-		templates:         loadTemplates(opts.CustomTemplatesDir),
+		ProxyPrefix:        opts.ProxyPrefix,
+		provider:           opts.provider,
+		serveMux:           serveMux,
+		redirectURL:        redirectURL,
+		skipAuthRegex:      opts.SkipAuthRegex,
+		compiledRegex:      opts.CompiledRegex,
+		PassBasicAuth:      opts.PassBasicAuth,
+		BasicAuthPassword:  opts.BasicAuthPassword,
+		PassAccessToken:    opts.PassAccessToken,
+		SkipProviderButton: opts.SkipProviderButton,
+		CookieCipher:       cipher,
+		templates:          loadTemplates(opts.CustomTemplatesDir),
 	}
 }

@ -511,7 +513,11 @@ func (p *OAuthProxy) Proxy(rw http.ResponseWriter, req *http.Request) {
 		p.ErrorPage(rw, http.StatusInternalServerError,
 			"Internal Error", "Internal Error")
 	} else if status == http.StatusForbidden {
-		p.SignInPage(rw, req, http.StatusForbidden)
+		if p.SkipProviderButton {
+			p.OAuthStart(rw, req)
+		} else {
+			p.SignInPage(rw, req, http.StatusForbidden)
+		}
 	} else {
 		p.serveMux.ServeHTTP(rw, req)
 	}
--- a/options.go
+++ b/options.go
@ -44,12 +44,13 @@ type Options struct {
 	CookieSecure   bool          `flag:"cookie-secure" cfg:"cookie_secure"`
 	CookieHttpOnly bool          `flag:"cookie-httponly" cfg:"cookie_httponly"`

-	Upstreams         []string `flag:"upstream" cfg:"upstreams"`
-	SkipAuthRegex     []string `flag:"skip-auth-regex" cfg:"skip_auth_regex"`
-	PassBasicAuth     bool     `flag:"pass-basic-auth" cfg:"pass_basic_auth"`
-	BasicAuthPassword string   `flag:"basic-auth-password" cfg:"basic_auth_password"`
-	PassAccessToken   bool     `flag:"pass-access-token" cfg:"pass_access_token"`
-	PassHostHeader    bool     `flag:"pass-host-header" cfg:"pass_host_header"`
+	Upstreams          []string `flag:"upstream" cfg:"upstreams"`
+	SkipAuthRegex      []string `flag:"skip-auth-regex" cfg:"skip_auth_regex"`
+	PassBasicAuth      bool     `flag:"pass-basic-auth" cfg:"pass_basic_auth"`
+	BasicAuthPassword  string   `flag:"basic-auth-password" cfg:"basic_auth_password"`
+	PassAccessToken    bool     `flag:"pass-access-token" cfg:"pass_access_token"`
+	PassHostHeader     bool     `flag:"pass-host-header" cfg:"pass_host_header"`
+	SkipProviderButton bool     `flag:"skip-provider-button" cfg:"skip_provider_button"`

 	// These options allow for other providers besides Google, with
 	// potential overrides.
@ -93,6 +94,7 @@ func NewOptions() *Options {
 		PassBasicAuth:       true,
 		PassAccessToken:     false,
 		PassHostHeader:      true,
+		SkipProviderButton:  false,
 		ApprovalPrompt:      "force",
 		RequestLogging:      true,
 	}