meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add a flag to set the value of "approval_prompt".

Browse Source 
By setting this to "force", certain providers, like Google,
will interject an additional prompt on every new session. With other values,
like "auto", this prompt is not forced upon the user.
This commit is contained in:
Ed Bardsley 2015-07-25 16:27:49 -07:00
parent 5ff8aa3581
commit 33045a792b
5 changed files with 26 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -94,6 +94,7 @@ An example [oauth2_proxy.cfg](contrib/oauth2_proxy.cfg.example) config file is i
``` ```
Usage of oauth2_proxy: Usage of oauth2_proxy:
-approval_prompt="force": Oauth approval_prompt
-authenticated-emails-file="": authenticate against emails via file (one per line) -authenticated-emails-file="": authenticate against emails via file (one per line)
-client-id="": the OAuth Client ID: ie: "123456.apps.googleusercontent.com" -client-id="": the OAuth Client ID: ie: "123456.apps.googleusercontent.com"
-client-secret="": the OAuth Client Secret -client-secret="": the OAuth Client Secret

1
main.go
View File

@ -63,6 +63,7 @@ func main() {
flagSet.String("profile-url", "", "Profile access endpoint") flagSet.String("profile-url", "", "Profile access endpoint")
flagSet.String("validate-url", "", "Access token validation endpoint") flagSet.String("validate-url", "", "Access token validation endpoint")
flagSet.String("scope", "", "Oauth scope specification") flagSet.String("scope", "", "Oauth scope specification")
flagSet.String("approval-prompt", "force", "Oauth approval_prompt")
flagSet.Parse(os.Args[1:]) flagSet.Parse(os.Args[1:])

9
options.go
View File

@ -52,6 +52,7 @@ type Options struct {
ProfileUrl string `flag:"profile-url" cfg:"profile_url"` ProfileUrl string `flag:"profile-url" cfg:"profile_url"`
ValidateUrl string `flag:"validate-url" cfg:"validate_url"` ValidateUrl string `flag:"validate-url" cfg:"validate_url"`
Scope string `flag:"scope" cfg:"scope"` Scope string `flag:"scope" cfg:"scope"`
ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`
RequestLogging bool `flag:"request-logging" cfg:"request_logging"` RequestLogging bool `flag:"request-logging" cfg:"request_logging"`
@ -76,6 +77,7 @@ func NewOptions() *Options {
PassBasicAuth: true, PassBasicAuth: true,
PassAccessToken: false, PassAccessToken: false,
PassHostHeader: true, PassHostHeader: true,
ApprovalPrompt: "force",
RequestLogging: true, RequestLogging: true,
} }
} }
@ -165,7 +167,12 @@ func (o *Options) Validate() error {
} }
func parseProviderInfo(o *Options, msgs []string) []string { func parseProviderInfo(o *Options, msgs []string) []string {
p := &providers.ProviderData{Scope: o.Scope, ClientID: o.ClientID, ClientSecret: o.ClientSecret} p := &providers.ProviderData{
Scope: o.Scope,
ClientID: o.ClientID,
ClientSecret: o.ClientSecret,
ApprovalPrompt: o.ApprovalPrompt,
}
p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs) p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs)
p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs) p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs)
p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs) p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs)

1
providers/provider_data.go
View File

@ -13,6 +13,7 @@ type ProviderData struct {
ProfileUrl *url.URL ProfileUrl *url.URL
ValidateUrl *url.URL ValidateUrl *url.URL
Scope string Scope string
ApprovalPrompt string
} }
func (p *ProviderData) Data() *ProviderData { return p } func (p *ProviderData) Data() *ProviderData { return p }

2
providers/provider_default.go
View File

@ -80,7 +80,7 @@ func (p *ProviderData) GetLoginURL(redirectURI, finalRedirect string) string {
a = *p.LoginUrl a = *p.LoginUrl
params, _ := url.ParseQuery(a.RawQuery) params, _ := url.ParseQuery(a.RawQuery)
params.Set("redirect_uri", redirectURI) params.Set("redirect_uri", redirectURI)
params.Set("approval_prompt", "force") params.Set("approval_prompt", p.ApprovalPrompt)
params.Add("scope", p.Scope) params.Add("scope", p.Scope)
params.Set("client_id", p.ClientID) params.Set("client_id", p.ClientID)
params.Set("response_type", "code") params.Set("response_type", "code")