Merge pull request #131 from ebardsley/master
Allow passing the value of "approval_prompt" as a flag or option.
This commit is contained in:
commit
d1c0208824
@ -93,6 +93,7 @@ An example [oauth2_proxy.cfg](contrib/oauth2_proxy.cfg.example) config file is i
|
||||
|
||||
```
|
||||
Usage of oauth2_proxy:
|
||||
-approval_prompt="force": Oauth approval_prompt
|
||||
-authenticated-emails-file="": authenticate against emails via file (one per line)
|
||||
-client-id="": the OAuth Client ID: ie: "123456.apps.googleusercontent.com"
|
||||
-client-secret="": the OAuth Client Secret
|
||||
|
1
main.go
1
main.go
@ -63,6 +63,7 @@ func main() {
|
||||
flagSet.String("profile-url", "", "Profile access endpoint")
|
||||
flagSet.String("validate-url", "", "Access token validation endpoint")
|
||||
flagSet.String("scope", "", "Oauth scope specification")
|
||||
flagSet.String("approval-prompt", "force", "Oauth approval_prompt")
|
||||
|
||||
flagSet.Parse(os.Args[1:])
|
||||
|
||||
|
21
options.go
21
options.go
@ -46,12 +46,13 @@ type Options struct {
|
||||
|
||||
// These options allow for other providers besides Google, with
|
||||
// potential overrides.
|
||||
Provider string `flag:"provider" cfg:"provider"`
|
||||
LoginUrl string `flag:"login-url" cfg:"login_url"`
|
||||
RedeemUrl string `flag:"redeem-url" cfg:"redeem_url"`
|
||||
ProfileUrl string `flag:"profile-url" cfg:"profile_url"`
|
||||
ValidateUrl string `flag:"validate-url" cfg:"validate_url"`
|
||||
Scope string `flag:"scope" cfg:"scope"`
|
||||
Provider string `flag:"provider" cfg:"provider"`
|
||||
LoginUrl string `flag:"login-url" cfg:"login_url"`
|
||||
RedeemUrl string `flag:"redeem-url" cfg:"redeem_url"`
|
||||
ProfileUrl string `flag:"profile-url" cfg:"profile_url"`
|
||||
ValidateUrl string `flag:"validate-url" cfg:"validate_url"`
|
||||
Scope string `flag:"scope" cfg:"scope"`
|
||||
ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`
|
||||
|
||||
RequestLogging bool `flag:"request-logging" cfg:"request_logging"`
|
||||
|
||||
@ -76,6 +77,7 @@ func NewOptions() *Options {
|
||||
PassBasicAuth: true,
|
||||
PassAccessToken: false,
|
||||
PassHostHeader: true,
|
||||
ApprovalPrompt: "force",
|
||||
RequestLogging: true,
|
||||
}
|
||||
}
|
||||
@ -165,7 +167,12 @@ func (o *Options) Validate() error {
|
||||
}
|
||||
|
||||
func parseProviderInfo(o *Options, msgs []string) []string {
|
||||
p := &providers.ProviderData{Scope: o.Scope, ClientID: o.ClientID, ClientSecret: o.ClientSecret}
|
||||
p := &providers.ProviderData{
|
||||
Scope: o.Scope,
|
||||
ClientID: o.ClientID,
|
||||
ClientSecret: o.ClientSecret,
|
||||
ApprovalPrompt: o.ApprovalPrompt,
|
||||
}
|
||||
p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs)
|
||||
p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs)
|
||||
p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs)
|
||||
|
@ -5,14 +5,15 @@ import (
|
||||
)
|
||||
|
||||
type ProviderData struct {
|
||||
ProviderName string
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
LoginUrl *url.URL
|
||||
RedeemUrl *url.URL
|
||||
ProfileUrl *url.URL
|
||||
ValidateUrl *url.URL
|
||||
Scope string
|
||||
ProviderName string
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
LoginUrl *url.URL
|
||||
RedeemUrl *url.URL
|
||||
ProfileUrl *url.URL
|
||||
ValidateUrl *url.URL
|
||||
Scope string
|
||||
ApprovalPrompt string
|
||||
}
|
||||
|
||||
func (p *ProviderData) Data() *ProviderData { return p }
|
||||
|
@ -80,7 +80,7 @@ func (p *ProviderData) GetLoginURL(redirectURI, finalRedirect string) string {
|
||||
a = *p.LoginUrl
|
||||
params, _ := url.ParseQuery(a.RawQuery)
|
||||
params.Set("redirect_uri", redirectURI)
|
||||
params.Set("approval_prompt", "force")
|
||||
params.Set("approval_prompt", p.ApprovalPrompt)
|
||||
params.Add("scope", p.Scope)
|
||||
params.Set("client_id", p.ClientID)
|
||||
params.Set("response_type", "code")
|
||||
|
Loading…
Reference in New Issue
Block a user