Merge pull request #131 from ebardsley/master
Allow passing the value of "approval_prompt" as a flag or option.
This commit is contained in:
commit
d1c0208824
@ -93,6 +93,7 @@ An example [oauth2_proxy.cfg](contrib/oauth2_proxy.cfg.example) config file is i
|
|||||||
|
|
||||||
```
|
```
|
||||||
Usage of oauth2_proxy:
|
Usage of oauth2_proxy:
|
||||||
|
-approval_prompt="force": Oauth approval_prompt
|
||||||
-authenticated-emails-file="": authenticate against emails via file (one per line)
|
-authenticated-emails-file="": authenticate against emails via file (one per line)
|
||||||
-client-id="": the OAuth Client ID: ie: "123456.apps.googleusercontent.com"
|
-client-id="": the OAuth Client ID: ie: "123456.apps.googleusercontent.com"
|
||||||
-client-secret="": the OAuth Client Secret
|
-client-secret="": the OAuth Client Secret
|
||||||
|
1
main.go
1
main.go
@ -63,6 +63,7 @@ func main() {
|
|||||||
flagSet.String("profile-url", "", "Profile access endpoint")
|
flagSet.String("profile-url", "", "Profile access endpoint")
|
||||||
flagSet.String("validate-url", "", "Access token validation endpoint")
|
flagSet.String("validate-url", "", "Access token validation endpoint")
|
||||||
flagSet.String("scope", "", "Oauth scope specification")
|
flagSet.String("scope", "", "Oauth scope specification")
|
||||||
|
flagSet.String("approval-prompt", "force", "Oauth approval_prompt")
|
||||||
|
|
||||||
flagSet.Parse(os.Args[1:])
|
flagSet.Parse(os.Args[1:])
|
||||||
|
|
||||||
|
21
options.go
21
options.go
@ -46,12 +46,13 @@ type Options struct {
|
|||||||
|
|
||||||
// These options allow for other providers besides Google, with
|
// These options allow for other providers besides Google, with
|
||||||
// potential overrides.
|
// potential overrides.
|
||||||
Provider string `flag:"provider" cfg:"provider"`
|
Provider string `flag:"provider" cfg:"provider"`
|
||||||
LoginUrl string `flag:"login-url" cfg:"login_url"`
|
LoginUrl string `flag:"login-url" cfg:"login_url"`
|
||||||
RedeemUrl string `flag:"redeem-url" cfg:"redeem_url"`
|
RedeemUrl string `flag:"redeem-url" cfg:"redeem_url"`
|
||||||
ProfileUrl string `flag:"profile-url" cfg:"profile_url"`
|
ProfileUrl string `flag:"profile-url" cfg:"profile_url"`
|
||||||
ValidateUrl string `flag:"validate-url" cfg:"validate_url"`
|
ValidateUrl string `flag:"validate-url" cfg:"validate_url"`
|
||||||
Scope string `flag:"scope" cfg:"scope"`
|
Scope string `flag:"scope" cfg:"scope"`
|
||||||
|
ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`
|
||||||
|
|
||||||
RequestLogging bool `flag:"request-logging" cfg:"request_logging"`
|
RequestLogging bool `flag:"request-logging" cfg:"request_logging"`
|
||||||
|
|
||||||
@ -76,6 +77,7 @@ func NewOptions() *Options {
|
|||||||
PassBasicAuth: true,
|
PassBasicAuth: true,
|
||||||
PassAccessToken: false,
|
PassAccessToken: false,
|
||||||
PassHostHeader: true,
|
PassHostHeader: true,
|
||||||
|
ApprovalPrompt: "force",
|
||||||
RequestLogging: true,
|
RequestLogging: true,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -165,7 +167,12 @@ func (o *Options) Validate() error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func parseProviderInfo(o *Options, msgs []string) []string {
|
func parseProviderInfo(o *Options, msgs []string) []string {
|
||||||
p := &providers.ProviderData{Scope: o.Scope, ClientID: o.ClientID, ClientSecret: o.ClientSecret}
|
p := &providers.ProviderData{
|
||||||
|
Scope: o.Scope,
|
||||||
|
ClientID: o.ClientID,
|
||||||
|
ClientSecret: o.ClientSecret,
|
||||||
|
ApprovalPrompt: o.ApprovalPrompt,
|
||||||
|
}
|
||||||
p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs)
|
p.LoginUrl, msgs = parseUrl(o.LoginUrl, "login", msgs)
|
||||||
p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs)
|
p.RedeemUrl, msgs = parseUrl(o.RedeemUrl, "redeem", msgs)
|
||||||
p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs)
|
p.ProfileUrl, msgs = parseUrl(o.ProfileUrl, "profile", msgs)
|
||||||
|
@ -5,14 +5,15 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
type ProviderData struct {
|
type ProviderData struct {
|
||||||
ProviderName string
|
ProviderName string
|
||||||
ClientID string
|
ClientID string
|
||||||
ClientSecret string
|
ClientSecret string
|
||||||
LoginUrl *url.URL
|
LoginUrl *url.URL
|
||||||
RedeemUrl *url.URL
|
RedeemUrl *url.URL
|
||||||
ProfileUrl *url.URL
|
ProfileUrl *url.URL
|
||||||
ValidateUrl *url.URL
|
ValidateUrl *url.URL
|
||||||
Scope string
|
Scope string
|
||||||
|
ApprovalPrompt string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *ProviderData) Data() *ProviderData { return p }
|
func (p *ProviderData) Data() *ProviderData { return p }
|
||||||
|
@ -80,7 +80,7 @@ func (p *ProviderData) GetLoginURL(redirectURI, finalRedirect string) string {
|
|||||||
a = *p.LoginUrl
|
a = *p.LoginUrl
|
||||||
params, _ := url.ParseQuery(a.RawQuery)
|
params, _ := url.ParseQuery(a.RawQuery)
|
||||||
params.Set("redirect_uri", redirectURI)
|
params.Set("redirect_uri", redirectURI)
|
||||||
params.Set("approval_prompt", "force")
|
params.Set("approval_prompt", p.ApprovalPrompt)
|
||||||
params.Add("scope", p.Scope)
|
params.Add("scope", p.Scope)
|
||||||
params.Set("client_id", p.ClientID)
|
params.Set("client_id", p.ClientID)
|
||||||
params.Set("response_type", "code")
|
params.Set("response_type", "code")
|
||||||
|
Loading…
Reference in New Issue
Block a user