Allow configuration of groups for authproxy

Signed-off-by: seuf <seuf76@gmail.com>
2020-10-20 11:19:48 +02:00 · 2020-10-20 11:19:48 +02:00 · f19bccfc92
parent a12a919d3e
commit f19bccfc92
1 changed files with 5 additions and 2 deletions
--- a/connector/authproxy/authproxy.go
+++ b/connector/authproxy/authproxy.go
@ -15,7 +15,8 @@ import (
 // Config holds the configuration parameters for a connector which returns an
 // identity with the HTTP header X-Remote-User as verified email.
 type Config struct {
-	HeaderName string `json:"headerName"`
+	HeaderName string   `json:"headerName"`
+	Groups     []string `json:"groups"`
 }

 // Open returns an authentication strategy which requires no user interaction.
@ -23,13 +24,14 @@ func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error)
 	if c.HeaderName == "" {
 		c.HeaderName = "X-Remote-User"
 	}
-	return &callback{headerName: c.HeaderName, logger: logger, pathSuffix: "/" + id}, nil
+	return &callback{headerName: c.HeaderName, logger: logger, pathSuffix: "/" + id, groups: c.Groups}, nil
 }

 // Callback is a connector which returns an identity with the HTTP header
 // X-Remote-User as verified email.
 type callback struct {
 	headerName string
+	groups     []string
 	logger     log.Logger
 	pathSuffix string
 }
@ -59,5 +61,6 @@ func (m *callback) HandleCallback(s connector.Scopes, r *http.Request) (connecto
 		UserID:        remoteUser, // TODO: figure out if this is a bad ID value.
 		Email:         remoteUser,
 		EmailVerified: true,
+		Groups:        m.groups,
 	}, nil
 }