mystiq
/
dex
Archived
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/server/templates.go

275 lines
7.1 KiB
Go
Raw Normal View History

initial commit
2016-07-26 01:30:28 +05:30
package server
import (
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
"bytes"
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
"fmt"
{web,server}: use html/template and reduce use of auth request ID Switch from using "text/template" to "html/template", which provides basic XSS preventions. We haven't identified any particular place where unsanitized user data is rendered to the frontend. This is just a preventative step. At the same time, make more templates take pure URL instead of forming an URL themselves using an "authReqID" argument. This will help us stop using the auth req ID in certain places, preventing garbage collection from killing login flows that wait too long at the login screen. Also increase the login session window (time between initial redirect and the user logging in) from 30 minutes to 24 hours, and display a more helpful error message when the session expires. How to test: 1. Spin up dex and example with examples/config-dev.yaml. 2. Login through both the password prompt and the direct redirect. 3. Edit examples/config-dev.yaml removing the "connectors" section. 4. Ensure you can still login with a password. (email/password is "admin@example.com" and "password")
2017-02-02 23:59:57 +05:30
"html/template"
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
"io"
initial commit
2016-07-26 01:30:28 +05:30
"net/http"
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
"path"
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
"path/filepath"
"sort"
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
"strings"
use pkger for embedding static contents Co-authored-by: Vikram Yadav <vyadav@pivotal.io> Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-10-15 06:49:23 +05:30
"github.com/markbates/pkger"
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
)
initial commit
2016-07-26 01:30:28 +05:30
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
const (
Device flow token code exchange (#2) * Added /device/token handler with associated business logic and storage tests. Perform user code exchange, flag the device code as complete. Moved device handler code into its own file for cleanliness. Cleanup * Removed PKCE code * Rate limiting for /device/token endpoint based on ietf standards * Configurable Device expiry Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-01-29 00:44:30 +05:30
tmplApproval = "approval.html"
tmplLogin = "login.html"
tmplPassword = "password.html"
tmplOOB = "oob.html"
tmplError = "error.html"
tmplDevice = "device.html"
tmplDeviceSuccess = "device_success.html"
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
tmplHeader = "header.html"
tmplFooter = "footer.html"
initial commit
2016-07-26 01:30:28 +05:30
)
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
type templates struct {
Device flow token code exchange (#2) * Added /device/token handler with associated business logic and storage tests. Perform user code exchange, flag the device code as complete. Moved device handler code into its own file for cleanliness. Cleanup * Removed PKCE code * Rate limiting for /device/token endpoint based on ietf standards * Configurable Device expiry Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-01-29 00:44:30 +05:30
loginTmpl *template.Template
approvalTmpl *template.Template
passwordTmpl *template.Template
oobTmpl *template.Template
errorTmpl *template.Template
deviceTmpl *template.Template
deviceSuccessTmpl *template.Template
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
// loadTemplates parses the expected templates from the provided directory.
func loadTemplates(c WebConfig, issuerPath string) (*templates, error) {
Make dark theme even darker, add fallback for legacy themes Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-12-22 12:37:28 +05:30
// fallback to the default theme if the legacy theme name is provided
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
if c.Theme == "coreos" || c.Theme == "tectonic" {
c.Theme = ""
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
if c.Theme == "" {
c.Theme = "light"
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
if c.Issuer == "" {
c.Issuer = "dex"
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
if c.LogoURL == "" {
c.LogoURL = "theme/logo.png"
}
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
use web host url for asset hosting Signed-off-by: Rui Yang <ruiya@vmware.com> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-09-22 08:56:35 +05:30
hostURL := issuerPath
if c.HostURL != "" {
hostURL = c.HostURL
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
funcs := template.FuncMap{
"issuer": func() string { return c.Issuer },
"logo": func() string { return c.LogoURL },
use pkger for embedding static contents Co-authored-by: Vikram Yadav <vyadav@pivotal.io> Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-10-15 06:49:23 +05:30
"static": func(assetPath string) string {
return path.Join(hostURL, "static", assetPath)
},
"theme": func(assetPath string) string {
return path.Join(hostURL, "themes", c.Theme, assetPath)
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
},
"lower": strings.ToLower,
"extra": func(k string) string { return c.Extra[k] },
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
group := template.New("")
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
// load all of our templates individually.
// some http.FilSystem implementations don't implement Readdir
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
loginTemplate, err := loadTemplate(c.Dir, tmplLogin, funcs, group)
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
if err != nil {
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
return nil, err
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
approvalTemplate, err := loadTemplate(c.Dir, tmplApproval, funcs, group)
if err != nil {
return nil, err
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
passwordTemplate, err := loadTemplate(c.Dir, tmplPassword, funcs, group)
if err != nil {
return nil, err
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
oobTemplate, err := loadTemplate(c.Dir, tmplOOB, funcs, group)
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
if err != nil {
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
return nil, err
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
errorTemplate, err := loadTemplate(c.Dir, tmplError, funcs, group)
if err != nil {
return nil, err
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
deviceTemplate, err := loadTemplate(c.Dir, tmplDevice, funcs, group)
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
if err != nil {
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
return nil, err
*: add theme based frontend configuration This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
2016-12-01 03:56:54 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
deviceSuccessTemplate, err := loadTemplate(c.Dir, tmplDeviceSuccess, funcs, group)
if err != nil {
return nil, err
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
_, err = loadTemplate(c.Dir, tmplHeader, funcs, group)
if err != nil {
// we don't actually care if this template exists
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
_, err = loadTemplate(c.Dir, tmplFooter, funcs, group)
if err != nil {
// we don't actually care if this template exists
}
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
return &templates{
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
loginTmpl: loginTemplate,
approvalTmpl: approvalTemplate,
passwordTmpl: passwordTemplate,
oobTmpl: oobTemplate,
errorTmpl: errorTemplate,
deviceTmpl: deviceTemplate,
deviceSuccessTmpl: deviceSuccessTemplate,
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
}, nil
}
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
// load a template by name from the templates dir
use pkger for embedding static contents Co-authored-by: Vikram Yadav <vyadav@pivotal.io> Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-10-15 06:49:23 +05:30
func loadTemplate(dir string, name string, funcs template.FuncMap, group *template.Template) (*template.Template, error) {
file, err := pkger.Open(filepath.Join(dir, "templates", name))
Use http.FileSystem for web assets Signed-off-by: Rui Yang <ryang@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2020-01-15 23:34:48 +05:30
if err != nil {
return nil, err
}
defer file.Close()
var buffer bytes.Buffer
buffer.ReadFrom(file)
contents := buffer.String()
return group.New(name).Funcs(funcs).Parse(contents)
}
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
var scopeDescriptions = map[string]string{
"offline_access": "Have offline access",
"profile": "View basic profile information",
email scope only allows access to a user's email address
2017-12-17 22:38:19 +05:30
"email": "View your email address",
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
}
initial commit
2016-07-26 01:30:28 +05:30
type connectorInfo struct {
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
ID string
Name string
URL string
Pick icons on login screen by connector type instead of ID Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2019-10-30 05:03:52 +05:30
Type string
initial commit
2016-07-26 01:30:28 +05:30
}
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
type byName []connectorInfo
func (n byName) Len() int { return len(n) }
func (n byName) Less(i, j int) bool { return n[i].Name < n[j].Name }
func (n byName) Swap(i, j int) { n[i], n[j] = n[j], n[i] }
Device flow token code exchange (#2) * Added /device/token handler with associated business logic and storage tests. Perform user code exchange, flag the device code as complete. Moved device handler code into its own file for cleanliness. Cleanup * Removed PKCE code * Rate limiting for /device/token endpoint based on ietf standards * Configurable Device expiry Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-01-29 00:44:30 +05:30
func (t *templates) device(r *http.Request, w http.ResponseWriter, postURL string, userCode string, lastWasInvalid bool) error {
Server integration test for Device Flow (#3) Extracted test cases from OAuth2Code flow tests to reuse in device flow deviceHandler unit tests to test specific device endpoints Include client secret as an optional parameter for standards compliance Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-02-04 20:37:18 +05:30
if lastWasInvalid {
w.WriteHeader(http.StatusBadRequest)
}
Device flow token code exchange (#2) * Added /device/token handler with associated business logic and storage tests. Perform user code exchange, flag the device code as complete. Moved device handler code into its own file for cleanliness. Cleanup * Removed PKCE code * Rate limiting for /device/token endpoint based on ietf standards * Configurable Device expiry Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-01-29 00:44:30 +05:30
data := struct {
PostURL string
UserCode string
Invalid bool
ReqPath string
}{postURL, userCode, lastWasInvalid, r.URL.Path}
return renderTemplate(w, t.deviceTmpl, data)
}
func (t *templates) deviceSuccess(r *http.Request, w http.ResponseWriter, clientName string) error {
data := struct {
ClientName string
ReqPath string
}{clientName, r.URL.Path}
return renderTemplate(w, t.deviceSuccessTmpl, data)
}
fix: Bump golangci-lint version and fix some linter's problems Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 02:32:29 +05:30
func (t *templates) login(r *http.Request, w http.ResponseWriter, connectors []connectorInfo) error {
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
sort.Sort(byName(connectors))
initial commit
2016-07-26 01:30:28 +05:30
data := struct {
Connectors []connectorInfo
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
ReqPath string
}{connectors, r.URL.Path}
server: modify error messages to use logrus.
2016-12-13 04:24:01 +05:30
return renderTemplate(w, t.loginTmpl, data)
initial commit
2016-07-26 01:30:28 +05:30
}
fix: Bump golangci-lint version and fix some linter's problems Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 02:32:29 +05:30
func (t *templates) password(r *http.Request, w http.ResponseWriter, postURL, lastUsername, usernamePrompt string, lastWasInvalid, showBacklink bool) error {
initial commit
2016-07-26 01:30:28 +05:30
data := struct {
password connectors: allow overriding the username attribute (password prompt) This allows users of the LDAP connector to give users of Dex' login prompt an idea of what they should enter for a username. Before, irregardless of how the LDAP connector was set up, the prompt was Username [_________________] Password [_________________] Now, this is configurable, and can be used to say "MyCorp SSO Login" if that's what it is. If it's not configured, it will default to "Username". For the passwordDB connector (local users), it is set to "Email Address", since this is what it uses. Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-11-07 14:58:21 +05:30
PostURL string
show "back" link for password connectors This way, the user who has selected, say, "Log in with Email" can make up their mind, and select a different connector instead. However, if there's only one connector set up, none of this makes sense -- and the link will thus not be displayed. Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-11-09 20:50:20 +05:30
BackLink bool
password connectors: allow overriding the username attribute (password prompt) This allows users of the LDAP connector to give users of Dex' login prompt an idea of what they should enter for a username. Before, irregardless of how the LDAP connector was set up, the prompt was Username [_________________] Password [_________________] Now, this is configurable, and can be used to say "MyCorp SSO Login" if that's what it is. If it's not configured, it will default to "Username". For the passwordDB connector (local users), it is set to "Email Address", since this is what it uses. Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-11-07 14:58:21 +05:30
Username string
UsernamePrompt string
Invalid bool
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
ReqPath string
}{postURL, showBacklink, lastUsername, usernamePrompt, lastWasInvalid, r.URL.Path}
server: modify error messages to use logrus.
2016-12-13 04:24:01 +05:30
return renderTemplate(w, t.passwordTmpl, data)
initial commit
2016-07-26 01:30:28 +05:30
}
fix: Bump golangci-lint version and fix some linter's problems Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 02:32:29 +05:30
func (t *templates) approval(r *http.Request, w http.ResponseWriter, authReqID, username, clientName string, scopes []string) error {
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
accesses := []string{}
for _, scope := range scopes {
access, ok := scopeDescriptions[scope]
if ok {
accesses = append(accesses, access)
}
}
sort.Strings(accesses)
initial commit
2016-07-26 01:30:28 +05:30
data := struct {
*: rename internally used "state" form value to "req" "state" means something specific to OAuth2 and SAML so we don't want to confuse developers who are working on this. Also don't use "session" which could easily be confused with HTTP cookies.
2016-10-27 22:50:30 +05:30
User string
Client string
AuthReqID string
Scopes []string
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
ReqPath string
}{username, clientName, authReqID, accesses, r.URL.Path}
server: modify error messages to use logrus.
2016-12-13 04:24:01 +05:30
return renderTemplate(w, t.approvalTmpl, data)
initial commit
2016-07-26 01:30:28 +05:30
}
fix: Bump golangci-lint version and fix some linter's problems Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 02:32:29 +05:30
func (t *templates) oob(r *http.Request, w http.ResponseWriter, code string) error {
*: port oob template
2016-10-20 01:15:17 +05:30
data := struct {
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
Code string
ReqPath string
}{code, r.URL.Path}
server: modify error messages to use logrus.
2016-12-13 04:24:01 +05:30
return renderTemplate(w, t.oobTmpl, data)
*: port oob template
2016-10-20 01:15:17 +05:30
}
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
func (t *templates) err(r *http.Request, w http.ResponseWriter, errCode int, errMsg string) error {
Set a proper status code before sending an error status page
2017-12-01 10:53:45 +05:30
w.WriteHeader(errCode)
server: add error HTML templates with error description.
2016-12-15 03:47:59 +05:30
data := struct {
ErrType string
ErrMsg string
templates: add new relativeURL function Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
2019-09-27 19:34:43 +05:30
ReqPath string
}{http.StatusText(errCode), errMsg, r.URL.Path}
Set a proper status code before sending an error status page
2017-12-01 10:53:45 +05:30
if err := t.errorTmpl.Execute(w, data); err != nil {
fix: Bump golangci-lint version and fix some linter's problems Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 02:32:29 +05:30
return fmt.Errorf("rendering template %s failed: %s", t.errorTmpl.Name(), err)
Set a proper status code before sending an error status page
2017-12-01 10:53:45 +05:30
}
return nil
server: add error HTML templates with error description.
2016-12-15 03:47:59 +05:30
}
*: fix comment typos found with github.com/client9/misspell
2016-12-14 01:53:16 +05:30
// small io.Writer utility to determine if executing the template wrote to the underlying response writer.
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
type writeRecorder struct {
wrote bool
w io.Writer
}
func (w *writeRecorder) Write(p []byte) (n int, err error) {
w.wrote = true
return w.w.Write(p)
}
initial commit
2016-07-26 01:30:28 +05:30
server: modify error messages to use logrus.
2016-12-13 04:24:01 +05:30
func renderTemplate(w http.ResponseWriter, tmpl *template.Template, data interface{}) error {
*: switch dex to the ported templates
2016-08-26 01:40:19 +05:30
wr := &writeRecorder{w: w}
if err := tmpl.Execute(wr, data); err != nil {
if !wr.wrote {
// TODO(ericchiang): replace with better internal server error.
http.Error(w, "Internal server error", http.StatusInternalServerError)
}
fix: Bump golangci-lint version and fix some linter's problems Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 02:32:29 +05:30
return fmt.Errorf("rendering template %s failed: %s", tmpl.Name(), err)
initial commit
2016-07-26 01:30:28 +05:30
}
server: modify error messages to use logrus.
2016-12-13 04:24:01 +05:30
return nil
initial commit
2016-07-26 01:30:28 +05:30
}