From a1c7198738a2166102099cbd185d216bf1fc3e7c Mon Sep 17 00:00:00 2001 From: seuf Date: Tue, 24 Nov 2020 10:39:12 +0100 Subject: [PATCH] Rename config header to userHeader Signed-off-by: seuf --- connector/authproxy/authproxy.go | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/connector/authproxy/authproxy.go b/connector/authproxy/authproxy.go index ee9f6d6b..da8c0e98 100644 --- a/connector/authproxy/authproxy.go +++ b/connector/authproxy/authproxy.go @@ -15,23 +15,18 @@ import ( // Config holds the configuration parameters for a connector which returns an // identity with the HTTP header X-Remote-User as verified email. type Config struct { - HeaderName string `json:"headerName"` - Groups []string `json:"groups"` + UserHeader string `json:"userHeader"` } // Open returns an authentication strategy which requires no user interaction. func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) { - if c.HeaderName == "" { - c.HeaderName = "X-Remote-User" - } - return &callback{headerName: c.HeaderName, logger: logger, pathSuffix: "/" + id, groups: c.Groups}, nil + return &callback{UserHeader: c.UserHeader, logger: logger, pathSuffix: "/" + id}, nil } // Callback is a connector which returns an identity with the HTTP header // X-Remote-User as verified email. type callback struct { - headerName string - groups []string + UserHeader string logger log.Logger pathSuffix string } @@ -51,9 +46,13 @@ func (m *callback) LoginURL(s connector.Scopes, callbackURL, state string) (stri // HandleCallback parses the request and returns the user's identity func (m *callback) HandleCallback(s connector.Scopes, r *http.Request) (connector.Identity, error) { - remoteUser := r.Header.Get(m.headerName) + userHeader := "X-Remote-User" // Default value + if m.UserHeader != "" { + userHeader = m.UserHeader + } + remoteUser := r.Header.Get(userHeader) if remoteUser == "" { - return connector.Identity{}, fmt.Errorf("required HTTP header %s is not set", m.headerName) + return connector.Identity{}, fmt.Errorf("required HTTP header %s is not set", m.UserHeader) } // TODO: add support for X-Remote-Group, see // https://kubernetes.io/docs/admin/authentication/#authenticating-proxy @@ -61,6 +60,5 @@ func (m *callback) HandleCallback(s connector.Scopes, r *http.Request) (connecto UserID: remoteUser, // TODO: figure out if this is a bad ID value. Email: remoteUser, EmailVerified: true, - Groups: m.groups, }, nil }