Allow configuration of groups for authproxy
Signed-off-by: seuf <seuf76@gmail.com>
This commit is contained in:
parent
a12a919d3e
commit
f19bccfc92
1 changed files with 5 additions and 2 deletions
|
@ -15,7 +15,8 @@ import (
|
|||
// Config holds the configuration parameters for a connector which returns an
|
||||
// identity with the HTTP header X-Remote-User as verified email.
|
||||
type Config struct {
|
||||
HeaderName string `json:"headerName"`
|
||||
HeaderName string `json:"headerName"`
|
||||
Groups []string `json:"groups"`
|
||||
}
|
||||
|
||||
// Open returns an authentication strategy which requires no user interaction.
|
||||
|
@ -23,13 +24,14 @@ func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error)
|
|||
if c.HeaderName == "" {
|
||||
c.HeaderName = "X-Remote-User"
|
||||
}
|
||||
return &callback{headerName: c.HeaderName, logger: logger, pathSuffix: "/" + id}, nil
|
||||
return &callback{headerName: c.HeaderName, logger: logger, pathSuffix: "/" + id, groups: c.Groups}, nil
|
||||
}
|
||||
|
||||
// Callback is a connector which returns an identity with the HTTP header
|
||||
// X-Remote-User as verified email.
|
||||
type callback struct {
|
||||
headerName string
|
||||
groups []string
|
||||
logger log.Logger
|
||||
pathSuffix string
|
||||
}
|
||||
|
@ -59,5 +61,6 @@ func (m *callback) HandleCallback(s connector.Scopes, r *http.Request) (connecto
|
|||
UserID: remoteUser, // TODO: figure out if this is a bad ID value.
|
||||
Email: remoteUser,
|
||||
EmailVerified: true,
|
||||
Groups: m.groups,
|
||||
}, nil
|
||||
}
|
||||
|
|
Reference in a new issue