allow override allowed_user in middleware, fix typos

internal/api/v1/auth/oidc.go

@@ -107,16 +107,16 @@ func (auth *OIDCProvider) CheckToken(w http.ResponseWriter, r *http.Request) err
 	return nil
 }
 
-// generateState generates a random string for ODIC state.
-const odicStateLength = 32
+// generateState generates a random string for OIDC state.
+const oidcStateLength = 32
 
 func generateState() (string, error) {
-	b := make([]byte, odicStateLength)
+	b := make([]byte, oidcStateLength)
 	_, err := rand.Read(b)
 	if err != nil {
 		return "", err
 	}
-	return base64.URLEncoding.EncodeToString(b)[:odicStateLength], nil
+	return base64.URLEncoding.EncodeToString(b)[:oidcStateLength], nil
 }
 
 // RedirectOIDC initiates the OIDC login flow.

internal/net/http/middleware/middlewares.go

@@ -14,7 +14,7 @@ import (
 var allMiddlewares = map[string]*Middleware{
 	"redirecthttp": RedirectHTTP,
 
-	"auth": OIDC,
+	"oidc": OIDC,
 
 	"request":        ModifyRequest,
 	"modifyrequest":  ModifyRequest,

internal/net/http/middleware/oidc.go

@@ -8,7 +8,7 @@ import (
 )
 
 type oidcMiddleware struct {
-	AllowedUsers []string
+	AllowedUsers []string `json:"allowed_users"`
 
 	auth          auth.Provider
 	authMux       *http.ServeMux
@@ -30,7 +30,12 @@ func (amw *oidcMiddleware) finalize() error {
 	if err != nil {
 		return err
 	}
+
 	authProvider.SetOverrideHostEnabled(true)
+	if len(amw.AllowedUsers) > 0 {
+		authProvider.SetAllowedUsers(amw.AllowedUsers)
+	}
+
 	amw.authMux = http.NewServeMux()
 	amw.authMux.HandleFunc(OIDCMiddlewareCallbackPath, authProvider.LoginCallbackHandler)
 	amw.authMux.HandleFunc(OIDCLogoutPath, func(w http.ResponseWriter, r *http.Request) {