TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-06-04 02:42:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
GoDoxy/internal/net/http/middleware/oidc.go

60 lines
1.5 KiB
Go
Raw Blame History

package middleware
import (
"net/http"
"github.com/yusing/go-proxy/internal/api/v1/auth"
E "github.com/yusing/go-proxy/internal/error"
)
type oidcMiddleware struct {
AllowedUsers []string `json:"allowed_users"`
auth auth.Provider
authMux *http.ServeMux
logoutHandler http.HandlerFunc
}
var OIDC = NewMiddleware[oidcMiddleware]()
const (
OIDCMiddlewareCallbackPath = "/auth/callback"
OIDCLogoutPath = "/auth/logout"
)
func (amw *oidcMiddleware) finalize() error {
if !auth.IsOIDCEnabled() {
return E.New("OIDC not enabled but Auth middleware is used")
}
authProvider, err := auth.NewOIDCProviderFromEnv()
if err != nil {
return err
}
authProvider.SetOverrideHostEnabled(true)
if len(amw.AllowedUsers) > 0 {
authProvider.SetAllowedUsers(amw.AllowedUsers)
}
amw.authMux = http.NewServeMux()
amw.authMux.HandleFunc(OIDCMiddlewareCallbackPath, authProvider.LoginCallbackHandler)
amw.authMux.HandleFunc(OIDCLogoutPath, func(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Unauthorized", http.StatusUnauthorized)
})
amw.authMux.HandleFunc("/", authProvider.RedirectLoginPage)
amw.logoutHandler = auth.LogoutCallbackHandler(authProvider)
amw.auth = authProvider
return nil
}
func (amw *oidcMiddleware) before(w http.ResponseWriter, r *http.Request) (proceed bool) {
if err := amw.auth.CheckToken(w, r); err != nil {
amw.authMux.ServeHTTP(w, r)
return false
}
if r.URL.Path == OIDCLogoutPath {
amw.logoutHandler(w, r)
return false
}
return true
}
Reference in a new issue View git blame Copy permalink