mirror of
https://github.com/TwiN/gatus.git
synced 2024-11-21 23:43:27 +01:00
oidc: Log when a subject tries to authenticate but isn't allowed
This commit is contained in:
parent
dd5e3ee7ee
commit
139a78b2f6
2
go.mod
2
go.mod
@ -5,6 +5,7 @@ go 1.17
|
||||
require (
|
||||
github.com/TwiN/g8 v1.2.0
|
||||
github.com/TwiN/gocache v1.2.4
|
||||
github.com/TwiN/gocache/v2 v2.0.0
|
||||
github.com/TwiN/health v1.3.0
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/cespare/xxhash/v2 v2.1.2 // indirect
|
||||
@ -51,7 +52,6 @@ require (
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/TwiN/gocache/v2 v2.0.0 // indirect
|
||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 // indirect
|
||||
google.golang.org/appengine v1.6.6 // indirect
|
||||
gopkg.in/square/go-jose.v2 v2.5.1 // indirect
|
||||
|
@ -27,7 +27,7 @@ type OIDCConfig struct {
|
||||
|
||||
// isValid returns whether the basic security configuration is valid or not
|
||||
func (c *OIDCConfig) isValid() bool {
|
||||
return len(c.IssuerURL) > 0 && len(c.RedirectURL) > 0 && len(c.ClientID) > 0 && len(c.ClientSecret) > 0 && len(c.Scopes) > 0
|
||||
return len(c.IssuerURL) > 0 && len(c.RedirectURL) > 0 && strings.HasSuffix(c.RedirectURL, "/authorization-code/callback") && len(c.ClientID) > 0 && len(c.ClientSecret) > 0 && len(c.Scopes) > 0
|
||||
}
|
||||
|
||||
func (c *OIDCConfig) initialize() error {
|
||||
@ -123,7 +123,7 @@ func (c *OIDCConfig) callbackHandler(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
}
|
||||
log.Println("user is not in the list of allowed subjects")
|
||||
log.Printf("[security][callbackHandler] Subject %s is not in the list of allowed subjects", idToken.Subject)
|
||||
http.Redirect(w, r, "/login?error=access_denied", http.StatusFound)
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user