2023-04-18 19:38:32 +02:00
|
|
|
package publicProxy
|
2022-09-06 21:01:38 +02:00
|
|
|
|
|
|
|
import (
|
2023-09-26 19:42:41 +02:00
|
|
|
"context"
|
2022-09-06 21:01:38 +02:00
|
|
|
"github.com/michaelquigley/cf"
|
2024-01-17 22:37:46 +01:00
|
|
|
"github.com/openziti/zrok/endpoints"
|
2022-09-06 21:01:38 +02:00
|
|
|
"github.com/pkg/errors"
|
2023-09-26 19:42:41 +02:00
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
zhttp "github.com/zitadel/oidc/v2/pkg/http"
|
2022-09-06 21:01:38 +02:00
|
|
|
)
|
|
|
|
|
2023-10-18 17:47:26 +02:00
|
|
|
const V = 3
|
2023-10-17 03:18:28 +02:00
|
|
|
|
2022-09-06 21:01:38 +02:00
|
|
|
type Config struct {
|
2023-10-17 03:18:28 +02:00
|
|
|
V int
|
2022-10-18 17:07:18 +02:00
|
|
|
Identity string
|
|
|
|
Address string
|
|
|
|
HostMatch string
|
2023-09-05 16:55:55 +02:00
|
|
|
Oauth *OauthConfig
|
2024-01-17 22:37:46 +01:00
|
|
|
Tls *endpoints.TlsConfig
|
2023-09-05 16:55:55 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
type OauthConfig struct {
|
2023-10-18 17:47:26 +02:00
|
|
|
BindAddress string
|
|
|
|
RedirectUrl string
|
|
|
|
CookieDomain string
|
|
|
|
HashKey string `cf:"+secret"`
|
|
|
|
Providers []*OauthProviderConfig
|
2023-09-05 16:55:55 +02:00
|
|
|
}
|
|
|
|
|
2023-09-26 19:42:41 +02:00
|
|
|
func (oc *OauthConfig) GetProvider(name string) *OauthProviderConfig {
|
2023-09-05 16:55:55 +02:00
|
|
|
for _, provider := range oc.Providers {
|
|
|
|
if provider.Name == name {
|
|
|
|
return provider
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-09-26 19:42:41 +02:00
|
|
|
type OauthProviderConfig struct {
|
2023-09-05 16:55:55 +02:00
|
|
|
Name string
|
|
|
|
ClientId string
|
2023-09-26 19:43:42 +02:00
|
|
|
ClientSecret string `cf:"+secret"`
|
2022-10-18 17:07:18 +02:00
|
|
|
}
|
|
|
|
|
2022-09-06 21:01:38 +02:00
|
|
|
func DefaultConfig() *Config {
|
|
|
|
return &Config{
|
2023-07-17 19:51:51 +02:00
|
|
|
Identity: "public",
|
2023-03-07 18:57:35 +01:00
|
|
|
Address: "0.0.0.0:8080",
|
2022-09-06 21:01:38 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Config) Load(path string) error {
|
|
|
|
if err := cf.BindYaml(c, path, cf.DefaultOptions()); err != nil {
|
|
|
|
return errors.Wrapf(err, "error loading frontend config '%v'", path)
|
|
|
|
}
|
2023-10-17 03:18:28 +02:00
|
|
|
if c.V != V {
|
|
|
|
return errors.Errorf("invalid configuration version '%d'; expected '%d'", c.V, V)
|
|
|
|
}
|
2022-09-06 21:01:38 +02:00
|
|
|
return nil
|
|
|
|
}
|
2023-09-26 19:42:41 +02:00
|
|
|
|
|
|
|
func configureOauthHandlers(ctx context.Context, cfg *Config, tls bool) error {
|
|
|
|
if cfg.Oauth == nil {
|
|
|
|
logrus.Info("no oauth configuration; skipping oauth handler startup")
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
if err := configureGoogleOauth(cfg.Oauth, tls); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if err := configureGithubOauth(cfg.Oauth, tls); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-10-18 17:47:26 +02:00
|
|
|
zhttp.StartServer(ctx, cfg.Oauth.BindAddress)
|
2023-09-26 19:42:41 +02:00
|
|
|
return nil
|
|
|
|
}
|