realign legacy oauth support for tesing (#987)

controller/share.go

@@ -22,6 +22,8 @@ func newShareHandler() *shareHandler {
 }
 
 func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	logrus.Info("handling")
+
 	trx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction: %v", err)
@@ -147,6 +149,8 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
 			skipInterstitial = true
 		}
 
+		logrus.Infof("allocating public resources for '%v'", shrToken)
+
 		shrZId, frontendEndpoints, err = newPublicResourceAllocator().allocate(envZId, shrToken, frontendZIds, frontendTemplates, params, !skipInterstitial, edge)
 		if err != nil {
 			logrus.Error(err)

controller/sharePublic.go

@@ -29,6 +29,13 @@ func (a *publicResourceAllocator) allocate(envZId, shrToken string, frontendZIds
 	switch authScheme {
 	case sdk.Basic:
 		options.AuthSecrets = true
+
+	case sdk.Oauth:
+		options.AuthScheme = authScheme
+		options.Oauth = &sdk.OauthConfig{
+			Provider:     params.Body.OauthProvider,
+			EmailDomains: params.Body.OauthEmailDomains,
+		}
 	}
 	cfgId, err := zrokEdgeSdk.CreateConfig(zrokProxyConfigId, envZId, shrToken, options, edge)
 	if err != nil {

endpoints/publicProxy/http.go

@@ -232,6 +232,7 @@ func (h *httpHandler) handleBasicAuth(w http.ResponseWriter, r *http.Request, sh
 }
 
 func (h *httpHandler) handleOAuthAuth(w http.ResponseWriter, r *http.Request, shrToken string, proxyConfig map[string]interface{}) bool {
+	logrus.Infof("handling '%v'", shrToken)
 	if oauthCfg, found := proxyConfig["oauth"]; found {
 		if provider, found := oauthCfg.(map[string]interface{})["provider"]; found {
 			authCheckInterval := h.getAuthCheckInterval(oauthCfg)
@@ -311,6 +312,8 @@ func (h *httpHandler) validateOAuthCookie(w http.ResponseWriter, r *http.Request
 		return false
 	}
 
+	logrus.Infof("validated oauth cookie for '%v'", target)
+
 	return true
 }
 
@@ -383,6 +386,8 @@ func (h *httpHandler) handleAuth(w http.ResponseWriter, r *http.Request, shrToke
 		}
 	}
 
+	logrus.Infof("authScheme = %v", authScheme)
+
 	if authScheme != "" {
 		switch authScheme {
 		case string(sdk.None):
@@ -392,7 +397,7 @@ func (h *httpHandler) handleAuth(w http.ResponseWriter, r *http.Request, shrToke
 			logrus.Debugf("auth scheme basic '%v", shrToken)
 			return h.handleBasicAuth(w, r, shrToken, secrets)
 		case string(sdk.Oauth):
-			logrus.Debugf("auth scheme oauth '%v'", shrToken)
+			logrus.Infof("auth scheme oauth '%v'", shrToken)
 			return h.handleOAuthAuth(w, r, shrToken, proxyConfig)
 		default:
 			logrus.Infof("invalid auth scheme '%v'", authScheme)
@@ -428,6 +433,8 @@ func (h *httpHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	logrus.Infof("proxyConfig = %v", proxyConfig)
+
 	if h.handleInterstitial(w, r, proxyConfig) {
 		return
 	}

rest_model_zrok/share_request.go

@@ -25,7 +25,7 @@ type ShareRequest struct {
 	AccessGrants []string `json:"accessGrants"`
 
 	// auth scheme
-	// Enum: [none basic oidc]
+	// Enum: [none basic oauth]
 	AuthScheme string `json:"authScheme,omitempty"`
 
 	// auth users
@@ -107,7 +107,7 @@ var shareRequestTypeAuthSchemePropEnum []interface{}
 
 func init() {
 	var res []string
-	if err := json.Unmarshal([]byte(`["none","basic","oidc"]`), &res); err != nil {
+	if err := json.Unmarshal([]byte(`["none","basic","oauth"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
@@ -123,8 +123,8 @@ const (
 	// ShareRequestAuthSchemeBasic captures enum value "basic"
 	ShareRequestAuthSchemeBasic string = "basic"
 
-	// ShareRequestAuthSchemeOidc captures enum value "oidc"
-	ShareRequestAuthSchemeOidc string = "oidc"
+	// ShareRequestAuthSchemeOauth captures enum value "oauth"
+	ShareRequestAuthSchemeOauth string = "oauth"
 )
 
 // prop value enum

rest_server_zrok/embedded_spec.go

@@ -2844,7 +2844,7 @@ func init() {
           "enum": [
             "none",
             "basic",
-            "oidc"
+            "oauth"
           ]
         },
         "authUsers": {
@@ -5803,7 +5803,7 @@ func init() {
           "enum": [
             "none",
             "basic",
-            "oidc"
+            "oauth"
           ]
         },
         "authUsers": {

sdk/nodejs/sdk/src/api/models/ShareRequest.ts

@@ -144,7 +144,7 @@ export type ShareRequestBackendModeEnum = typeof ShareRequestBackendModeEnum[key
 export const ShareRequestAuthSchemeEnum = {
     None: 'none',
     Basic: 'basic',
-    Oidc: 'oidc'
+    Oauth: 'oauth'
 } as const;
 export type ShareRequestAuthSchemeEnum = typeof ShareRequestAuthSchemeEnum[keyof typeof ShareRequestAuthSchemeEnum];
 

sdk/python/src/zrok_api/models/share_request.py

@@ -69,8 +69,8 @@ class ShareRequest(BaseModel):
         if value is None:
             return value
 
-        if value not in set(['none', 'basic', 'oidc']):
-            raise ValueError("must be one of enum values ('none', 'basic', 'oidc')")
+        if value not in set(['none', 'basic', 'oauth']):
+            raise ValueError("must be one of enum values ('none', 'basic', 'oauth')")
         return value
 
     @field_validator('oauth_provider')

specs/zrok.yml

@@ -1786,7 +1786,7 @@ definitions:
         type: string
       authScheme:
         type: string
-        enum: ["none", "basic", "oidc"]
+        enum: ["none", "basic", "oauth"]
       authUsers:
         type: array
         items:

ui/src/api/models/ShareRequest.ts

@@ -144,7 +144,7 @@ export type ShareRequestBackendModeEnum = typeof ShareRequestBackendModeEnum[key
 export const ShareRequestAuthSchemeEnum = {
     None: 'none',
     Basic: 'basic',
-    Oidc: 'oidc'
+    Oauth: 'oauth'
 } as const;
 export type ShareRequestAuthSchemeEnum = typeof ShareRequestAuthSchemeEnum[keyof typeof ShareRequestAuthSchemeEnum];