support oauth flags for the 'zrok reserve' command (#421)

2025-01-11 00:18:43 +01:00 · 2023-10-25 11:32:08 -04:00 · 2023-10-25 11:32:08 -04:00 · 9f018e730f
commit 9f018e730f
parent 7f23d7980b
1 changed files with 20 additions and 5 deletions
--- a/cmd/zrok/reserve.go
+++ b/cmd/zrok/reserve.go
@ -7,6 +7,7 @@ import (
 	"github.com/openziti/zrok/tui"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+	"time"
 )

 func init() {
@ -14,10 +15,13 @@ func init() {
 }

 type reserveCommand struct {
-	basicAuth         []string
-	frontendSelection []string
-	backendMode       string
-	cmd               *cobra.Command
+	basicAuth          []string
+	frontendSelection  []string
+	backendMode        string
+	oauthProvider      string
+	oauthEmailDomains  []string
+	oauthCheckInterval time.Duration
+	cmd                *cobra.Command
 }

 func newReserveCommand() *reserveCommand {
@ -27,9 +31,15 @@ func newReserveCommand() *reserveCommand {
 		Args:  cobra.ExactArgs(2),
 	}
 	command := &reserveCommand{cmd: cmd}
-	cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
 	cmd.Flags().StringArrayVar(&command.frontendSelection, "frontends", []string{"public"}, "Selected frontends to use for the share")
 	cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, <tcpTunnel, udpTunnel>, caddy}")
+
+	cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
+	cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]")
+	cmd.Flags().StringArrayVar(&command.oauthEmailDomains, "oauth-email-domains", []string{}, "Allow only these email domains to authenticate via OAuth")
+	cmd.Flags().DurationVar(&command.oauthCheckInterval, "oauth-check-interval", 3*time.Hour, "Maximum lifetime for OAuth authentication; reauthenticate after expiry")
+	cmd.MarkFlagsMutuallyExclusive("basic-auth", "oauth-provider")
+
 	cmd.Run = command.run
 	return command
 }
@ -89,6 +99,11 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 	if shareMode == sdk.PublicShareMode {
 		req.Frontends = cmd.frontendSelection
 	}
+	if cmd.oauthProvider != "" {
+		req.OauthProvider = cmd.oauthProvider
+		req.OauthEmailDomains = cmd.oauthEmailDomains
+		req.OauthAuthorizationCheckInterval = cmd.oauthCheckInterval
+	}
 	shr, err := sdk.CreateShare(env, req)
 	if err != nil {
 		if !panicInstead {