mirror of
https://github.com/openziti/zrok.git
synced 2024-12-27 00:58:49 +01:00
53940d51ab
* added tls support to controller and access proxies * few pr comments
77 lines
1.6 KiB
Go
77 lines
1.6 KiB
Go
package publicProxy
|
|
|
|
import (
|
|
"context"
|
|
"github.com/michaelquigley/cf"
|
|
"github.com/openziti/zrok/endpoints"
|
|
"github.com/pkg/errors"
|
|
"github.com/sirupsen/logrus"
|
|
zhttp "github.com/zitadel/oidc/v2/pkg/http"
|
|
)
|
|
|
|
const V = 3
|
|
|
|
type Config struct {
|
|
V int
|
|
Identity string
|
|
Address string
|
|
HostMatch string
|
|
Oauth *OauthConfig
|
|
Tls *endpoints.TlsConfig
|
|
}
|
|
|
|
type OauthConfig struct {
|
|
BindAddress string
|
|
RedirectUrl string
|
|
CookieDomain string
|
|
HashKey string `cf:"+secret"`
|
|
Providers []*OauthProviderConfig
|
|
}
|
|
|
|
func (oc *OauthConfig) GetProvider(name string) *OauthProviderConfig {
|
|
for _, provider := range oc.Providers {
|
|
if provider.Name == name {
|
|
return provider
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type OauthProviderConfig struct {
|
|
Name string
|
|
ClientId string
|
|
ClientSecret string `cf:"+secret"`
|
|
}
|
|
|
|
func DefaultConfig() *Config {
|
|
return &Config{
|
|
Identity: "public",
|
|
Address: "0.0.0.0:8080",
|
|
}
|
|
}
|
|
|
|
func (c *Config) Load(path string) error {
|
|
if err := cf.BindYaml(c, path, cf.DefaultOptions()); err != nil {
|
|
return errors.Wrapf(err, "error loading frontend config '%v'", path)
|
|
}
|
|
if c.V != V {
|
|
return errors.Errorf("invalid configuration version '%d'; expected '%d'", c.V, V)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func configureOauthHandlers(ctx context.Context, cfg *Config, tls bool) error {
|
|
if cfg.Oauth == nil {
|
|
logrus.Info("no oauth configuration; skipping oauth handler startup")
|
|
return nil
|
|
}
|
|
if err := configureGoogleOauth(cfg.Oauth, tls); err != nil {
|
|
return err
|
|
}
|
|
if err := configureGithubOauth(cfg.Oauth, tls); err != nil {
|
|
return err
|
|
}
|
|
zhttp.StartServer(ctx, cfg.Oauth.BindAddress)
|
|
return nil
|
|
}
|