mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 23:36:18 +08:00
Merge pull request #1865 from gravitl/refactor_remove_frontend_url
Make FRONTEND_URL param required only for UI login
This commit is contained in:
commit
124e1731f7
20
auth/auth.go
20
auth/auth.go
|
@ -4,7 +4,6 @@ import (
|
|||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
|
@ -73,10 +72,6 @@ func InitializeAuthProvider() string {
|
|||
logger.Log(0, err.Error())
|
||||
return ""
|
||||
}
|
||||
var currentFrontendURL = servercfg.GetFrontendURL()
|
||||
if currentFrontendURL == "" {
|
||||
return ""
|
||||
}
|
||||
var authInfo = servercfg.GetAuthProviderInfo()
|
||||
var serverConn = servercfg.GetAPIHost()
|
||||
if strings.Contains(serverConn, "localhost") || strings.Contains(serverConn, "127.0.0.1") {
|
||||
|
@ -100,8 +95,7 @@ func InitializeAuthProvider() string {
|
|||
// Note: not included in API reference as part of the OAuth process itself.
|
||||
func HandleAuthCallback(w http.ResponseWriter, r *http.Request) {
|
||||
if auth_provider == nil {
|
||||
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
||||
_, _ = fmt.Fprintln(w, oauthNotConfigured)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
var functions = getCurrentAuthFunctions()
|
||||
|
@ -128,19 +122,17 @@ func HandleAuthCallback(w http.ResponseWriter, r *http.Request) {
|
|||
// oauth
|
||||
func HandleAuthLogin(w http.ResponseWriter, r *http.Request) {
|
||||
if auth_provider == nil {
|
||||
var referer = r.Header.Get("referer")
|
||||
if referer != "" {
|
||||
http.Redirect(w, r, referer+"login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
||||
_, _ = fmt.Fprintln(w, oauthNotConfigured)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
var functions = getCurrentAuthFunctions()
|
||||
if functions == nil {
|
||||
return
|
||||
}
|
||||
if servercfg.GetFrontendURL() == "" {
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
functions[handle_login].(func(http.ResponseWriter, *http.Request))(w, r)
|
||||
}
|
||||
|
||||
|
|
|
@ -37,16 +37,13 @@ func initAzureAD(redirectURL string, clientID string, clientSecret string) {
|
|||
|
||||
func handleAzureLogin(w http.ResponseWriter, r *http.Request) {
|
||||
var oauth_state_string = logic.RandomString(user_signin_length)
|
||||
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
return
|
||||
} else if auth_provider == nil {
|
||||
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
|
||||
if auth_provider == nil {
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
if err := logic.SetState(oauth_state_string); err != nil {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -60,7 +57,7 @@ func handleAzureCallback(w http.ResponseWriter, r *http.Request) {
|
|||
var content, err = getAzureUserInfo(rState, rCode)
|
||||
if err != nil {
|
||||
logger.Log(1, "error when getting user info from azure:", err.Error())
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
_, err = logic.GetUser(content.UserPrincipalName)
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
package auth
|
||||
|
||||
import "net/http"
|
||||
|
||||
// == define error HTML here ==
|
||||
const oauthNotConfigured = `<!DOCTYPE html><html>
|
||||
<body>
|
||||
|
@ -7,3 +9,10 @@ const oauthNotConfigured = `<!DOCTYPE html><html>
|
|||
<p>Please visit the docs <a href="https://docs.netmaker.org/oauth.html" target="_blank" rel="noopener">here</a> to learn how to.</p>
|
||||
</body>
|
||||
</html>`
|
||||
|
||||
// handleOauthNotConfigured - returns an appropriate html page when oauth is not configured on netmaker server but an oauth login was attempted
|
||||
func handleOauthNotConfigured(response http.ResponseWriter) {
|
||||
response.Header().Set("Content-Type", "text/html; charset=utf-8")
|
||||
response.WriteHeader(http.StatusInternalServerError)
|
||||
response.Write([]byte(oauthNotConfigured))
|
||||
}
|
||||
|
|
|
@ -37,16 +37,13 @@ func initGithub(redirectURL string, clientID string, clientSecret string) {
|
|||
|
||||
func handleGithubLogin(w http.ResponseWriter, r *http.Request) {
|
||||
var oauth_state_string = logic.RandomString(user_signin_length)
|
||||
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
return
|
||||
} else if auth_provider == nil {
|
||||
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
|
||||
if auth_provider == nil {
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
if err := logic.SetState(oauth_state_string); err != nil {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -60,7 +57,7 @@ func handleGithubCallback(w http.ResponseWriter, r *http.Request) {
|
|||
var content, err = getGithubUserInfo(rState, rCode)
|
||||
if err != nil {
|
||||
logger.Log(1, "error when getting user info from github:", err.Error())
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
_, err = logic.GetUser(content.Login)
|
||||
|
|
|
@ -38,16 +38,13 @@ func initGoogle(redirectURL string, clientID string, clientSecret string) {
|
|||
|
||||
func handleGoogleLogin(w http.ResponseWriter, r *http.Request) {
|
||||
var oauth_state_string = logic.RandomString(user_signin_length)
|
||||
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
return
|
||||
} else if auth_provider == nil {
|
||||
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
|
||||
if auth_provider == nil {
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
if err := logic.SetState(oauth_state_string); err != nil {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -62,7 +59,7 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
|
|||
var content, err = getGoogleUserInfo(rState, rCode)
|
||||
if err != nil {
|
||||
logger.Log(1, "error when getting user info from google:", err.Error())
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
_, err = logic.GetUser(content.Email)
|
||||
|
|
|
@ -13,7 +13,6 @@ import (
|
|||
"github.com/gravitl/netmaker/logic/pro/netcache"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
"github.com/gravitl/netmaker/models/promodels"
|
||||
"github.com/gravitl/netmaker/servercfg"
|
||||
)
|
||||
|
||||
var (
|
||||
|
@ -41,7 +40,7 @@ func HandleNodeSSOCallback(w http.ResponseWriter, r *http.Request) {
|
|||
var userClaims, err = functions[get_user_info].(func(string, string) (*OAuthUser, error))(state, code)
|
||||
if err != nil {
|
||||
logger.Log(0, "error when getting user info from callback:", err.Error())
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
11
auth/oidc.go
11
auth/oidc.go
|
@ -50,16 +50,13 @@ func initOIDC(redirectURL string, clientID string, clientSecret string, issuer s
|
|||
|
||||
func handleOIDCLogin(w http.ResponseWriter, r *http.Request) {
|
||||
var oauth_state_string = logic.RandomString(user_signin_length)
|
||||
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
return
|
||||
} else if auth_provider == nil {
|
||||
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
|
||||
if auth_provider == nil {
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
|
||||
if err := logic.SetState(oauth_state_string); err != nil {
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
var url = auth_provider.AuthCodeURL(oauth_state_string)
|
||||
|
@ -73,7 +70,7 @@ func handleOIDCCallback(w http.ResponseWriter, r *http.Request) {
|
|||
var content, err = getOIDCUserInfo(rState, rCode)
|
||||
if err != nil {
|
||||
logger.Log(1, "error when getting user info from callback:", err.Error())
|
||||
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
|
||||
handleOauthNotConfigured(w)
|
||||
return
|
||||
}
|
||||
_, err = logic.GetUser(content.Email)
|
||||
|
|
Loading…
Reference in a new issue