gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2024-09-20 23:36:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1865 from gravitl/refactor_remove_frontend_url

Browse source 
Make FRONTEND_URL param required only for UI login
This commit is contained in:
dcarns 2023-01-03 12:17:15 -05:00 committed by GitHub
parent 62f05e7635 8ae9896ea3
commit 124e1731f7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 32 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
auth/auth.go
View file

@ -4,7 +4,6 @@ import (
"encoding/base64"
"encoding/json"
"errors"
"fmt"
"net/http"
"strings"
@ -73,10 +72,6 @@ func InitializeAuthProvider() string {
logger.Log(0, err.Error())
return ""
}
var currentFrontendURL = servercfg.GetFrontendURL()
if currentFrontendURL == "" {
return ""
}
var authInfo = servercfg.GetAuthProviderInfo()
var serverConn = servercfg.GetAPIHost()
if strings.Contains(serverConn, "localhost") || strings.Contains(serverConn, "127.0.0.1") {
@ -100,8 +95,7 @@ func InitializeAuthProvider() string {
// Note: not included in API reference as part of the OAuth process itself.
func HandleAuthCallback(w http.ResponseWriter, r *http.Request) {
if auth_provider == nil {
w.Header().Set("Content-Type", "text/html; charset=utf-8")
_, _ = fmt.Fprintln(w, oauthNotConfigured)
handleOauthNotConfigured(w)
return
}
var functions = getCurrentAuthFunctions()
@ -128,19 +122,17 @@ func HandleAuthCallback(w http.ResponseWriter, r *http.Request) {
// oauth
func HandleAuthLogin(w http.ResponseWriter, r *http.Request) {
if auth_provider == nil {
var referer = r.Header.Get("referer")
if referer != "" {
http.Redirect(w, r, referer+"login?oauth=callback-error", http.StatusTemporaryRedirect)
return
}
w.Header().Set("Content-Type", "text/html; charset=utf-8")
_, _ = fmt.Fprintln(w, oauthNotConfigured)
handleOauthNotConfigured(w)
return
}
var functions = getCurrentAuthFunctions()
if functions == nil {
return
}
if servercfg.GetFrontendURL() == "" {
handleOauthNotConfigured(w)
return
}
functions[handle_login].(func(http.ResponseWriter, *http.Request))(w, r)
}

11
auth/azure-ad.go
View file

@ -37,16 +37,13 @@ func initAzureAD(redirectURL string, clientID string, clientSecret string) {
func handleAzureLogin(w http.ResponseWriter, r *http.Request) {
var oauth_state_string = logic.RandomString(user_signin_length)
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
return
} else if auth_provider == nil {
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
if auth_provider == nil {
handleOauthNotConfigured(w)
return
}
if err := logic.SetState(oauth_state_string); err != nil {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
@ -60,7 +57,7 @@ func handleAzureCallback(w http.ResponseWriter, r *http.Request) {
var content, err = getAzureUserInfo(rState, rCode)
if err != nil {
logger.Log(1, "error when getting user info from azure:", err.Error())
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
_, err = logic.GetUser(content.UserPrincipalName)

9
auth/error.go
View file

@ -1,5 +1,7 @@
package auth
import "net/http"
// == define error HTML here ==
const oauthNotConfigured = `<!DOCTYPE html><html>
<body>
@ -7,3 +9,10 @@ const oauthNotConfigured = `<!DOCTYPE html><html>
<p>Please visit the docs <a href="https://docs.netmaker.org/oauth.html" target="_blank" rel="noopener">here</a> to learn how to.</p>
</body>
</html>`
// handleOauthNotConfigured - returns an appropriate html page when oauth is not configured on netmaker server but an oauth login was attempted
func handleOauthNotConfigured(response http.ResponseWriter) {
response.Header().Set("Content-Type", "text/html; charset=utf-8")
response.WriteHeader(http.StatusInternalServerError)
response.Write([]byte(oauthNotConfigured))
}

11
auth/github.go
View file

@ -37,16 +37,13 @@ func initGithub(redirectURL string, clientID string, clientSecret string) {
func handleGithubLogin(w http.ResponseWriter, r *http.Request) {
var oauth_state_string = logic.RandomString(user_signin_length)
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
return
} else if auth_provider == nil {
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
if auth_provider == nil {
handleOauthNotConfigured(w)
return
}
if err := logic.SetState(oauth_state_string); err != nil {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
@ -60,7 +57,7 @@ func handleGithubCallback(w http.ResponseWriter, r *http.Request) {
var content, err = getGithubUserInfo(rState, rCode)
if err != nil {
logger.Log(1, "error when getting user info from github:", err.Error())
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
_, err = logic.GetUser(content.Login)

11
auth/google.go
View file

@ -38,16 +38,13 @@ func initGoogle(redirectURL string, clientID string, clientSecret string) {
func handleGoogleLogin(w http.ResponseWriter, r *http.Request) {
var oauth_state_string = logic.RandomString(user_signin_length)
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
return
} else if auth_provider == nil {
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
if auth_provider == nil {
handleOauthNotConfigured(w)
return
}
if err := logic.SetState(oauth_state_string); err != nil {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
@ -62,7 +59,7 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
var content, err = getGoogleUserInfo(rState, rCode)
if err != nil {
logger.Log(1, "error when getting user info from google:", err.Error())
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
_, err = logic.GetUser(content.Email)

3
auth/nodecallback.go
View file

@ -13,7 +13,6 @@ import (
"github.com/gravitl/netmaker/logic/pro/netcache"
"github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/models/promodels"
"github.com/gravitl/netmaker/servercfg"
)
var (
@ -41,7 +40,7 @@ func HandleNodeSSOCallback(w http.ResponseWriter, r *http.Request) {
var userClaims, err = functions[get_user_info].(func(string, string) (*OAuthUser, error))(state, code)
if err != nil {
logger.Log(0, "error when getting user info from callback:", err.Error())
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}

11
auth/oidc.go
View file

@ -50,16 +50,13 @@ func initOIDC(redirectURL string, clientID string, clientSecret string, issuer s
func handleOIDCLogin(w http.ResponseWriter, r *http.Request) {
var oauth_state_string = logic.RandomString(user_signin_length)
if auth_provider == nil && servercfg.GetFrontendURL() != "" {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
return
} else if auth_provider == nil {
fmt.Fprintf(w, "%s", []byte("no frontend URL was provided and an OAuth login was attempted\nplease reconfigure server to use OAuth or use basic credentials"))
if auth_provider == nil {
handleOauthNotConfigured(w)
return
}
if err := logic.SetState(oauth_state_string); err != nil {
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
var url = auth_provider.AuthCodeURL(oauth_state_string)
@ -73,7 +70,7 @@ func handleOIDCCallback(w http.ResponseWriter, r *http.Request) {
var content, err = getOIDCUserInfo(rState, rCode)
if err != nil {
logger.Log(1, "error when getting user info from callback:", err.Error())
http.Redirect(w, r, servercfg.GetFrontendURL()+"/login?oauth=callback-error", http.StatusTemporaryRedirect)
handleOauthNotConfigured(w)
return
}
_, err = logic.GetUser(content.Email)