loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

commit 7492300307ee18fd46b6df2575429d292bc72c9c
parent 759f01ff62bcbc812a277e981bc02eac55346bf3
Author: Sebastian Mancke <s.mancke@tarent.de>
Date:   Tue, 16 May 2017 08:09:56 +0200

Merge pull request #19 from magikstm/master

Correct a typo in an error message and a few other minor typos
Diffstat:
MREADME.md | 16++++++++--------
Mcaddy/README.md | 10+++++-----
Mcaddy/demo/README.md | 2+-
Mhtpasswd/auth.go | 2+-
Mlogin/handler_test.go | 2+-
Mmodel/user_info.go | 2+-
6 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md @@ -28,7 +28,7 @@ The following providers (login backends) are supported. * [Simple](#simple) (user/password pairs by configuration) * [Oauth2](#oauth2) * Github Login - * .. google and facebook will come soon .. + * .. Google and Facebook will come soon .. ## Questions @@ -39,7 +39,7 @@ For questions and support please use the [Gitter chat room](https://gitter.im/ta ## Configuration and Startup ### Config Options -_Note for caddy users_: Not all parameters are available in caddy. See the table for details. Incaddy, the parameter names can be also be used with `_` in the names, e.g. `cookie_http_only`. +_Note for Caddy users_: Not all parameters are available in Caddy. See the table for details. With Caddy, the parameter names can be also be used with `_` in the names, e.g. `cookie_http_only`. | Parameter | Type | Default | Caddy | Description | |-------------------|-------------|--------------|-------|--------------------------------------------------------------------------------------| @@ -96,7 +96,7 @@ Starts the Oauth Web Flow with the configured provider. E.g. `GET /login/github` ### POST /login -Perfoms the login and returns the JWT. Depending on the content-type, and parameters a classical JSON-Rest or a redirect can be performed. +Performs the login and returns the JWT. Depending on the content-type and parameters, a classical JSON-Rest or a redirect can be performed. #### Runtime Parameters @@ -114,7 +114,7 @@ Perfoms the login and returns the JWT. Depending on the content-type, and parame | Code | Meaning | Description | |------| ----------------------|----------------------------| | 200 | OK | Successfully authenticated | -| 403 | Forbidden | The Credentials are wrong | +| 403 | Forbidden | The credentials are wrong | | 400 | Bad Request | Missing parameters | | 500 | Internal Server Error | Internal error, e.g. the login provider is not available or failed | | 303 | See Other | Sets the JWT as a cookie, if the login succeeds and redirect to the urls provided in `redirectSuccess` or `redirectError` | @@ -142,7 +142,7 @@ eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJib2IifQ.-51G5JQmpJleARHp8rIljBcz ``` #### Example: Credentials as JSON -The Credentials also could be send as JSON encoded. +The credentials can also be sent JSON encoded. ``` curl -i -H 'Content-Type: application/json' --data '{"username": "bob", "password": "secret"}' http://127.0.0.1:6789/login HTTP/1.1 200 OK @@ -192,9 +192,9 @@ loginsrv -backend 'provider=htpasswd,file=users ### OSIAM [OSIAM](http://osiam.org/) is a secure identity management solution providing REST based services for authentication and authorization. -It implements the multplie OAuth2 flows, as well as SCIM for managing the user data. +It implements the multiple OAuth2 flows, as well as SCIM for managing the user data. -To start loginsrv against the default osiam configuration on the same machine, use the following example. +To start loginsrv against the default OSIAM configuration on the same machine, use the following example. ``` loginsrv --jwt-secret=jwtsecret --text-logging -backend 'provider=osiam,endpoint=http://localhost:8080,clientId=example-client,clientSecret=secret' ``` @@ -226,7 +226,7 @@ An Oauth Provider supports the following parameters: | redirect_uri | Alternative Redirect URI (optional) | When configuring the oauth parameters at your external oauth provider, a redirect uri has to be supplied. This redirect uri has to point to the path `/login/<provider>`. -If not supplied, the oauth redirect uri is caclulated out of the current url. This should work in most cases and should even work +If not supplied, the oauth redirect uri is calculated out of the current url. This should work in most cases and should even work if loginsrv is routed through a reverse proxy, if the headers `X-Forwarded-Host` and `X-Forwarded-Proto` are set correctly. ### Github Startup Example diff --git a/caddy/README.md b/caddy/README.md @@ -1,6 +1,6 @@ -# loginsrv caddy middleware +# loginsrv Caddy middleware -Login plugin for caddy, based on [tarent/loginsrv](https://github.com/tarent/loginsrv). +Login plugin for Caddy, based on [tarent/loginsrv](https://github.com/tarent/loginsrv). The login is checked against a backend and then returned as JWT token. This middleware is designed to play together with the [caddy-jwt](https://github.com/BTBurke/caddy-jwt) plugin. @@ -9,12 +9,12 @@ For a full documentation of loginsrv configuration and usage, visit the [loginsr A small demo can also be found in the [./demo](https://github.com/tarent/loginsrv/tree/master/caddy/demo) directory. ## Configuration -To be compatible with caddy-jwt, the jwt secret is taken from the enviroment variable `JWT_SECRET` -if such a variable is set. Otherwise, a random token is generated and set as enviroment variable JWT_SECRET, +To be compatible with caddy-jwt, the jwt secret is taken from the environment variable `JWT_SECRET` +if such a variable is set. Otherwise, a random token is generated and set as environment variable JWT_SECRET, so that caddy-jwt looks up the same shared secret. ### Basic configuration -Providing a login resource unter /login, for user bob with password secret: +Provide a login resource under /login, for user bob with password secret: ``` login / { simple bob=secret diff --git a/caddy/demo/README.md b/caddy/demo/README.md @@ -1,7 +1,7 @@ # Caddy login demo This directory contains a small demo on how to secure a -directory or file by loginsrv and caddy. +directory or file by loginsrv and Caddy. Please start it from this directory with diff --git a/htpasswd/auth.go b/htpasswd/auth.go @@ -70,7 +70,7 @@ func (a *Auth) Authenticate(username, password string) (bool, error) { if strings.HasPrefix(hash, "$apr1$") { return compareMD5(h, p), nil } - return false, fmt.Errorf("unknown algorythm for user %q", username) + return false, fmt.Errorf("unknown algorithm for user %q", username) } return false, nil } diff --git a/login/handler_test.go b/login/handler_test.go @@ -435,7 +435,7 @@ func (m *oauth2ManagerMock) GetConfigFromRequest(r *http.Request) (oauth2.Config } // copied from golang: net/http/cookie.go -// with simple some simplification fro edge cases +// with some simplifications for edge cases // readSetCookies parses all "Set-Cookie" values from // the header h and returns the successfully parsed Cookies. func readSetCookies(h http.Header) []*http.Cookie { diff --git a/model/user_info.go b/model/user_info.go @@ -6,7 +6,7 @@ import ( ) // UserInfo holds the parameters returned by the backends. -// This information wir be serialized to build the JWT token contents. +// This information will be serialized to build the JWT token contents. type UserInfo struct { Sub string `json:"sub"` Picture string `json:"picture,omitempty"`