setup.go (2938B)
1 package caddy 2 3 import ( 4 "flag" 5 "fmt" 6 "os" 7 "path" 8 "path/filepath" 9 "strings" 10 11 "github.com/caddyserver/caddy" 12 "github.com/caddyserver/caddy/caddyhttp/httpserver" 13 "github.com/tarent/loginsrv/logging" 14 "github.com/tarent/loginsrv/login" 15 16 // Import all backends, packaged with the caddy plugin 17 _ "github.com/tarent/loginsrv/htpasswd" 18 _ "github.com/tarent/loginsrv/httpupstream" 19 _ "github.com/tarent/loginsrv/oauth2" 20 _ "github.com/tarent/loginsrv/osiam" 21 ) 22 23 func init() { 24 caddy.RegisterPlugin("login", caddy.Plugin{ 25 ServerType: "http", 26 Action: setup, 27 }) 28 } 29 30 // setup configures a new loginsrv instance. 31 func setup(c *caddy.Controller) error { 32 logging.Set("info", true) 33 34 for c.Next() { 35 args := c.RemainingArgs() 36 37 config, err := parseConfig(c) 38 if err != nil { 39 return err 40 } 41 42 if config.Template != "" && !filepath.IsAbs(config.Template) { 43 config.Template = filepath.Join(httpserver.GetConfig(c).Root, config.Template) 44 } 45 46 if len(args) == 1 { 47 logging.Logger.Warnf("DEPRECATED: Please set the login path by parameter login_path and not as directive argument (%v:%v)", c.File(), c.Line()) 48 config.LoginPath = path.Join(args[0], "/login") 49 } 50 51 loginHandler, err := login.NewHandler(config) 52 if err != nil { 53 return err 54 } 55 56 httpserver.GetConfig(c).AddMiddleware(func(next httpserver.Handler) httpserver.Handler { 57 return NewCaddyHandler(next, loginHandler, config) 58 }) 59 } 60 61 return nil 62 } 63 64 func parseConfig(c *caddy.Controller) (*login.Config, error) { 65 cfg := login.DefaultConfig() 66 cfg.Host = "" 67 cfg.Port = "" 68 cfg.LogLevel = "" 69 70 fs := flag.NewFlagSet("loginsrv-config", flag.ContinueOnError) 71 cfg.ConfigureFlagSet(fs) 72 73 secretProvidedByConfig := false 74 for c.NextBlock() { 75 // caddy prefers '_' in parameter names, 76 // so we map them to the '-' from the command line flags 77 // the replacement supports both, for backwards compatibility 78 name := strings.Replace(c.Val(), "_", "-", -1) 79 args := c.RemainingArgs() 80 if len(args) != 1 { 81 return cfg, fmt.Errorf("Wrong number of arguments for %v: %v (%v:%v)", name, args, c.File(), c.Line()) 82 } 83 value := args[0] 84 85 f := fs.Lookup(name) 86 if f == nil { 87 return cfg, fmt.Errorf("Unknown parameter for login directive: %v (%v:%v)", name, c.File(), c.Line()) 88 } 89 err := f.Value.Set(value) 90 if err != nil { 91 return cfg, fmt.Errorf("Invalid value for parameter %v: %v (%v:%v)", name, value, c.File(), c.Line()) 92 } 93 94 if name == "jwt-secret" { 95 secretProvidedByConfig = true 96 } 97 } 98 99 if err := cfg.ResolveFileReferences(); err != nil { 100 return nil, err 101 } 102 103 secretFromEnv, secretFromEnvWasSetBefore := os.LookupEnv("JWT_SECRET") 104 if !secretProvidedByConfig && secretFromEnvWasSetBefore { 105 cfg.JwtSecret = secretFromEnv 106 } 107 if !secretFromEnvWasSetBefore { 108 // populate the secret to caddy.jwt, 109 // but do not change a environment variable, which somebody has set it. 110 os.Setenv("JWT_SECRET", cfg.JwtSecret) 111 } 112 113 return cfg, nil 114 }