loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

setup.go (2938B)


      1 package caddy
      2 
      3 import (
      4 	"flag"
      5 	"fmt"
      6 	"os"
      7 	"path"
      8 	"path/filepath"
      9 	"strings"
     10 
     11 	"github.com/caddyserver/caddy"
     12 	"github.com/caddyserver/caddy/caddyhttp/httpserver"
     13 	"github.com/tarent/loginsrv/logging"
     14 	"github.com/tarent/loginsrv/login"
     15 
     16 	// Import all backends, packaged with the caddy plugin
     17 	_ "github.com/tarent/loginsrv/htpasswd"
     18 	_ "github.com/tarent/loginsrv/httpupstream"
     19 	_ "github.com/tarent/loginsrv/oauth2"
     20 	_ "github.com/tarent/loginsrv/osiam"
     21 )
     22 
     23 func init() {
     24 	caddy.RegisterPlugin("login", caddy.Plugin{
     25 		ServerType: "http",
     26 		Action:     setup,
     27 	})
     28 }
     29 
     30 // setup configures a new loginsrv instance.
     31 func setup(c *caddy.Controller) error {
     32 	logging.Set("info", true)
     33 
     34 	for c.Next() {
     35 		args := c.RemainingArgs()
     36 
     37 		config, err := parseConfig(c)
     38 		if err != nil {
     39 			return err
     40 		}
     41 
     42 		if config.Template != "" && !filepath.IsAbs(config.Template) {
     43 			config.Template = filepath.Join(httpserver.GetConfig(c).Root, config.Template)
     44 		}
     45 
     46 		if len(args) == 1 {
     47 			logging.Logger.Warnf("DEPRECATED: Please set the login path by parameter login_path and not as directive argument (%v:%v)", c.File(), c.Line())
     48 			config.LoginPath = path.Join(args[0], "/login")
     49 		}
     50 
     51 		loginHandler, err := login.NewHandler(config)
     52 		if err != nil {
     53 			return err
     54 		}
     55 
     56 		httpserver.GetConfig(c).AddMiddleware(func(next httpserver.Handler) httpserver.Handler {
     57 			return NewCaddyHandler(next, loginHandler, config)
     58 		})
     59 	}
     60 
     61 	return nil
     62 }
     63 
     64 func parseConfig(c *caddy.Controller) (*login.Config, error) {
     65 	cfg := login.DefaultConfig()
     66 	cfg.Host = ""
     67 	cfg.Port = ""
     68 	cfg.LogLevel = ""
     69 
     70 	fs := flag.NewFlagSet("loginsrv-config", flag.ContinueOnError)
     71 	cfg.ConfigureFlagSet(fs)
     72 
     73 	secretProvidedByConfig := false
     74 	for c.NextBlock() {
     75 		// caddy prefers '_' in parameter names,
     76 		// so we map them to the '-' from the command line flags
     77 		// the replacement supports both, for backwards compatibility
     78 		name := strings.Replace(c.Val(), "_", "-", -1)
     79 		args := c.RemainingArgs()
     80 		if len(args) != 1 {
     81 			return cfg, fmt.Errorf("Wrong number of arguments for %v: %v (%v:%v)", name, args, c.File(), c.Line())
     82 		}
     83 		value := args[0]
     84 
     85 		f := fs.Lookup(name)
     86 		if f == nil {
     87 			return cfg, fmt.Errorf("Unknown parameter for login directive: %v (%v:%v)", name, c.File(), c.Line())
     88 		}
     89 		err := f.Value.Set(value)
     90 		if err != nil {
     91 			return cfg, fmt.Errorf("Invalid value for parameter %v: %v (%v:%v)", name, value, c.File(), c.Line())
     92 		}
     93 
     94 		if name == "jwt-secret" {
     95 			secretProvidedByConfig = true
     96 		}
     97 	}
     98 
     99 	if err := cfg.ResolveFileReferences(); err != nil {
    100 		return nil, err
    101 	}
    102 
    103 	secretFromEnv, secretFromEnvWasSetBefore := os.LookupEnv("JWT_SECRET")
    104 	if !secretProvidedByConfig && secretFromEnvWasSetBefore {
    105 		cfg.JwtSecret = secretFromEnv
    106 	}
    107 	if !secretFromEnvWasSetBefore {
    108 		// populate the secret to caddy.jwt,
    109 		// but do not change a environment variable, which somebody has set it.
    110 		os.Setenv("JWT_SECRET", cfg.JwtSecret)
    111 	}
    112 
    113 	return cfg, nil
    114 }