nicoeri/filebrowser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jwt-header namespace for config

Browse Source
This commit is contained in:
Travis Johnson 2023-08-30 23:40:08 -07:00
parent 177d39a233
commit edf16121db
1 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
cmd/config.go
View File

@ -34,12 +34,13 @@ func addConfigFlags(flags *pflag.FlagSet) {
flags.String("shell", "", "shell command to which other commands should be appended")
flags.String("auth.method", string(auth.MethodJSONAuth), "authentication type")
flags.String("auth.header", "", "HTTP header for auth.method=proxy and auth.method=jwt-header")
flags.String("auth.header", "", "HTTP header for auth.method=proxy")
flags.String("auth.command", "", "command for auth.method=hook")
flags.String("auth.aud", "", "The Application Audience (AUD) tag for JWT validation auth.method=jwt-header")
flags.String("auth.iss", "", "The Issuer (AUD) for JWT validation auth.method=jwt-header")
flags.String("auth.certsurl", "", "The URL to download certs from for JWT validation auth.method=jwt-header")
flags.String("auth.claim", "", "The claim which will contain the username auth.method=jwt-header")
flags.String("auth.jwt-header.header", "", "HTTP header for auth.method=jwt-header")
flags.String("auth.jwt-header.aud", "", "The Application Audience (AUD) tag for JWT validation auth.method=jwt-header")
flags.String("auth.jwt-header.iss", "", "The Issuer (AUD) for JWT validation auth.method=jwt-header")
flags.String("auth.jwt-header.certsurl", "", "The URL to download certs from for JWT validation auth.method=jwt-header")
flags.String("auth.jwt-header.usernameClaim", "", "The claim which will contain the username auth.method=jwt-header")
flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China")
flags.String("recaptcha.key", "", "ReCaptcha site key")
@ -89,11 +90,11 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
}
if method == auth.MethodJWTAuth {
header := mustGetString(flags, "auth.header")
aud := mustGetString(flags, "auth.aud")
iss := mustGetString(flags, "auth.iss")
certsurl := mustGetString(flags, "auth.certsurl")
claim := mustGetString(flags, "auth.claim")
header := mustGetString(flags, "auth.jwt-header.header")
aud := mustGetString(flags, "auth.jwt-header.aud")
iss := mustGetString(flags, "auth.jwt-header.iss")
certsurl := mustGetString(flags, "auth.jwt-header.certsurl")
usernameClaim := mustGetString(flags, "auth.usernameClaim")
if header == "" {
checkErr(nerrors.New("you must set the flag 'auth.header' for method 'jwt-header'"))
@ -107,7 +108,7 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
if certsurl == "" {
checkErr(nerrors.New("you must set the flag 'auth.certsurl' for method 'jwt-header'"))
}
if claim == "" {
if usernameClaim == "" {
checkErr(nerrors.New("you must set the flag 'auth.claim' for method 'jwt-header'"))
}
@ -116,7 +117,7 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
Aud: aud,
Iss: iss,
CertsURL: certsurl,
UsernameClaim: claim,
UsernameClaim: usernameClaim,
}
}