nicoeri/filebrowser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jwt-header namespace for config

Browse Source
This commit is contained in:
Travis Johnson 2023-08-30 23:40:08 -07:00
parent 177d39a233
commit edf16121db
1 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
cmd/config.go
View File

@ -34,12 +34,13 @@ func addConfigFlags(flags *pflag.FlagSet) {
flags.String("shell", "", "shell command to which other commands should be appended") flags.String("shell", "", "shell command to which other commands should be appended")
flags.String("auth.method", string(auth.MethodJSONAuth), "authentication type") flags.String("auth.method", string(auth.MethodJSONAuth), "authentication type")
flags.String("auth.header", "", "HTTP header for auth.method=proxy and auth.method=jwt-header") flags.String("auth.header", "", "HTTP header for auth.method=proxy")
flags.String("auth.command", "", "command for auth.method=hook") flags.String("auth.command", "", "command for auth.method=hook")
flags.String("auth.aud", "", "The Application Audience (AUD) tag for JWT validation auth.method=jwt-header") flags.String("auth.jwt-header.header", "", "HTTP header for auth.method=jwt-header")
flags.String("auth.iss", "", "The Issuer (AUD) for JWT validation auth.method=jwt-header") flags.String("auth.jwt-header.aud", "", "The Application Audience (AUD) tag for JWT validation auth.method=jwt-header")
flags.String("auth.certsurl", "", "The URL to download certs from for JWT validation auth.method=jwt-header") flags.String("auth.jwt-header.iss", "", "The Issuer (AUD) for JWT validation auth.method=jwt-header")
flags.String("auth.claim", "", "The claim which will contain the username auth.method=jwt-header") flags.String("auth.jwt-header.certsurl", "", "The URL to download certs from for JWT validation auth.method=jwt-header")
flags.String("auth.jwt-header.usernameClaim", "", "The claim which will contain the username auth.method=jwt-header")
flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China") flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China")
flags.String("recaptcha.key", "", "ReCaptcha site key") flags.String("recaptcha.key", "", "ReCaptcha site key")
@ -89,11 +90,11 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
} }
if method == auth.MethodJWTAuth { if method == auth.MethodJWTAuth {
header := mustGetString(flags, "auth.header") header := mustGetString(flags, "auth.jwt-header.header")
aud := mustGetString(flags, "auth.aud") aud := mustGetString(flags, "auth.jwt-header.aud")
iss := mustGetString(flags, "auth.iss") iss := mustGetString(flags, "auth.jwt-header.iss")
certsurl := mustGetString(flags, "auth.certsurl") certsurl := mustGetString(flags, "auth.jwt-header.certsurl")
claim := mustGetString(flags, "auth.claim") usernameClaim := mustGetString(flags, "auth.usernameClaim")
if header == "" { if header == "" {
checkErr(nerrors.New("you must set the flag 'auth.header' for method 'jwt-header'")) checkErr(nerrors.New("you must set the flag 'auth.header' for method 'jwt-header'"))
@ -107,7 +108,7 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
if certsurl == "" { if certsurl == "" {
checkErr(nerrors.New("you must set the flag 'auth.certsurl' for method 'jwt-header'")) checkErr(nerrors.New("you must set the flag 'auth.certsurl' for method 'jwt-header'"))
} }
if claim == "" { if usernameClaim == "" {
checkErr(nerrors.New("you must set the flag 'auth.claim' for method 'jwt-header'")) checkErr(nerrors.New("you must set the flag 'auth.claim' for method 'jwt-header'"))
} }
@ -116,7 +117,7 @@ func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.
Aud: aud, Aud: aud,
Iss: iss, Iss: iss,
CertsURL: certsurl, CertsURL: certsurl,
UsernameClaim: claim, UsernameClaim: usernameClaim,
} }
} }