Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
G
go-sso
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
6
Issues
6
List
Boards
Labels
Service Desk
Milestones
Merge Requests
2
Merge Requests
2
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
id
go-sso
Commits
07c9a990
Commit
07c9a990
authored
Jan 27, 2019
by
ale
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Redirect the user to a configurable URL when accessing homepage by mistake
Fixes issue
#6
.
parent
b1c0a012
Pipeline
#2145
passed with stages
in 1 minute and 50 seconds
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
26 additions
and
13 deletions
+26
-13
server/config.go
server/config.go
+11
-13
server/http.go
server/http.go
+15
-0
No files found.
server/config.go
View file @
07c9a990
...
...
@@ -36,6 +36,7 @@ type Config struct {
AuthService
string
`yaml:"auth_service"`
U2FAppID
string
`yaml:"u2f_app_id"`
URLPrefix
string
`yaml:"url_path_prefix"`
HomepageRedirectURL
string
`yaml:"homepage_redirect_url"`
DeviceManager
*
device
.
Config
`yaml:"device_manager"`
KeyStore
*
clientutil
.
BackendConfig
`yaml:"keystore"`
KeyStoreEnableGroups
[]
string
`yaml:"keystore_enable_groups"`
...
...
@@ -45,26 +46,23 @@ type Config struct {
}
// Check syntax (missing required values).
//
// nolint: gocyclo
func
(
c
*
Config
)
valid
()
error
{
if
c
.
SecretKeyFile
==
""
{
switch
{
case
c
.
SecretKeyFile
==
""
:
return
errors
.
New
(
"secret_key_file is empty"
)
}
if
c
.
PublicKeyFile
==
""
{
case
c
.
PublicKeyFile
==
""
:
return
errors
.
New
(
"public_key_file is empty"
)
}
if
c
.
Domain
==
""
{
case
c
.
Domain
==
""
:
return
errors
.
New
(
"domain is empty"
)
}
if
len
(
c
.
AllowedServices
)
==
0
{
case
len
(
c
.
AllowedServices
)
==
0
:
return
errors
.
New
(
"the list of allowed services is empty"
)
}
if
c
.
AuthService
==
""
{
case
c
.
AuthService
==
""
:
return
errors
.
New
(
"auth_service is empty"
)
}
if
c
.
U2FAppID
!=
""
&&
!
strings
.
HasPrefix
(
c
.
U2FAppID
,
"https://"
)
{
case
c
.
U2FAppID
!=
""
&&
!
strings
.
HasPrefix
(
c
.
U2FAppID
,
"https://"
)
:
return
errors
.
New
(
"u2f_app_id does not start with https://"
)
}
if
c
.
URLPrefix
!=
""
&&
!
strings
.
HasPrefix
(
c
.
URLPrefix
,
"/"
)
{
case
c
.
URLPrefix
!=
""
&&
!
strings
.
HasPrefix
(
c
.
URLPrefix
,
"/"
)
:
return
errors
.
New
(
"url_path_prefix does not start with /"
)
}
...
...
server/http.go
View file @
07c9a990
...
...
@@ -93,6 +93,7 @@ type Server struct {
csrfSecret
[]
byte
tpl
*
template
.
Template
urlPrefix
string
homepageRedirectURL
string
}
func
sl2bl
(
sl
[]
string
)
[][]
byte
{
...
...
@@ -120,6 +121,7 @@ func New(loginService *LoginService, authClient authclient.Client, config *Confi
authSessionStore
:
store
,
loginService
:
loginService
,
urlPrefix
:
urlPrefix
,
homepageRedirectURL
:
config
.
HomepageRedirectURL
,
tpl
:
parseEmbeddedTemplates
(),
}
if
config
.
CSRFSecret
!=
""
{
...
...
@@ -252,6 +254,19 @@ func (h *Server) handleHomepage(w http.ResponseWriter, req *http.Request, sessio
}
}
// If the above parameters are unset, we're probably faced with a user
// that reached this URL by other means. Redirect them to the
// configured homepageRedirectURL, or at least return a slightly more
// user-friendly error.
if
service
==
""
||
destination
==
""
{
if
h
.
homepageRedirectURL
!=
""
{
http
.
Redirect
(
w
,
req
,
h
.
homepageRedirectURL
,
http
.
StatusFound
)
}
else
{
http
.
Error
(
w
,
"You are not supposed to reach this page directly. Use the back button in your browser instead."
,
http
.
StatusBadRequest
)
}
return
}
// Make the authorization request.
token
,
err
:=
h
.
loginService
.
Authorize
(
username
,
service
,
destination
,
nonce
,
groups
)
if
err
!=
nil
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment