Skip to content

Commit

Permalink
Porting of Azure AD provider largely complete
Browse files Browse the repository at this point in the history
  • Loading branch information
sporkmonger committed Nov 16, 2018
1 parent 67940ad commit cc767b3
Show file tree
Hide file tree
Showing 16 changed files with 906 additions and 124 deletions.
10 changes: 5 additions & 5 deletions internal/auth/authenticator.go
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ func (p *Authenticator) newMux() http.Handler {
serviceMux.HandleFunc("/start", p.withMethods(p.OAuthStart, "GET"))
serviceMux.HandleFunc("/sign_in", p.withMethods(p.validateClientID(p.validateRedirectURI(p.validateSignature(p.SignIn))), "GET"))
serviceMux.HandleFunc("/sign_out", p.withMethods(p.validateRedirectURI(p.validateSignature(p.SignOut)), "GET", "POST"))
serviceMux.HandleFunc("/oauth2/callback", p.withMethods(p.OAuthCallback, "GET"))
serviceMux.HandleFunc("/oauth2/callback", p.withMethods(p.OAuthCallback, "GET", "POST"))
serviceMux.HandleFunc("/profile", p.withMethods(p.validateClientID(p.validateClientSecret(p.GetProfile)), "GET"))
serviceMux.HandleFunc("/validate", p.withMethods(p.validateClientID(p.validateClientSecret(p.ValidateToken)), "GET"))
serviceMux.HandleFunc("/redeem", p.withMethods(p.validateClientID(p.validateClientSecret(p.Redeem)), "POST"))
Expand Down Expand Up @@ -533,8 +533,8 @@ func (p *Authenticator) OAuthStart(rw http.ResponseWriter, req *http.Request) {
// Here we validate the redirect that is nested within the redirect_uri.
// `authRedirectURL` points to step D, `proxyRedirectURL` points to step E.
//
// A* B C D E
// /start -> Google -> auth /callback -> /sign_in -> proxy /callback
// A* B C D E
// /start -> IdP -> auth /callback -> /sign_in -> proxy /callback
//
// * you are here
proxyRedirectURL, err := url.Parse(authRedirectURL.Query().Get("redirect_uri"))
Expand All @@ -558,7 +558,7 @@ func (p *Authenticator) OAuthStart(rw http.ResponseWriter, req *http.Request) {

func (p *Authenticator) redeemCode(host, code string) (*sessions.SessionState, error) {
// The authenticator redeems `code` for an access token, and uses the token to request user
// info from the provider (Google).
// info from the provider.

redirectURI := p.GetRedirectURI(host)
// see providers/google.go#Redeem for more info
Expand All @@ -574,7 +574,7 @@ func (p *Authenticator) redeemCode(host, code string) (*sessions.SessionState, e
}

func (p *Authenticator) getOAuthCallback(rw http.ResponseWriter, req *http.Request) (string, error) {
// After the provider (Google) redirects back to the sso proxy, the proxy uses this
// After the provider redirects back to the sso proxy, the proxy uses this
// endpoint to set up auth cookies.
logger := log.NewLogEntry()

Expand Down
2 changes: 2 additions & 0 deletions internal/auth/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -313,6 +313,8 @@ func AssignStatsdClient(opts *Options) func(*Authenticator) error {

proxy.StatsdClient = StatsdClient
switch v := proxy.provider.(type) {
case *providers.AzureV2Provider:
v.SetStatsdClient(StatsdClient)
case *providers.GoogleProvider:
v.SetStatsdClient(StatsdClient)
case *providers.SingleFlightProvider:
Expand Down
Loading

0 comments on commit cc767b3

Please sign in to comment.