3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-30 09:27:19 +02:00
Code Issues Projects Releases Packages Wiki Activity

internal/config: refactor option parsing

Browse source 
- authorize: build whitelist from policy's URLs instead of strings.
- internal/httputil: merged httputil and https package.
- internal/config: merged config and policy packages.
- internal/metrics: removed unused measure struct.
- proxy/clients: refactor Addr fields to be urls.
- proxy: remove unused extend deadline function.
- proxy: use handler middleware for reverse proxy leg.
- proxy: change the way websocket requests are made (route based).

General improvements
- omitted value from range in several cases where for loop could be simplified.
- added error checking to many tests.
- standardize url parsing.
- remove unnecessary return statements.

- proxy: add self-signed certificate support. #179
- proxy: add skip tls certificate verification. #179
- proxy: Refactor websocket support to be route based. #204
This commit is contained in:
Bobby DeSimone 2019-07-04 10:12:25 -07:00
parent 28efa3359b
commit 7558d5b0de
No known key found for this signature in database
GPG key ID: AEE4CF12FE86D07E
38 changed files with 1354 additions and 1079 deletions
Download patch file Download diff file Expand all files Collapse all files

8
authenticate/authenticate.go
View file

@ -18,7 +18,7 @@ import (
// The checks do not modify the internal state of the Option structure. Returns
// on first error found.
func ValidateOptions(o config.Options) error {
if o.AuthenticateURL.Hostname() == "" {
if o.AuthenticateURL == nil {
return errors.New("authenticate: 'AUTHENTICATE_SERVICE_URL' missing")
}
if o.ClientID == "" {
@ -35,7 +35,7 @@ func ValidateOptions(o config.Options) error {
return fmt.Errorf("authenticate: 'COOKIE_SECRET' must be base64 encoded: %v", err)
}
if len(decodedCookieSecret) != 32 {
return fmt.Errorf("authenticate: 'COOKIE_SECRET' should be 32; got %d", len(decodedCookieSecret))
return fmt.Errorf("authenticate: 'COOKIE_SECRET' %s be 32; got %d", o.CookieSecret, len(decodedCookieSecret))
}
return nil
}
@ -80,7 +80,7 @@ func New(opts config.Options) (*Authenticate, error) {
provider, err := identity.New(
opts.Provider,
&identity.Provider{
RedirectURL: &redirectURL,
RedirectURL: redirectURL,
ProviderName: opts.Provider,
ProviderURL: opts.ProviderURL,
ClientID: opts.ClientID,
@ -97,7 +97,7 @@ func New(opts config.Options) (*Authenticate, error) {
}
return &Authenticate{
SharedKey: opts.SharedKey,
RedirectURL: &redirectURL,
RedirectURL: redirectURL,
templates: templates.New(),
csrfStore: cookieStore,
sessionStore: cookieStore,