3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-26 04:58:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

authenticate: have an option to trim the contents of the callback (#4090)

Browse source
This commit is contained in:
Denis Mishin 2023-03-31 11:48:31 -04:00 committed by GitHub
parent 7d53575bdb
commit 860a881fe0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
authenticate/config.go
View file

@ -3,10 +3,12 @@ package authenticate
import ( import (
"github.com/pomerium/pomerium/config" "github.com/pomerium/pomerium/config"
"github.com/pomerium/pomerium/internal/identity" "github.com/pomerium/pomerium/internal/identity"
identitypb "github.com/pomerium/pomerium/pkg/grpc/identity"
) )
type authenticateConfig struct { type authenticateConfig struct {
getIdentityProvider func(options *config.Options, idpID string) (identity.Authenticator, error) getIdentityProvider func(options *config.Options, idpID string) (identity.Authenticator, error)
profileTrimFn func(*identitypb.Profile)
} }
// An Option customizes the Authenticate config. // An Option customizes the Authenticate config.
@ -27,3 +29,10 @@ func WithGetIdentityProvider(getIdentityProvider func(options *config.Options, i
cfg.getIdentityProvider = getIdentityProvider cfg.getIdentityProvider = getIdentityProvider
} }
} }
// WithProfileTrimFn sets the profileTrimFn function in the config
func WithProfileTrimFn(profileTrimFn func(*identitypb.Profile)) Option {
return func(cfg *authenticateConfig) {
cfg.profileTrimFn = profileTrimFn
}
}

4
authenticate/handlers.go
View file

@ -212,6 +212,10 @@ func (a *Authenticate) SignIn(w http.ResponseWriter, r *http.Request) error {
return httputil.NewError(http.StatusBadRequest, err) return httputil.NewError(http.StatusBadRequest, err)
} }
if a.cfg.profileTrimFn != nil {
a.cfg.profileTrimFn(profile)
}
redirectTo, err := urlutil.CallbackURL(state.hpkePrivateKey, proxyPublicKey, requestParams, profile) redirectTo, err := urlutil.CallbackURL(state.hpkePrivateKey, proxyPublicKey, requestParams, profile)
if err != nil { if err != nil {
return httputil.NewError(http.StatusInternalServerError, err) return httputil.NewError(http.StatusInternalServerError, err)