3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-20 01:58:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

support both stateful and stateless authenticate

Browse source 
Update the initialization logic for the authenticate, authorize, and
proxy services to automatically select between the stateful
authentication flow and the stateless authentication flow, depending on
whether Pomerium is configured to use the hosted authenticate service.
This commit is contained in:
Kenneth Jenkins 2023-12-06 14:08:35 -08:00
parent c01d0e045d
commit f7dc76c6e5
6 changed files with 51 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

10
config/options.go
View file

@ -827,6 +827,16 @@ func (o *Options) GetInternalAuthenticateURL() (*url.URL, error) {
return urlutil.ParseAndValidateURL(o.AuthenticateInternalURLString)
}
// UseStatelessAuthenticateFlow returns true if the stateless authentication
// flow should be used (i.e. for hosted authenticate).
func (o *Options) UseStatelessAuthenticateFlow() bool {
u, err := o.GetInternalAuthenticateURL()
if err != nil {
return false
}
return urlutil.IsHostedAuthenticateDomain(u.Hostname())
}
// GetAuthorizeURLs returns the AuthorizeURLs in the options or 127.0.0.1:5443.
func (o *Options) GetAuthorizeURLs() ([]*url.URL, error) {
if IsAll(o.Services) && o.AuthorizeURLString == "" && len(o.AuthorizeURLStrings) == 0 {