Skip to content

Allow custom key to be used for whitelist and X-Forwarded-User instead of the hardcoded email #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 41 commits into from
+130 −94
Closed

Allow custom key to be used for whitelist and X-Forwarded-User instead of the hardcoded email #3

Changes from 1 commit
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
1b7d054
init commit
maxisme Aug 1, 2020
bcadb3a
add github workflow
maxisme Aug 1, 2020
b290b21
fix naming
maxisme Aug 1, 2020
f041759
fix missing param
maxisme Aug 1, 2020
0e2bb23
upgrade Go version to 1.14
maxisme Aug 1, 2020
b0f7b17
tmp remove of tests
maxisme Aug 1, 2020
c792263
add more specific error message
maxisme Aug 1, 2020
189e4a1
put back tests
maxisme Aug 1, 2020
399f3da
rename User ID Key to User ID Path
maxisme Aug 1, 2020
40bd110
upgrade dependencies
maxisme Aug 1, 2020
2a2d542
Revert "upgrade dependencies"
maxisme Aug 1, 2020
22aa772
Revert "upgrade dependencies"
maxisme Aug 1, 2020
d9c2ec2
mention the user that is not authorized
maxisme Aug 1, 2020
cb02259
mention the user that is not authorized
maxisme Aug 1, 2020
c77e649
tidy error message
maxisme Aug 3, 2020
4b554e7
tidy error message
maxisme Aug 3, 2020
c7f5f0a
remove actions
maxisme Aug 22, 2020
fb70085
rename UserIDPath to UserID
maxisme Aug 22, 2020
42b3750
rename GetUsedID function to GetUser
maxisme Aug 22, 2020
a33a869
revert docker golang version to 1.13
Jan 12, 2021
9ea7d98
change whitelist comment to indicate userIDs instead of explicitly em…
Jan 12, 2021
49439c7
revert go version
Jan 12, 2021
4906a18
Merge branch 'master' of https://github.com/thomseddon/traefik-forwar…
Jan 12, 2021
4091bb1
fix conflicts
Jan 12, 2021
58d555c
add tests
Jan 12, 2021
dc20081
push to docker for testing
Jan 13, 2021
a98e568
Merge pull request #1 from maxisme/fix-conflicts
maxisme Jan 15, 2021
4ac5980
Make listen port configurable (#230)
hesstobi Feb 1, 2021
e49e5c7
Add GitHub Actions workflow for creating binaries for releases (#184)…
Feb 1, 2021
0b3d77d
Allow to be run without middleware + improve request reading consiste…
thomseddon Jun 24, 2021
6233299
Add .github to .dockerignore
ciffelia Aug 21, 2021
1b3226f
Add actions workflow to build and push docker image
ciffelia Aug 21, 2021
97ef14c
Publish to ghcr
Beanow Jun 3, 2022
498475e
chore(ci): use own registry
mkska Jul 27, 2023
4cdb927
Add SameSite option
heralight Jul 1, 2021
a2dbeff
docs: updates readme
mkska Jul 27, 2023
8eb983d
Update README.md
mkska Jul 27, 2023
81830f1
Update README.md
mkska Jul 27, 2023
381beac
Merge branch 'master' into maxisme-master
mkska Aug 22, 2023
e953ef5
Merge branch 'master' into maxisme-master
mkska Aug 22, 2023
456873f
removes push workflow
mkska Aug 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
add tests
Max Mitchell committed Jan 12, 2021
commit 58d555c8220630a9b2b0dcea696b2a3de2147d61
6 changes: 3 additions & 3 deletions internal/auth.go
View file
Original file line number Diff line number Diff line change
@@ -167,10 +167,10 @@ func useAuthDomain(r *http.Request) (bool, string) {
// Cookie methods

// MakeCookie creates an auth cookie
func MakeCookie(r *http.Request, email string) *http.Cookie {
func MakeCookie(r *http.Request, user string) *http.Cookie {
expires := cookieExpiry()
mac := cookieSignature(r, email, fmt.Sprintf("%d", expires.Unix()))
value := fmt.Sprintf("%s|%d|%s", mac, expires.Unix(), email)
mac := cookieSignature(r, user, fmt.Sprintf("%d", expires.Unix()))
value := fmt.Sprintf("%s|%d|%s", mac, expires.Unix(), user)

return &http.Cookie{
Name: config.CookieName,
16 changes: 16 additions & 0 deletions internal/auth_test.go
View file
Original file line number Diff line number Diff line change
@@ -78,6 +78,12 @@ func TestAuthValidateUser(t *testing.T) {
v = ValidateUser("[email protected]", "default")
assert.True(v, "should allow user from allowed domain")

// Should block non whitelisted email address
config.Domains = []string{}
config.Whitelist = []string{"[email protected]"}
v = ValidateUser("[email protected]", "default")
assert.False(v, "should not allow user not in whitelist")

// Should allow matching whitelisted email address
config.Domains = []string{}
config.Whitelist = []string{"[email protected]"}
@@ -91,6 +97,10 @@ func TestAuthValidateUser(t *testing.T) {
config.Domains = []string{"example.com"}
config.Whitelist = []string{"[email protected]"}
config.MatchWhitelistOrDomain = false
v = ValidateUser("[email protected]", "default")
assert.True(v, "should allow user in whitelist")
v = ValidateUser("[email protected]", "default")
assert.False(v, "should not allow user from valid domain")
v = ValidateUser("[email protected]", "default")
assert.False(v, "should not allow user not in either")
v = ValidateUser("[email protected]", "default")
@@ -109,6 +119,8 @@ func TestAuthValidateUser(t *testing.T) {
assert.True(v, "should allow user from allowed domain")
v = ValidateUser("[email protected]", "default")
assert.True(v, "should allow user in whitelist")
v = ValidateUser("[email protected]", "default")
assert.True(v, "should allow user from valid domain")

// Rule testing

@@ -138,6 +150,10 @@ func TestAuthValidateUser(t *testing.T) {
v = ValidateUser("[email protected]", "test")
assert.True(v, "should allow user from allowed domain")

// Should allow comma separated email
config.Whitelist = []string{"[email protected]", "[email protected]"}
v = ValidateUser("[email protected]", "default")

// Should allow matching whitelist in rule
config.Domains = []string{}
config.Whitelist = []string{"[email protected]"}