From 566f2a354cf452061e4b308966825b982549d76e Mon Sep 17 00:00:00 2001 From: Jeff Billimek Date: Thu, 9 Aug 2018 07:05:49 -0400 Subject: [PATCH] support for custom github endpoints (#115) * support for custom github endpoints * implementing requested changes * refactor 'GitHubEndpointURL' to 'EndpointURL' --- config/example.yaml | 1 + internal/handlers/auth.go | 2 +- internal/handlers/auth/github.go | 13 +++++++++++-- internal/util/config.go | 1 + 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/config/example.yaml b/config/example.yaml index a2aeab6..afecb68 100644 --- a/config/example.yaml +++ b/config/example.yaml @@ -13,6 +13,7 @@ Google: # only relevant when using the oauth authbackend GitHub: # only relevant when using the oauth authbackend ClientID: replace me ClientSecret: replace me + EndpointURL: # (OPTIONAL) URL for custom endpoint (currently only for github); e.g. 'https://github.mydomain.com' Microsoft: # only relevant when using the oauth authbackend ClientID: replace me ClientSecret: 'replace me' diff --git a/internal/handlers/auth.go b/internal/handlers/auth.go index 8c066e4..c7d7021 100644 --- a/internal/handlers/auth.go +++ b/internal/handlers/auth.go @@ -25,7 +25,7 @@ func (h *Handler) initOAuth() { } github := util.GetConfig().GitHub if github.Enabled() { - auth.WithAdapterWrapper(auth.NewGithubAdapter(github.ClientID, github.ClientSecret), h.engine.Group("/api/v1/auth/github")) + auth.WithAdapterWrapper(auth.NewGithubAdapter(github.ClientID, github.ClientSecret, github.EndpointURL), h.engine.Group("/api/v1/auth/github")) h.providers = append(h.providers, "github") } microsoft := util.GetConfig().Microsoft diff --git a/internal/handlers/auth/github.go b/internal/handlers/auth/github.go index 41eed81..574e84c 100644 --- a/internal/handlers/auth/github.go +++ b/internal/handlers/auth/github.go @@ -18,7 +18,11 @@ type githubAdapter struct { } // NewGithubAdapter creates an oAuth adapter out of the credentials and the baseURL -func NewGithubAdapter(clientID, clientSecret string) Adapter { +func NewGithubAdapter(clientID, clientSecret, endpointURL string) Adapter { + if endpointURL != "" { + github.Endpoint.AuthURL = endpointURL + "/login/oauth/authorize" + github.Endpoint.TokenURL = endpointURL + "/login/oauth/access_token" + } return &githubAdapter{&oauth2.Config{ ClientID: clientID, ClientSecret: clientSecret, @@ -40,7 +44,12 @@ func (a *githubAdapter) GetUserData(state, code string) (*user, error) { if err != nil { return nil, errors.Wrap(err, "could not exchange code") } - oAuthUserInfoReq, err := a.config.Client(context.Background(), oAuthToken).Get("https://api.github.com/user") + + gitHubUserURL := "https://api.github.com/user" + if util.GetConfig().GitHub.EndpointURL != "" { + gitHubUserURL = util.GetConfig().GitHub.EndpointURL + "/api/v3/user" + } + oAuthUserInfoReq, err := a.config.Client(context.Background(), oAuthToken).Get(gitHubUserURL) if err != nil { return nil, errors.Wrap(err, "could not get user data") } diff --git a/internal/util/config.go b/internal/util/config.go index 29454e1..6ea4e47 100644 --- a/internal/util/config.go +++ b/internal/util/config.go @@ -43,6 +43,7 @@ type redisConf struct { type oAuthConf struct { ClientID string `yaml:"ClientID" env:"CLIENT_ID"` ClientSecret string `yaml:"ClientSecret" env:"CLIENT_SECRET"` + EndpointURL string `yaml:"EndPointURL" env:"ENDPOINT_URL"` // optional for only GitHub } type proxyAuthConf struct {