go-pkgz · umputun · Aug 26, 2022 · Aug 24, 2022 · Aug 24, 2022 · Aug 24, 2022
@@ -257,15 +257,16 @@ func (s *Service) AddProvider(name, cid, csecret string) {
 	s.authMiddleware.Providers = s.providers
 }
 
-// AddDevProvider with a custom port
-func (s *Service) AddDevProvider(port int) {
+// AddDevProvider with a custom host and port
+func (s *Service) AddDevProvider(host string, port int) {
 	p := provider.Params{
 		URL:         s.opts.URL,
 		JwtService:  s.jwtService,
 		Issuer:      s.issuer,
 		AvatarSaver: s.avatarProxy,
 		L:           s.logger,
 		Port:        port,
+		Host:        host,
 	}
 	s.providers = append(s.providers, provider.NewService(provider.NewDev(p)))
 }

@@ -510,7 +510,7 @@ func prepService(t *testing.T) (svc *Service, teardown func()) { //nolint unpara
 	}
 
 	svc = NewService(options)
-	svc.AddDevProvider(18084)                // add dev provider on 18084
+	svc.AddDevProvider("localhost", 18084)   // add dev provider on 18084
 	svc.AddProvider("github", "cid", "csec") // add github provider
 
 	// add go-oauth2/oauth2 provider

@@ -8,7 +8,7 @@ require (
 	github.com/go-pkgz/repeater v1.1.3
 	github.com/go-pkgz/rest v1.14.0
 	github.com/golang-jwt/jwt v3.2.2+incompatible
-	github.com/microcosm-cc/bluemonday v1.0.18
+	github.com/microcosm-cc/bluemonday v1.0.19
 	github.com/nullrocks/identicon v0.0.0-20180626043057-7875f45b0022
 	github.com/stretchr/testify v1.7.0
 	go.etcd.io/bbolt v1.3.6

@@ -228,8 +228,8 @@ github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
 github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
-github.com/microcosm-cc/bluemonday v1.0.18 h1:6HcxvXDAi3ARt3slx6nTesbvorIc3QeTzBNRvWktHBo=
-github.com/microcosm-cc/bluemonday v1.0.18/go.mod h1:Z0r70sCuXHig8YpBzCc5eGHAap2K7e/u082ZUpDRRqM=
+github.com/microcosm-cc/bluemonday v1.0.19 h1:OI7hoF5FY4pFz2VA//RN8TfM0YJ2dJcl4P4APrCWy6c=
+github.com/microcosm-cc/bluemonday v1.0.19/go.mod h1:QNzV2UbLK2/53oIIwTOyLUSABMkjZ4tqiyC1g/DyqxE=
 github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc=
 github.com/moul/http2curl v1.0.0 h1:dRMWoAtb+ePxMlLkrCbAqh4TlPHXvoGUSQ323/9Zahs=
 github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ=

@@ -16,7 +16,10 @@ import (
 	"github.com/go-pkgz/auth/token"
 )
 
-const defDevAuthPort = 8084
+const (
+	defDevAuthPort = 8084
+	defDevAuthHost = "127.0.0.1"
+)
 
 // DevAuthServer is a fake oauth server for development
 // it provides stand-alone server running on its own port and pretending to be the real oauth2. It also provides
@@ -28,7 +31,6 @@ type DevAuthServer struct {
 	Provider   Oauth2Handler
 	Automatic  bool
 	GetEmailFn func(string) string
-
 	username   string // unsafe, but fine for dev
 	httpServer *http.Server
 	lock       sync.Mutex
@@ -39,6 +41,10 @@ func (d *DevAuthServer) Run(ctx context.Context) { // nolint (gocyclo)
 	if d.Provider.Port == 0 {
 		d.Provider.Port = defDevAuthPort
 	}
+	if d.Provider.Host == "" {
+		d.Provider.Host = defDevAuthHost
+	}
+
 	d.username = "dev_user"
 	d.Logf("[INFO] run local oauth2 dev server on %d, redirect url=%s", d.Provider.Port, d.Provider.conf.RedirectURL)
 	d.lock.Lock()
@@ -93,7 +99,7 @@ func (d *DevAuthServer) Run(ctx context.Context) { // nolint (gocyclo)
 				}
 
 			case strings.HasPrefix(r.URL.Path, "/user"):
-				ava := fmt.Sprintf("http://127.0.0.1:%d/avatar?user=%s", d.Provider.Port, d.username)
+				ava := fmt.Sprintf("http://%s:%d/avatar?user=%s", d.Provider.Host, d.Provider.Port, d.username)
 				res := fmt.Sprintf(`{
 					"id": "%s",
 					"name":"%s",
@@ -165,14 +171,17 @@ func NewDev(p Params) Oauth2Handler {
 	if p.Port == 0 {
 		p.Port = defDevAuthPort
 	}
+	if p.Host == "" {
+		p.Host = defDevAuthHost
+	}
 	oh := initOauth2Handler(p, Oauth2Handler{
 		name: "dev",
 		endpoint: oauth2.Endpoint{
-			AuthURL:  fmt.Sprintf("http://127.0.0.1:%d/login/oauth/authorize", p.Port),
-			TokenURL: fmt.Sprintf("http://127.0.0.1:%d/login/oauth/access_token", p.Port),
+			AuthURL:  fmt.Sprintf("http://%s:%d/login/oauth/authorize", p.Host, p.Port),
+			TokenURL: fmt.Sprintf("http://%s:%d/login/oauth/access_token", p.Host, p.Port),
 		},
 		scopes:  []string{"user:email"},
-		infoURL: fmt.Sprintf("http://127.0.0.1:%d/user", p.Port),
+		infoURL: fmt.Sprintf("http://%s:%d/user", p.Host, p.Port),
 		mapUser: func(data UserData, _ []byte) token.User {
 			userInfo := token.User{
 				ID:      data.Value("id"),

@@ -40,7 +40,8 @@ type Params struct {
 	Issuer      string
 	AvatarSaver AvatarSaver
 
-	Port int // relevant for providers supporting port customization, for example dev oauth2
+	Port int    // relevant for providers supporting port customization, for example dev oauth2
+	Host string // relevant for providers supporting host customization, for example dev oauth2
 }
 
 // UserData is type for user information returned from oauth2 providers /info API method