chore: make groups session name configurable

This will be needed when configuring kommander TFA.
mesosphere · Feb 24, 2020 · 1e5c972 · 1e5c972
1 parent b1a3d35
commit 1e5c972
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 4 deletions.
diff --git a/internal/config.go b/internal/config.go
@@ -42,6 +42,7 @@ type Config struct {
 	CookieName              string               `long:"cookie-name" env:"COOKIE_NAME" default:"_forward_auth" description:"ID Cookie Name"`
 	UserCookieName          string               `long:"user-cookie-name" env:"USER_COOKIE_NAME" default:"_forward_auth_name" description:"User Cookie Name"`
 	CSRFCookieName          string               `long:"csrf-cookie-name" env:"CSRF_COOKIE_NAME" default:"_forward_auth_csrf" description:"CSRF Cookie Name"`
+	GroupsSessionName       string               `long:"groups-session-name" env:"GROUPS_SESSION_NAME" default:"_forward_auth_claims" description:"Group Session Name"`
 	DefaultAction           string               `long:"default-action" env:"DEFAULT_ACTION" default:"auth" choice:"auth" choice:"allow" description:"Default action"`
 	Domains                 CommaSeparatedList   `long:"domain" env:"DOMAIN" description:"Only allow given email domains, can be set multiple times"`
 	LifetimeString          int                  `long:"lifetime" env:"LIFETIME" default:"43200" description:"Lifetime in seconds"`

diff --git a/internal/server.go b/internal/server.go
@@ -21,8 +21,6 @@ import (
 const (
 	impersonateUserHeader  = "Impersonate-User"
 	impersonateGroupHeader = "Impersonate-Group"
-	// TODO: sessionName needs to in config
-	sessionName = "_forward_auth_claims"
 )
 
 type Server struct {
@@ -308,7 +306,7 @@ func (s *Server) AuthCallbackHandler() http.HandlerFunc {
 		}
 
 		logger.Printf("creating group claims session with groups: %v", groups)
-		session, err := s.sessionStore.Get(r, sessionName)
+		session, err := s.sessionStore.Get(r, config.GroupsSessionName)
 		if err != nil {
 			logger.Errorf("failed to get group claims session: %v", err)
 			http.Error(w, "Bad Gateway", 502)
@@ -394,7 +392,7 @@ func (s *Server) logger(r *http.Request, rule, msg string) *logrus.Entry {
 }
 
 func (s *Server) getGroupsFromSession(r *http.Request) ([]string, error) {
-	session, err := s.sessionStore.Get(r, sessionName)
+	session, err := s.sessionStore.Get(r, config.GroupsSessionName)
 	if err != nil {
 		return nil, fmt.Errorf("error getting session: %w", err)
 	}