-
Notifications
You must be signed in to change notification settings - Fork 60
/
oauth.go
95 lines (83 loc) · 2.43 KB
/
oauth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package config
import (
"golang.ngrok.com/ngrok/internal/pb"
"golang.ngrok.com/ngrok/internal/tunnel/proto"
)
type OAuthOption func(cfg *oauthOptions)
// oauthOptions configuration
type oauthOptions struct {
// The OAuth provider to use
Provider string
// Email addresses of users to authorize.
AllowEmails []string
// Email domains of users to authorize.
AllowDomains []string
// OAuth scopes to request from the provider.
Scopes []string
// OAuth custom app ID
ClientID string
// OAuth custom app secret
ClientSecret proto.ObfuscatedString
}
// Construct a new OAuth provider with the given name.
func oauthProvider(name string) *oauthOptions {
return &oauthOptions{
Provider: name,
}
}
// WithOAuthClientID provides a client ID for custom OAuth apps.
func WithOAuthClientID(id string) OAuthOption {
return func(cfg *oauthOptions) {
cfg.ClientID = id
}
}
// WithOAuthClientSecret provides a client secret for custom OAuth apps.
func WithOAuthClientSecret(secret string) OAuthOption {
return func(cfg *oauthOptions) {
cfg.ClientSecret = proto.ObfuscatedString(secret)
}
}
// Append email addresses to the list of allowed emails.
func WithAllowOAuthEmail(addr ...string) OAuthOption {
return func(cfg *oauthOptions) {
cfg.AllowEmails = append(cfg.AllowEmails, addr...)
}
}
// Append email domains to the list of allowed domains.
func WithAllowOAuthDomain(domain ...string) OAuthOption {
return func(cfg *oauthOptions) {
cfg.AllowDomains = append(cfg.AllowDomains, domain...)
}
}
// Append scopes to the list of scopes to request.
func WithOAuthScope(scope ...string) OAuthOption {
return func(cfg *oauthOptions) {
cfg.Scopes = append(cfg.Scopes, scope...)
}
}
func (oauth *oauthOptions) toProtoConfig() *pb.MiddlewareConfiguration_OAuth {
if oauth == nil {
return nil
}
return &pb.MiddlewareConfiguration_OAuth{
Provider: string(oauth.Provider),
ClientId: oauth.ClientID,
ClientSecret: oauth.ClientSecret.PlainText(),
AllowEmails: oauth.AllowEmails,
AllowDomains: oauth.AllowDomains,
Scopes: oauth.Scopes,
}
}
// WithOAuth configures this edge with the the given OAuth provider.
// Overwrites any previously-set OAuth configuration.
//
// https://ngrok.com/docs/http/oauth/
func WithOAuth(provider string, opts ...OAuthOption) HTTPEndpointOption {
return httpOptionFunc(func(cfg *httpOptions) {
oauth := oauthProvider(provider)
for _, opt := range opts {
opt(oauth)
}
cfg.OAuth = oauth
})
}