diff options
author | Mike Crute <mike@crute.us> | 2017-09-19 04:39:36 +0000 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2019-05-21 13:41:00 +0000 |
commit | deb76405de56956bb14804286db503462d30bc12 (patch) | |
tree | 37779320722273608144b67c449a374cdd6a55eb | |
parent | 9f7861ffe1397da514606b189f5b3e383f4e7ed7 (diff) | |
download | oidc_proxy-deb76405de56956bb14804286db503462d30bc12.tar.bz2 oidc_proxy-deb76405de56956bb14804286db503462d30bc12.tar.xz oidc_proxy-deb76405de56956bb14804286db503462d30bc12.zip |
Finish out most of the proxy functionality
-rw-r--r-- | jws_validator.go | 9 | ||||
-rw-r--r-- | main.go | 14 | ||||
-rw-r--r-- | util.go | 5 |
3 files changed, 18 insertions, 10 deletions
diff --git a/jws_validator.go b/jws_validator.go index 0b2467f..9abaaae 100644 --- a/jws_validator.go +++ b/jws_validator.go | |||
@@ -1,11 +1,12 @@ | |||
1 | package main | 1 | package main |
2 | 2 | ||
3 | import ( | 3 | import ( |
4 | "net/url" | ||
5 | "time" | ||
6 | |||
4 | "github.com/pkg/errors" | 7 | "github.com/pkg/errors" |
5 | "gopkg.in/square/go-jose.v2" | 8 | "gopkg.in/square/go-jose.v2" |
6 | "gopkg.in/square/go-jose.v2/jwt" | 9 | "gopkg.in/square/go-jose.v2/jwt" |
7 | "net/url" | ||
8 | "time" | ||
9 | ) | 10 | ) |
10 | 11 | ||
11 | // TODO | 12 | // TODO |
@@ -26,6 +27,10 @@ type Claims struct { | |||
26 | jwt.Claims | 27 | jwt.Claims |
27 | } | 28 | } |
28 | 29 | ||
30 | func (c *Claims) Age() int64 { | ||
31 | return int64(time.Since(c.IssuedAt.Time()).Minutes()) | ||
32 | } | ||
33 | |||
29 | type JWSValidationContext struct { | 34 | type JWSValidationContext struct { |
30 | KeyFetcher JWKSFetcher | 35 | KeyFetcher JWKSFetcher |
31 | Issuer string | 36 | Issuer string |
@@ -5,16 +5,16 @@ import ( | |||
5 | "crypto/rand" | 5 | "crypto/rand" |
6 | "encoding/hex" | 6 | "encoding/hex" |
7 | "flag" | 7 | "flag" |
8 | "github.com/golang/glog" | ||
9 | "github.com/gorilla/handlers" | ||
10 | "github.com/pkg/errors" | ||
11 | "net/http" | 8 | "net/http" |
12 | "net/http/httputil" | 9 | "net/http/httputil" |
13 | "net/url" | 10 | "net/url" |
14 | "os" | 11 | "os" |
15 | "strconv" | ||
16 | "strings" | 12 | "strings" |
17 | "time" | 13 | "time" |
14 | |||
15 | "github.com/golang/glog" | ||
16 | "github.com/gorilla/handlers" | ||
17 | "github.com/pkg/errors" | ||
18 | ) | 18 | ) |
19 | 19 | ||
20 | const ( | 20 | const ( |
@@ -238,10 +238,8 @@ func AuthProxyController(w http.ResponseWriter, r *http.Request) { | |||
238 | } | 238 | } |
239 | 239 | ||
240 | r.Header["X-Forwarded-User"] = []string{claims.Subject} | 240 | r.Header["X-Forwarded-User"] = []string{claims.Subject} |
241 | r.Header["X-Forwarded-Token-Expires"] = []string{strconv.FormatInt(int64(claims.Expiry), 10)} | 241 | r.Header["X-Forwarded-Token-Age"] = StringListFromInt(claims.Age()) |
242 | 242 | r.Header["X-Forwarded-Token-Expires"] = StringListFromInt(int64(claims.Expiry)) | |
243 | age := time.Since(claims.IssuedAt.Time()).Minutes() | ||
244 | r.Header["X-Forwarded-Token-Age"] = []string{strconv.FormatInt(int64(age), 10)} | ||
245 | 243 | ||
246 | ctx.reverseProxy.ServeHTTP(w, r) | 244 | ctx.reverseProxy.ServeHTTP(w, r) |
247 | } | 245 | } |
@@ -4,6 +4,7 @@ import ( | |||
4 | "crypto/sha256" | 4 | "crypto/sha256" |
5 | "encoding/hex" | 5 | "encoding/hex" |
6 | "net/url" | 6 | "net/url" |
7 | "strconv" | ||
7 | "strings" | 8 | "strings" |
8 | ) | 9 | ) |
9 | 10 | ||
@@ -59,3 +60,7 @@ func Sha256Hex(v string) string { | |||
59 | s256.Write([]byte(v)) | 60 | s256.Write([]byte(v)) |
60 | return hex.EncodeToString(s256.Sum(nil)) | 61 | return hex.EncodeToString(s256.Sum(nil)) |
61 | } | 62 | } |
63 | |||
64 | func StringListFromInt(i int64) []string { | ||
65 | return []string{strconv.FormatInt(i, 10)} | ||
66 | } | ||