djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP: Add login handler for LDAP/AD web login

Browse Source 
Also change state param to include IDP type
This commit is contained in:
Margo Crawford 2022-04-25 16:41:55 -07:00
parent 694e4d6df6
commit 8832362b94
2 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
internal/oidc/login/login_handler.go Normal file
View File

@ -0,0 +1,23 @@
// Copyright 2022 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
package login
import (
"net/http"
)
// NewHandler returns an http.Handler that serves the login endpoint for IDPs that
// don't have their own Web UI.
func NewHandler() http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
http.Error(w, `Method not allowed (try GET)`, http.StatusMethodNotAllowed)
return
}
_, err := w.Write([]byte("<p>hello world</p>"))
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
})
}

6
internal/oidc/oidc.go
View File

@ -1,4 +1,4 @@
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
// Package oidc contains common OIDC functionality needed by Pinniped. // Package oidc contains common OIDC functionality needed by Pinniped.
@ -26,13 +26,14 @@ const (
CallbackEndpointPath = "/callback" CallbackEndpointPath = "/callback"
JWKSEndpointPath = "/jwks.json" JWKSEndpointPath = "/jwks.json"
PinnipedIDPsPathV1Alpha1 = "/v1alpha1/pinniped_identity_providers" PinnipedIDPsPathV1Alpha1 = "/v1alpha1/pinniped_identity_providers"
PinnipedLoginPath = "/login"
) )
const ( const (
// Just in case we need to make a breaking change to the format of the upstream state param, // Just in case we need to make a breaking change to the format of the upstream state param,
// we are including a format version number. This gives the opportunity for a future version of Pinniped // we are including a format version number. This gives the opportunity for a future version of Pinniped
// to have the consumer of this format decide to reject versions that it doesn't understand. // to have the consumer of this format decide to reject versions that it doesn't understand.
UpstreamStateParamFormatVersion = "1" UpstreamStateParamFormatVersion = "2"
// The `name` passed to the encoder for encoding the upstream state param value. This name is short // The `name` passed to the encoder for encoding the upstream state param value. This name is short
// because it will be encoded into the upstream state param value and we're trying to keep that small. // because it will be encoded into the upstream state param value and we're trying to keep that small.
@ -93,6 +94,7 @@ type Codec interface {
type UpstreamStateParamData struct { type UpstreamStateParamData struct {
AuthParams string `json:"p"` AuthParams string `json:"p"`
UpstreamName string `json:"u"` UpstreamName string `json:"u"`
UpstreamType string `json:"t"`
Nonce nonce.Nonce `json:"n"` Nonce nonce.Nonce `json:"n"`
CSRFToken csrftoken.CSRFToken `json:"c"` CSRFToken csrftoken.CSRFToken `json:"c"`
PKCECode pkce.Code `json:"k"` PKCECode pkce.Code `json:"k"`