djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d659b90e19
ContainerImage.Pinniped/internal/oidc/login/loginhtml/loginhtml.go
Ryan Richard c6c2c525a6 Upgrade the linter and fix all new linter warnings 
Also fix some tests that were broken by bumping golang and dependencies
in the previous commits.

Note that in addition to changes made to satisfy the linter which do not
impact the behavior of the code, this commit also adds ReadHeaderTimeout
to all usages of http.Server to satisfy the linter (and because it
seemed like a good suggestion).
2022-08-24 14:45:55 -07:00

66 lines
1.9 KiB
Go
Raw Blame History

// Copyright 2022 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Package loginhtml defines HTML templates used by the Supervisor.
package loginhtml
import (
_ "embed" // Needed to trigger //go:embed directives below.
"html/template"
"strings"
"github.com/tdewolff/minify/v2/minify"
"go.pinniped.dev/internal/oidc/provider/csp"
)
//nolint:gochecknoglobals // This package uses globals to ensure that all parsing and minifying happens at init.
var (
//go:embed login_form.css
rawCSS string
minifiedCSS = panicOnError(minify.CSS(rawCSS))
//go:embed login_form.gohtml
rawHTMLTemplate string
// Parse the Go templated HTML and inject functions providing the minified inline CSS and JS.
parsedHTMLTemplate = template.Must(template.New("login_form.gohtml").Funcs(template.FuncMap{
"minifiedCSS": func() template.CSS { return template.CSS(CSS()) },
}).Parse(rawHTMLTemplate))
// Generate the CSP header value once since it's effectively constant.
cspValue = strings.Join([]string{
`default-src 'none'`,
`style-src '` + csp.Hash(minifiedCSS) + `'`,
`frame-ancestors 'none'`,
}, "; ")
)
func panicOnError(s string, err error) string {
if err != nil {
panic(err)
}
return s
}
// ContentSecurityPolicy returns the Content-Security-Policy header value to make the Template() operate correctly.
//
// See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy.
func ContentSecurityPolicy() string { return cspValue }
// Template returns the html/template.Template for rendering the login page.
func Template() *template.Template { return parsedHTMLTemplate }
// CSS returns the minified CSS that will be embedded into the page template.
func CSS() string { return minifiedCSS }
// PageData represents the inputs to the template.
type PageData struct {
State string
IDPName string
HasAlertError bool
AlertMessage string
MinifiedCSS template.CSS
PostPath string
}
Reference in New Issue View Git Blame Copy Permalink