diff options
author | Patrick O'Doherty <p@trickod.com> | 2016-05-23 17:56:15 +0100 |
---|---|---|
committer | Patrick O'Doherty <p@trickod.com> | 2016-05-24 12:25:15 +0100 |
commit | 6f86efb594721bc577c56b284f5f2499e563c45c (patch) | |
tree | d5e98834090b6f800893b7ff3708f0ff419f106c /server/auth/google/google.go | |
parent | 7f6b342de26e16e197f69c7576bb687aac03e527 (diff) |
Don't allow wide-open Google or Github configs
Fail loudly if either the google_opts domain value or github_opts organization
values are not set in the configuration. The lack of these values means that
a) in the Google case any @gmail.com address will be allowed
b) the Github case any Github user will be allowed.
This was previously documented but left as a foot-gun in the code.
Future commits will allow for explicit wildcards to be set.
Diffstat (limited to 'server/auth/google/google.go')
-rw-r--r-- | server/auth/google/google.go | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/server/auth/google/google.go b/server/auth/google/google.go index cf780f3..0328d42 100644 --- a/server/auth/google/google.go +++ b/server/auth/google/google.go @@ -1,6 +1,7 @@ package google import ( + "errors" "fmt" "net/http" "strings" @@ -26,7 +27,11 @@ type Config struct { } // New creates a new Google provider from a configuration. -func New(c *config.Auth) auth.Provider { +func New(c *config.Auth) (auth.Provider, error) { + if c.ProviderOpts["domain"] == "" { + return nil, errors.New("google_opts domain must not be empty") + } + return &Config{ config: &oauth2.Config{ ClientID: c.OauthClientID, @@ -36,7 +41,7 @@ func New(c *config.Auth) auth.Provider { Scopes: []string{googleapi.UserinfoEmailScope, googleapi.UserinfoProfileScope}, }, domain: c.ProviderOpts["domain"], - } + }, nil } // A new oauth2 http client. |