aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md4
-rw-r--r--server/auth/google/google.go2
-rw-r--r--server/auth/google/google_test.go4
-rw-r--r--server/config/config.go10
-rw-r--r--server/signer/signer.go2
5 files changed, 11 insertions, 11 deletions
diff --git a/README.md b/README.md
index 71cc20c..2ba0b72 100644
--- a/README.md
+++ b/README.md
@@ -60,8 +60,8 @@ Configuration is divided into three sections: `server`, `auth`, and `ssh`.
- `oauth_client_id` : string. Oauth Client ID.
- `oauth_client_secret` : string. Oauth secret.
- `oauth_callback_url` : string. URL that the Oauth provider will redirect to after user authorisation. The path is hardcoded to `"/auth/callback"` in the source.
-- `google_opts` : object. Additional options for the `google` provider.
-- `google_opts: { domain }` : string. Only allow users from this Google Apps domain. This is optional but leaving it unset will allow anyone with a Google account to obtain ssh certificates so don't do that.
+- `provider_opts` : object. Additional options for the provider.
+- `provider_opts: { domain }` : string. Applies to "google" provider. Only allow users from this Google Apps domain. This is optional but leaving it unset will allow anyone with a Google account to obtain ssh certificates so don't do that.
### ssh
- `signing_key`: string. Path to the signing ssh private key you created earlier.
diff --git a/server/auth/google/google.go b/server/auth/google/google.go
index d464b14..231312b 100644
--- a/server/auth/google/google.go
+++ b/server/auth/google/google.go
@@ -35,7 +35,7 @@ func New(c *config.Auth) auth.Provider {
Endpoint: google.Endpoint,
Scopes: []string{googleapi.UserinfoEmailScope, googleapi.UserinfoProfileScope},
},
- domain: c.GoogleOpts["domain"].(string),
+ domain: c.ProviderOpts["domain"].(string),
}
}
diff --git a/server/auth/google/google_test.go b/server/auth/google/google_test.go
index 489aa1a..3a86610 100644
--- a/server/auth/google/google_test.go
+++ b/server/auth/google/google_test.go
@@ -44,8 +44,8 @@ func newGoogle() auth.Provider {
OauthClientID: oauthClientID,
OauthClientSecret: oauthClientSecret,
OauthCallbackURL: oauthCallbackURL,
- GoogleOpts: make(map[string]interface{}),
+ ProviderOpts: make(map[string]interface{}),
}
- c.GoogleOpts["domain"] = domain
+ c.ProviderOpts["domain"] = domain
return New(c)
}
diff --git a/server/config/config.go b/server/config/config.go
index 4011d82..49b0f2e 100644
--- a/server/config/config.go
+++ b/server/config/config.go
@@ -24,16 +24,16 @@ type Auth struct {
OauthClientSecret string `mapstructure:"oauth_client_secret"`
OauthCallbackURL string `mapstructure:"oauth_callback_url"`
Provider string `mapstructure:"provider"`
- GoogleOpts map[string]interface{} `mapstructure:"google_opts"`
+ ProviderOpts map[string]interface{} `mapstructure:"provider_opts"`
JWTSigningKey string `mapstructure:"jwt_signing_key"`
}
// SSH holds the configuration specific to signing ssh keys.
type SSH struct {
- SigningKey string `mapstructure:"signing_key"`
- Principals []string `mapstructure:"additional_principals"`
- MaxAge string `mapstructure:"max_age"`
- Permissions []string `mapstructure:"permissions"`
+ SigningKey string `mapstructure:"signing_key"`
+ AdditionalPrincipals []string `mapstructure:"additional_principals"`
+ MaxAge string `mapstructure:"max_age"`
+ Permissions []string `mapstructure:"permissions"`
}
// ReadConfig parses a JSON configuration file into a Config struct.
diff --git a/server/signer/signer.go b/server/signer/signer.go
index f897195..854d70e 100644
--- a/server/signer/signer.go
+++ b/server/signer/signer.go
@@ -82,7 +82,7 @@ func New(conf config.SSH) (*KeySigner, error) {
return &KeySigner{
ca: key,
validity: validity,
- principals: conf.Principals,
+ principals: conf.AdditionalPrincipals,
permissions: makeperms(conf.Permissions),
}, nil
}