cleanup

flipt-io · Jun 6, 2024 · 138bbbd · 138bbbd
1 parent 8235114
commit 138bbbd
Show file tree

Hide file tree

Showing 8 changed files with 37 additions and 29 deletions.
diff --git a/internal/config/authentication.go b/internal/config/authentication.go
@@ -392,7 +392,7 @@ type AuthenticationMethodCloudConfig struct{}
 func (a AuthenticationMethodCloudConfig) setDefaults(map[string]any) {}
 
 // info describes properties of the authentication method "cloud".
-func (a AuthenticationMethodCloudConfig) info(ctx context.Context) AuthenticationMethodInfo {
+func (a AuthenticationMethodCloudConfig) info(_ context.Context) AuthenticationMethodInfo {
 	return AuthenticationMethodInfo{
 		Method:            auth.Method_METHOD_CLOUD,
 		SessionCompatible: true,
@@ -413,7 +413,7 @@ type AuthenticationMethodTokenConfig struct {
 func (a AuthenticationMethodTokenConfig) setDefaults(map[string]any) {}
 
 // info describes properties of the authentication method "token".
-func (a AuthenticationMethodTokenConfig) info(ctx context.Context) AuthenticationMethodInfo {
+func (a AuthenticationMethodTokenConfig) info(_ context.Context) AuthenticationMethodInfo {
 	return AuthenticationMethodInfo{
 		Method:            auth.Method_METHOD_TOKEN,
 		SessionCompatible: false,
@@ -539,7 +539,7 @@ func (a AuthenticationMethodKubernetesConfig) setDefaults(defaults map[string]an
 }
 
 // info describes properties of the authentication method "kubernetes".
-func (a AuthenticationMethodKubernetesConfig) info(ctx context.Context) AuthenticationMethodInfo {
+func (a AuthenticationMethodKubernetesConfig) info(_ context.Context) AuthenticationMethodInfo {
 	return AuthenticationMethodInfo{
 		Method:            auth.Method_METHOD_KUBERNETES,
 		SessionCompatible: false,
@@ -639,7 +639,7 @@ type AuthenticationMethodJWTConfig struct {
 func (a AuthenticationMethodJWTConfig) setDefaults(map[string]any) {}
 
 // info describes properties of the authentication method "jwt".
-func (a AuthenticationMethodJWTConfig) info(ctx context.Context) AuthenticationMethodInfo {
+func (a AuthenticationMethodJWTConfig) info(_ context.Context) AuthenticationMethodInfo {
 	return AuthenticationMethodInfo{
 		Method:            auth.Method_METHOD_JWT,
 		SessionCompatible: false,

diff --git a/internal/server/authn/method/http.go b/internal/server/authn/method/http.go
@@ -21,7 +21,7 @@ const (
 	oidcPrefix         = "/auth/v1/method/oidc/"
 	stateCookieKey     = "flipt_client_state"
 	tokenCookieKey     = "flipt_client_token"
-	forwardedPrefixKey = "x-forwarded-prefix"
+	ForwardedPrefixKey = "x-forwarded-prefix"
 	xForwardedPrefix   = "X-Forwarded-Prefix"
 )
 
@@ -61,7 +61,7 @@ func ForwardPrefix(ctx context.Context, req *http.Request) metadata.MD {
 	md := metadata.MD{}
 	values := req.Header.Values(xForwardedPrefix)
 	if len(values) > 0 {
-		md[forwardedPrefixKey] = values
+		md[ForwardedPrefixKey] = values
 	}
 	return md
 }
@@ -92,7 +92,7 @@ func (m Middleware) ForwardResponseOption(ctx context.Context, w http.ResponseWr
 		r.ClientToken = ""
 		location := "/"
 		if md, ok := metadata.FromOutgoingContext(ctx); ok {
-			location = path.Join(md.Get(forwardedPrefixKey)...) + "/"
+			location = path.Join(md.Get(ForwardedPrefixKey)...) + "/"
 		}
 		w.Header().Set("Location", location)
 		w.WriteHeader(http.StatusFound)

diff --git a/internal/server/authn/method/http_test.go b/internal/server/authn/method/http_test.go
@@ -24,7 +24,7 @@ func TestForwardPrefix(t *testing.T) {
 				req.Header.Add(k, v)
 			}
 			md := ForwardPrefix(context.Background(), req)
-			assert.Equal(t, tt.expected, md.Get(forwardedPrefixKey))
+			assert.Equal(t, tt.expected, md.Get(ForwardedPrefixKey))
 		})
 	}
 }
diff --git a/internal/server/authn/public/server.go b/internal/server/authn/public/server.go
@@ -5,6 +5,7 @@ import (
 	"path"
 
 	"go.flipt.io/flipt/internal/config"
+	"go.flipt.io/flipt/internal/server/authn/method"
 	"go.flipt.io/flipt/rpc/flipt/auth"
 	"go.uber.org/zap"
 	"google.golang.org/grpc"
@@ -32,7 +33,7 @@ func NewServer(logger *zap.Logger, conf config.AuthenticationConfig) *Server {
 func (s *Server) ListAuthenticationMethods(ctx context.Context, _ *emptypb.Empty) (*auth.ListAuthenticationMethodsResponse, error) {
 	var prefix string
 	if md, ok := metadata.FromIncomingContext(ctx); ok {
-		if forwardPrefix := md.Get("x-forwarded-prefix"); len(forwardPrefix) > 0 {
+		if forwardPrefix := md.Get(method.ForwardedPrefixKey); len(forwardPrefix) > 0 {
 			prefix = path.Join(forwardPrefix...)
 		}
 	}

diff --git a/internal/server/authn/public/server_test.go b/internal/server/authn/public/server_test.go
@@ -47,7 +47,7 @@ func Test_Server(t *testing.T) {
 					},
 				},
 			},
-			expectedResp: responseBuilder(func(m *methods) {
+			expectedResp: responseBuilder(t, func(m *methods) {
 				m.github.Enabled = true
 				m.oidc.Enabled = true
 				m.oidc.Metadata.Fields["providers"] = structpb.NewStructValue(&structpb.Struct{
@@ -91,7 +91,7 @@ func Test_Server(t *testing.T) {
 					},
 				},
 			},
-			expectedResp: responseBuilder(func(m *methods) {
+			expectedResp: responseBuilder(t, func(m *methods) {
 				m.github.Enabled = true
 				m.github.Metadata.Fields = map[string]*structpb.Value{
 					"authorize_url": structpb.NewStringValue("/someprefix/auth/v1/method/github/authorize"),
@@ -135,34 +135,35 @@ type methods struct {
 	cloud      *auth.MethodInfo
 }
 
-func responseBuilder(fn func(*methods)) *auth.ListAuthenticationMethodsResponse {
-	newInfo := func(method auth.Method, enabled, session bool, meta *structpb.Struct) *auth.MethodInfo {
+func responseBuilder(t testing.TB, fn func(*methods)) *auth.ListAuthenticationMethodsResponse {
+	t.Helper()
+	newInfo := func(method auth.Method, session bool, meta *structpb.Struct) *auth.MethodInfo {
 		return &auth.MethodInfo{
 			Method:            method,
-			Enabled:           enabled,
+			Enabled:           false,
 			SessionCompatible: session,
 			Metadata:          meta,
 		}
 	}
 
 	methods := methods{
-		token: newInfo(auth.Method_METHOD_TOKEN, false, false, nil),
-		github: newInfo(auth.Method_METHOD_GITHUB, false, true, &structpb.Struct{
+		token: newInfo(auth.Method_METHOD_TOKEN, false, nil),
+		github: newInfo(auth.Method_METHOD_GITHUB, true, &structpb.Struct{
 			Fields: map[string]*structpb.Value{
 				"authorize_url": structpb.NewStringValue("/auth/v1/method/github/authorize"),
 				"callback_url":  structpb.NewStringValue("/auth/v1/method/github/callback"),
 			},
 		}),
-		oidc: newInfo(auth.Method_METHOD_OIDC, false, true, &structpb.Struct{
+		oidc: newInfo(auth.Method_METHOD_OIDC, true, &structpb.Struct{
 			Fields: map[string]*structpb.Value{
 				"providers": structpb.NewStructValue(&structpb.Struct{
 					Fields: map[string]*structpb.Value{},
 				}),
 			},
 		}),
-		kubernetes: newInfo(auth.Method_METHOD_KUBERNETES, false, false, nil),
-		jwt:        newInfo(auth.Method_METHOD_JWT, false, false, nil),
-		cloud:      newInfo(auth.Method_METHOD_CLOUD, false, true, nil),
+		kubernetes: newInfo(auth.Method_METHOD_KUBERNETES, false, nil),
+		jwt:        newInfo(auth.Method_METHOD_JWT, false, nil),
+		cloud:      newInfo(auth.Method_METHOD_CLOUD, true, nil),
 	}
 
 	fn(&methods)

diff --git a/ui/src/app/auth/Login.tsx b/ui/src/app/auth/Login.tsx
@@ -13,7 +13,6 @@ import logoFlag from '~/assets/logo-flag.png';
 import Loading from '~/components/Loading';
 import { NotificationProvider } from '~/components/NotificationProvider';
 import ErrorNotification from '~/components/notifications/ErrorNotification';
-import { authURL } from '~/data/api';
 import { useError } from '~/data/hooks/error';
 import { useSession } from '~/data/hooks/session';
 import { IAuthMethod } from '~/types/Auth';
@@ -93,17 +92,20 @@ function InnerLoginButtons() {
         if (m.method === 'METHOD_GITHUB') {
           return {
             name: 'Github',
-            authorize_url: `${authURL}/method/github/authorize`,
+            authorize_url: m.metadata.authorize_url,
             icon: faGithub
           };
         }
         if (m.method === 'METHOD_OIDC') {
-          return Object.keys(m.metadata.providers).map((k) => {
-            const kl = k.toLowerCase();
+          return Object.entries(m.metadata.providers).map(([k, value]) => {
+            k = k.toLowerCase();
+            const v = value as {
+              authorize_url: string;
+            };
             return {
-              name: knownProviders[kl]?.displayName || upperFirst(kl), // if we dont know the provider, just capitalize the first letter
-              authorize_url: `${authURL}/method/oidc/${k}/authorize`,
-              icon: knownProviders[kl]?.icon || faOpenid // if we dont know the provider icon, use the openid icon
+              name: knownProviders[k]?.displayName || upperFirst(k), // if we dont know the provider, just capitalize the first letter
+              authorize_url: v.authorize_url,
+              icon: knownProviders[k]?.icon || faOpenid // if we dont know the provider icon, use the openid icon
             };
           });
         }

diff --git a/ui/src/types/auth/Github.ts b/ui/src/types/auth/Github.ts
@@ -2,7 +2,9 @@ import { IAuth, IAuthMethod } from '~/types/Auth';
 
 export interface IAuthMethodGithub extends IAuthMethod {
   method: 'METHOD_GITHUB';
-  metadata: {};
+  metadata: {
+    authorize_url: string;
+  };
 }
 
 export interface IAuthMethodGithubMetadata {

diff --git a/ui/src/types/auth/OIDC.ts b/ui/src/types/auth/OIDC.ts
@@ -1,6 +1,8 @@
 import { IAuth, IAuthMethod } from '~/types/Auth';
 
-interface AuthMethodOIDCMetadataProvider {}
+interface AuthMethodOIDCMetadataProvider {
+  authorize_url: string;
+}
 
 export interface IAuthMethodOIDC extends IAuthMethod {
   method: 'METHOD_OIDC';