Commit 058de90d authored by Eric Chiang's avatar Eric Chiang Committed by GitHub

Merge pull request #567 from ericchiang/dev-html-templates

dev branch: port templates from master branch
parents 144fa41a 608d8ba9
...@@ -19,7 +19,7 @@ GOARCH=$(shell go env GOARCH) ...@@ -19,7 +19,7 @@ GOARCH=$(shell go env GOARCH)
build: bin/dex bin/example-app build: bin/dex bin/example-app
bin/dex: FORCE bin/dex: FORCE server/templates_default.go
@go install -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/dex @go install -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/dex
bin/example-app: FORCE bin/example-app: FORCE
...@@ -42,6 +42,9 @@ lint: ...@@ -42,6 +42,9 @@ lint:
golint $$package; \ golint $$package; \
done done
server/templates_default.go: $(wildcard web/templates/**)
@go run server/templates_default_gen.go
.PHONY: docker-build .PHONY: docker-build
docker-build: bin/dex docker-build: bin/dex
@docker build -t $(DOCKER_IMAGE) . @docker build -t $(DOCKER_IMAGE) .
......
...@@ -8,6 +8,7 @@ import ( ...@@ -8,6 +8,7 @@ import (
"github.com/coreos/dex/connector/ldap" "github.com/coreos/dex/connector/ldap"
"github.com/coreos/dex/connector/mock" "github.com/coreos/dex/connector/mock"
"github.com/coreos/dex/connector/oidc" "github.com/coreos/dex/connector/oidc"
"github.com/coreos/dex/server"
"github.com/coreos/dex/storage" "github.com/coreos/dex/storage"
"github.com/coreos/dex/storage/kubernetes" "github.com/coreos/dex/storage/kubernetes"
"github.com/coreos/dex/storage/memory" "github.com/coreos/dex/storage/memory"
...@@ -21,6 +22,8 @@ type Config struct { ...@@ -21,6 +22,8 @@ type Config struct {
Web Web `yaml:"web"` Web Web `yaml:"web"`
OAuth2 OAuth2 `yaml:"oauth2"` OAuth2 OAuth2 `yaml:"oauth2"`
Templates server.TemplateConfig `yaml:"templates"`
StaticClients []storage.Client `yaml:"staticClients"` StaticClients []storage.Client `yaml:"staticClients"`
} }
...@@ -111,9 +114,15 @@ func (c *Connector) UnmarshalYAML(unmarshal func(interface{}) error) error { ...@@ -111,9 +114,15 @@ func (c *Connector) UnmarshalYAML(unmarshal func(interface{}) error) error {
var err error var err error
switch c.Type { switch c.Type {
case "mock": case "mockCallback":
var config struct {
Config mock.CallbackConfig `yaml:"config"`
}
err = unmarshal(&config)
c.Config = &config.Config
case "mockPassword":
var config struct { var config struct {
Config mock.Config `yaml:"config"` Config mock.PasswordConfig `yaml:"config"`
} }
err = unmarshal(&config) err = unmarshal(&config)
c.Config = &config.Config c.Config = &config.Config
......
...@@ -89,11 +89,11 @@ func serve(cmd *cobra.Command, args []string) error { ...@@ -89,11 +89,11 @@ func serve(cmd *cobra.Command, args []string) error {
} }
serverConfig := server.Config{ serverConfig := server.Config{
Issuer: c.Issuer,
Connectors: connectors,
Storage: s,
SupportedResponseTypes: c.OAuth2.ResponseTypes, SupportedResponseTypes: c.OAuth2.ResponseTypes,
Issuer: c.Issuer,
Connectors: connectors,
Storage: s,
TemplateConfig: c.Templates,
} }
serv, err := server.New(serverConfig) serv, err := server.New(serverConfig)
......
// Package mock implements a mock connector which requires no user interaction. // Package mock implements connectors which help test various server components.
package mock package mock
import ( import (
...@@ -11,22 +11,24 @@ import ( ...@@ -11,22 +11,24 @@ import (
"github.com/coreos/dex/connector" "github.com/coreos/dex/connector"
) )
// New returns a mock connector which requires no user interaction. It always returns // NewCallbackConnector returns a mock connector which requires no user interaction. It always returns
// the same (fake) identity. // the same (fake) identity.
func New() connector.Connector { func NewCallbackConnector() connector.Connector {
return mockConnector{} return callbackConnector{}
} }
var ( var (
_ connector.CallbackConnector = mockConnector{} _ connector.CallbackConnector = callbackConnector{}
_ connector.GroupsConnector = mockConnector{} _ connector.GroupsConnector = callbackConnector{}
_ connector.PasswordConnector = passwordConnector{}
) )
type mockConnector struct{} type callbackConnector struct{}
func (m mockConnector) Close() error { return nil } func (m callbackConnector) Close() error { return nil }
func (m mockConnector) LoginURL(callbackURL, state string) (string, error) { func (m callbackConnector) LoginURL(callbackURL, state string) (string, error) {
u, err := url.Parse(callbackURL) u, err := url.Parse(callbackURL)
if err != nil { if err != nil {
return "", fmt.Errorf("failed to parse callbackURL %q: %v", callbackURL, err) return "", fmt.Errorf("failed to parse callbackURL %q: %v", callbackURL, err)
...@@ -39,7 +41,7 @@ func (m mockConnector) LoginURL(callbackURL, state string) (string, error) { ...@@ -39,7 +41,7 @@ func (m mockConnector) LoginURL(callbackURL, state string) (string, error) {
var connectorData = []byte("foobar") var connectorData = []byte("foobar")
func (m mockConnector) HandleCallback(r *http.Request) (connector.Identity, string, error) { func (m callbackConnector) HandleCallback(r *http.Request) (connector.Identity, string, error) {
return connector.Identity{ return connector.Identity{
UserID: "0-385-28089-0", UserID: "0-385-28089-0",
Username: "Kilgore Trout", Username: "Kilgore Trout",
...@@ -49,17 +51,54 @@ func (m mockConnector) HandleCallback(r *http.Request) (connector.Identity, stri ...@@ -49,17 +51,54 @@ func (m mockConnector) HandleCallback(r *http.Request) (connector.Identity, stri
}, r.URL.Query().Get("state"), nil }, r.URL.Query().Get("state"), nil
} }
func (m mockConnector) Groups(identity connector.Identity) ([]string, error) { func (m callbackConnector) Groups(identity connector.Identity) ([]string, error) {
if !bytes.Equal(identity.ConnectorData, connectorData) { if !bytes.Equal(identity.ConnectorData, connectorData) {
return nil, errors.New("connector data mismatch") return nil, errors.New("connector data mismatch")
} }
return []string{"authors"}, nil return []string{"authors"}, nil
} }
// Config holds the configuration parameters for the mock connector. // CallbackConfig holds the configuration parameters for a connector which requires no interaction.
type Config struct{} type CallbackConfig struct{}
// Open returns an authentication strategy which requires no user interaction. // Open returns an authentication strategy which requires no user interaction.
func (c *Config) Open() (connector.Connector, error) { func (c *CallbackConfig) Open() (connector.Connector, error) {
return New(), nil return NewCallbackConnector(), nil
}
// PasswordConfig holds the configuration for a mock connector which prompts for the supplied
// username and password.
type PasswordConfig struct {
Username string `yaml:"username"`
Password string `yaml:"password"`
}
// Open returns an authentication strategy which prompts for a predefined username and password.
func (c *PasswordConfig) Open() (connector.Connector, error) {
if c.Username == "" {
return nil, errors.New("no username supplied")
}
if c.Password == "" {
return nil, errors.New("no password supplied")
}
return &passwordConnector{c.Username, c.Password}, nil
}
type passwordConnector struct {
username string
password string
}
func (p passwordConnector) Close() error { return nil }
func (p passwordConnector) Login(username, password string) (identity connector.Identity, validPassword bool, err error) {
if username == p.username && password == p.password {
return connector.Identity{
UserID: "0-385-28089-0",
Username: "Kilgore Trout",
Email: "kilgore@kilgore.trout",
EmailVerified: true,
}, true, nil
}
return identity, false, nil
} }
...@@ -7,25 +7,15 @@ web: ...@@ -7,25 +7,15 @@ web:
http: 127.0.0.1:5556 http: 127.0.0.1:5556
connectors: connectors:
- type: mock - type: mockCallback
id: mock id: mock-callback
name: Mock name: Mock
- type: github - type: mockPassword
id: github id: mock-password
name: GitHub name: Password
config: config:
clientID: "$GITHUB_CLIENT_ID" username: "admin"
clientSecret: "$GITHUB_CLIENT_SECRET" password: "PASSWORD"
redirectURI: http://127.0.0.1:5556/callback/github
org: kubernetes
- type: oidc
id: google
name: Google Account
config:
issuer: https://accounts.google.com
clientID: "$GOOGLE_OAUTH2_CLIENT_ID"
clientSecret: "$GOOGLE_OAUTH2_CLIENT_SECRET"
redirectURI: http://127.0.0.1:5556/callback/google
staticClients: staticClients:
- id: example-app - id: example-app
......
...@@ -129,15 +129,16 @@ func (s *Server) handleAuthorization(w http.ResponseWriter, r *http.Request) { ...@@ -129,15 +129,16 @@ func (s *Server) handleAuthorization(w http.ResponseWriter, r *http.Request) {
connectorInfos := make([]connectorInfo, len(s.connectors)) connectorInfos := make([]connectorInfo, len(s.connectors))
i := 0 i := 0
for id := range s.connectors { for id, conn := range s.connectors {
connectorInfos[i] = connectorInfo{ connectorInfos[i] = connectorInfo{
DisplayName: id, ID: id,
URL: s.absPath("/auth", id), Name: conn.DisplayName,
URL: s.absPath("/auth", id),
} }
i++ i++
} }
renderLoginOptions(w, connectorInfos, state) s.templates.login(w, connectorInfos, state)
} }
func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) { func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
...@@ -163,7 +164,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) { ...@@ -163,7 +164,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
} }
http.Redirect(w, r, callbackURL, http.StatusFound) http.Redirect(w, r, callbackURL, http.StatusFound)
case connector.PasswordConnector: case connector.PasswordConnector:
renderPasswordTmpl(w, state, r.URL.String(), "") s.templates.password(w, state, r.URL.String(), "", false)
default: default:
s.notFound(w, r) s.notFound(w, r)
} }
...@@ -174,7 +175,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) { ...@@ -174,7 +175,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
return return
} }
username := r.FormValue("username") username := r.FormValue("login")
password := r.FormValue("password") password := r.FormValue("password")
identity, ok, err := passwordConnector.Login(username, password) identity, ok, err := passwordConnector.Login(username, password)
...@@ -184,7 +185,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) { ...@@ -184,7 +185,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
return return
} }
if !ok { if !ok {
renderPasswordTmpl(w, state, r.URL.String(), "Invalid credentials") s.templates.password(w, state, r.URL.String(), username, true)
return return
} }
redirectURL, err := s.finalizeLogin(identity, state, connID, conn.Connector) redirectURL, err := s.finalizeLogin(identity, state, connID, conn.Connector)
...@@ -299,7 +300,7 @@ func (s *Server) handleApproval(w http.ResponseWriter, r *http.Request) { ...@@ -299,7 +300,7 @@ func (s *Server) handleApproval(w http.ResponseWriter, r *http.Request) {
s.renderError(w, http.StatusInternalServerError, errServerError, "") s.renderError(w, http.StatusInternalServerError, errServerError, "")
return return
} }
renderApprovalTmpl(w, authReq.ID, *authReq.Claims, client, authReq.Scopes) s.templates.approval(w, authReq.ID, authReq.Claims.Username, client.Name, authReq.Scopes)
case "POST": case "POST":
if r.FormValue("approval") != "approve" { if r.FormValue("approval") != "approve" {
s.renderError(w, http.StatusInternalServerError, "approval rejected", "") s.renderError(w, http.StatusInternalServerError, "approval rejected", "")
......
...@@ -43,6 +43,8 @@ type Config struct { ...@@ -43,6 +43,8 @@ type Config struct {
// If specified, the server will use this function for determining time. // If specified, the server will use this function for determining time.
Now func() time.Time Now func() time.Time
TemplateConfig TemplateConfig
} }
func value(val, defaultValue time.Duration) time.Duration { func value(val, defaultValue time.Duration) time.Duration {
...@@ -63,6 +65,8 @@ type Server struct { ...@@ -63,6 +65,8 @@ type Server struct {
mux http.Handler mux http.Handler
templates *templates
// If enabled, don't prompt user for approval after logging in through connector. // If enabled, don't prompt user for approval after logging in through connector.
// No package level API to set this, only used in tests. // No package level API to set this, only used in tests.
skipApproval bool skipApproval bool
...@@ -107,6 +111,11 @@ func newServer(c Config, rotationStrategy rotationStrategy) (*Server, error) { ...@@ -107,6 +111,11 @@ func newServer(c Config, rotationStrategy rotationStrategy) (*Server, error) {
supported[respType] = true supported[respType] = true
} }
tmpls, err := loadTemplates(c.TemplateConfig)
if err != nil {
return nil, fmt.Errorf("server: failed to load templates: %v", err)
}
now := c.Now now := c.Now
if now == nil { if now == nil {
now = time.Now now = time.Now
...@@ -124,6 +133,7 @@ func newServer(c Config, rotationStrategy rotationStrategy) (*Server, error) { ...@@ -124,6 +133,7 @@ func newServer(c Config, rotationStrategy rotationStrategy) (*Server, error) {
supportedResponseTypes: supported, supportedResponseTypes: supported,
idTokensValidFor: value(c.IDTokensValidFor, 24*time.Hour), idTokensValidFor: value(c.IDTokensValidFor, 24*time.Hour),
now: now, now: now,
templates: tmpls,
} }
for _, conn := range c.Connectors { for _, conn := range c.Connectors {
......
...@@ -64,7 +64,7 @@ FDWV28nTP9sqbtsmU8Tem2jzMvZ7C/Q0AuDoKELFUpux8shm8wfIhyaPnXUGZoAZ ...@@ -64,7 +64,7 @@ FDWV28nTP9sqbtsmU8Tem2jzMvZ7C/Q0AuDoKELFUpux8shm8wfIhyaPnXUGZoAZ
Np4vUwMSYV5mopESLWOg3loBxKyLGFtgGKVCjGiQvy6zISQ4fQo= Np4vUwMSYV5mopESLWOg3loBxKyLGFtgGKVCjGiQvy6zISQ4fQo=
-----END RSA PRIVATE KEY-----`) -----END RSA PRIVATE KEY-----`)
func newTestServer(updateConfig func(c *Config)) (*httptest.Server, *Server) { func newTestServer(t *testing.T, updateConfig func(c *Config)) (*httptest.Server, *Server) {
var server *Server var server *Server
s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
server.ServeHTTP(w, r) server.ServeHTTP(w, r)
...@@ -76,7 +76,7 @@ func newTestServer(updateConfig func(c *Config)) (*httptest.Server, *Server) { ...@@ -76,7 +76,7 @@ func newTestServer(updateConfig func(c *Config)) (*httptest.Server, *Server) {
{ {
ID: "mock", ID: "mock",
DisplayName: "Mock", DisplayName: "Mock",
Connector: mock.New(), Connector: mock.NewCallbackConnector(),
}, },
}, },
} }
...@@ -87,21 +87,21 @@ func newTestServer(updateConfig func(c *Config)) (*httptest.Server, *Server) { ...@@ -87,21 +87,21 @@ func newTestServer(updateConfig func(c *Config)) (*httptest.Server, *Server) {
var err error var err error
if server, err = newServer(config, staticRotationStrategy(testKey)); err != nil { if server, err = newServer(config, staticRotationStrategy(testKey)); err != nil {
panic(err) t.Fatal(err)
} }
server.skipApproval = true // Don't prompt for approval, just immediately redirect with code. server.skipApproval = true // Don't prompt for approval, just immediately redirect with code.
return s, server return s, server
} }
func TestNewTestServer(t *testing.T) { func TestNewTestServer(t *testing.T) {
newTestServer(nil) newTestServer(t, nil)
} }
func TestDiscovery(t *testing.T) { func TestDiscovery(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())
defer cancel() defer cancel()
httpServer, _ := newTestServer(func(c *Config) { httpServer, _ := newTestServer(t, func(c *Config) {
c.Issuer = c.Issuer + "/non-root-path" c.Issuer = c.Issuer + "/non-root-path"
}) })
defer httpServer.Close() defer httpServer.Close()
...@@ -129,7 +129,7 @@ func TestOAuth2CodeFlow(t *testing.T) { ...@@ -129,7 +129,7 @@ func TestOAuth2CodeFlow(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())
defer cancel() defer cancel()
httpServer, s := newTestServer(func(c *Config) { httpServer, s := newTestServer(t, func(c *Config) {
c.Issuer = c.Issuer + "/non-root-path" c.Issuer = c.Issuer + "/non-root-path"
}) })
defer httpServer.Close() defer httpServer.Close()
...@@ -255,7 +255,7 @@ func TestOAuth2ImplicitFlow(t *testing.T) { ...@@ -255,7 +255,7 @@ func TestOAuth2ImplicitFlow(t *testing.T) {
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())
defer cancel() defer cancel()
httpServer, s := newTestServer(func(c *Config) { httpServer, s := newTestServer(t, func(c *Config) {
// Enable support for the implicit flow. // Enable support for the implicit flow.
c.SupportedResponseTypes = []string{"code", "token"} c.SupportedResponseTypes = []string{"code", "token"}
}) })
......
package server package server
import ( import (
"fmt"
"io"
"io/ioutil"
"log" "log"
"net/http" "net/http"
"path/filepath"
"sort"
"text/template" "text/template"
)
"github.com/coreos/dex/storage" const (
tmplApproval = "approval.html"
tmplLogin = "login.html"
tmplPassword = "password.html"
) )
const coreOSLogoURL = "https://coreos.com/assets/images/brand/coreos-wordmark-135x40px.png"
var requiredTmpls = []string{
tmplApproval,
tmplLogin,
tmplPassword,
}
// TemplateConfig describes.
type TemplateConfig struct {
// Directory of the templates. If empty, these will be loaded from memory.
Dir string `yaml:"dir"`
// Defaults to the CoreOS logo and "dex".
LogoURL string `yaml:"logoURL"`
Issuer string `yaml:"issuerName"`
}
type globalData struct {
LogoURL string
Issuer string
}
func loadTemplates(config TemplateConfig) (*templates, error) {
var tmpls *template.Template
if config.Dir != "" {
files, err := ioutil.ReadDir(config.Dir)
if err != nil {
return nil, fmt.Errorf("read dir: %v", err)
}
filenames := []string{}
for _, file := range files {
if file.IsDir() {
continue
}
filenames = append(filenames, filepath.Join(config.Dir, file.Name()))
}
if len(filenames) == 0 {
return nil, fmt.Errorf("no files in template dir %s", config.Dir)
}
if tmpls, err = template.ParseFiles(filenames...); err != nil {
return nil, fmt.Errorf("parse files: %v", err)
}
} else {
// Load templates from memory. This code is largely copied from the standard library's
// ParseFiles source code.
// See: https://goo.gl/6Wm4mN
for name, data := range defaultTemplates {
var t *template.Template
if tmpls == nil {
tmpls = template.New(name)
}
if name == tmpls.Name() {
t = tmpls
} else {
t = tmpls.New(name)
}
if _, err := t.Parse(data); err != nil {
return nil, fmt.Errorf("parsing %s: %v", name, err)
}
}
}
missingTmpls := []string{}
for _, tmplName := range requiredTmpls {
if tmpls.Lookup(tmplName) == nil {
missingTmpls = append(missingTmpls, tmplName)
}
}
if len(missingTmpls) > 0 {
return nil, fmt.Errorf("missing template(s): %s", missingTmpls)
}
if config.LogoURL == "" {
config.LogoURL = coreOSLogoURL
}
if config.Issuer == "" {
config.Issuer = "dex"
}
return &templates{
globalData: config,
loginTmpl: tmpls.Lookup(tmplLogin),
approvalTmpl: tmpls.Lookup(tmplApproval),
passwordTmpl: tmpls.Lookup(tmplPassword),
}, nil
}
var scopeDescriptions = map[string]string{
"offline_access": "Have offline access",
"profile": "View basic profile information",
"email": "View your email",
}
type templates struct {
globalData TemplateConfig
loginTmpl *template.Template
approvalTmpl *template.Template
passwordTmpl *template.Template
}
type connectorInfo struct { type connectorInfo struct {
DisplayName string ID string
URL string Name string
URL string
} }
var loginTmpl = template.Must(template.New("login-template").Parse(`<html> type byName []connectorInfo
<head></head>
<body> func (n byName) Len() int { return len(n) }
<p>Login options</p> func (n byName) Less(i, j int) bool { return n[i].Name < n[j].Name }
{{ range $i, $connector := .Connectors }} func (n byName) Swap(i, j int) { n[i], n[j] = n[j], n[i] }
<a href="{{ $connector.URL }}?state={{ $.State }}">{{ $connector.DisplayName }}</a>
{{ end }} func (t *templates) login(w http.ResponseWriter, connectors []connectorInfo, state string) {
</body> sort.Sort(byName(connectors))
</html>`))
func renderLoginOptions(w http.ResponseWriter, connectors []connectorInfo, state string) {
data := struct { data := struct {
TemplateConfig
Connectors []connectorInfo Connectors []connectorInfo
State string State string
}{connectors, state} }{t.globalData, connectors, state}
renderTemplate(w, loginTmpl, data) renderTemplate(w, t.loginTmpl, data)
} }
var passwordTmpl = template.Must(template.New("password-template").Parse(`<html> func (t *templates) password(w http.ResponseWriter, state, callback, lastUsername string, lastWasInvalid bool) {
<body>
<p>Login</p>
<form action="{{ .Callback }}" method="POST">
Login: <input type="text" name="login"/><br/>
Password: <input type="password" name="password"/><br/>
<input type="hidden" name="state" value="{{ .State }}"/>
<input type="submit"/>
{{ if .Message }}
<p>Error: {{ .Message }}</p>
{{ end }}
</form>
</body>
</html>`))
func renderPasswordTmpl(w http.ResponseWriter, state, callback, message string) {
data := struct { data := struct {
TemplateConfig
State string State string
Callback string PostURL string
Message string Username string
}{state, callback, message} Invalid bool
renderTemplate(w, passwordTmpl, data) }{t.globalData, state, callback, lastUsername, lastWasInvalid}
renderTemplate(w, t.passwordTmpl, data)
} }
var approvalTmpl = template.Must(template.New("approval-template").Parse(`<html> func (t *templates) approval(w http.ResponseWriter, state, username, clientName string, scopes []string) {
<body> accesses := []string{}
<p>User: {{ .User }}</p> for _, scope := range scopes {
<p>Client: {{ .ClientName }}</p> access, ok := scopeDescriptions[scope]
<form method="post"> if ok {
<input type="hidden" name="state" value="{{ .State }}"/> accesses = append(accesses, access)
<input type="hidden" name="approval" value="approve"> }
<button type="submit">Approve</button> }
</form> sort.Strings(accesses)
<form method="post">
<input type="hidden" name="state" value="{{ .State }}"/>
<input type="hidden" name="approval" value="reject">
<button type="submit">Reject</button>
</form>
</body>
</html>`))
func renderApprovalTmpl(w http.ResponseWriter, state string, identity storage.Claims, client storage.Client, scopes []string) {
data := struct { data := struct {
User string TemplateConfig
ClientName string User string
State string Client string
}{identity.Email, client.Name, state} State string
renderTemplate(w, approvalTmpl, data) Scopes []string
}{t.globalData, username, clientName, state, accesses}
renderTemplate(w, t.approvalTmpl, data)
} }
func renderTemplate(w http.ResponseWriter, tmpl *template.Template, data interface{}) { // small io.Writer utilitiy to determine if executing the template wrote to the underlying response writer.
err := tmpl.Execute(w, data) type writeRecorder struct {
if err == nil { wrote bool
return w io.Writer
} }
func (w *writeRecorder) Write(p []byte) (n int, err error) {
w.wrote = true
return w.w.Write(p)
}
switch err := err.(type) { func renderTemplate(w http.ResponseWriter, tmpl *template.Template, data interface{}) {
case template.ExecError: wr := &writeRecorder{w: w}
// An ExecError guarentees that Execute has not written to the underlying reader. if err := tmpl.Execute(wr, data); err != nil {
log.Printf("Error rendering template %s: %s", tmpl.Name(), err) log.Printf("Error rendering template %s: %s", tmpl.Name(), err)
// TODO(ericchiang): replace with better internal server error. if !wr.wrote {
http.Error(w, "Internal server error", http.StatusInternalServerError) // TODO(ericchiang): replace with better internal server error.
default: http.Error(w, "Internal server error", http.StatusInternalServerError)
// An error with the underlying write, such as the connection being }
// dropped. Ignore for now.
} }
return
} }
This diff is collapsed.
// +build ignore
package main
import (
"bytes"
"fmt"
"io/ioutil"
"log"
"os/exec"
"path/filepath"
)
// ignoreFile uses "git check-ignore" to determine if we should ignore a file.
func ignoreFile(p string) (ok bool, err error) {
err = exec.Command("git", "check-ignore", p).Run()
if err == nil {
return true, nil
}
exitErr, ok := err.(*exec.ExitError)
if ok {
if sys := exitErr.Sys(); sys != nil {
e, ok := sys.(interface {
// Is the returned value something that returns an exit status?
ExitStatus() int
})
if ok && e.ExitStatus() == 1 {
return false, nil
}
}
}
return false, err
}
type fileData struct {
name string
data string
}
func main() {
dir, err := ioutil.ReadDir("web/templates")
if err != nil {
log.Fatal(err)
}
files := []fileData{}
for _, file := range dir {
p := filepath.Join("web/templates", file.Name())
ignore, err := ignoreFile(p)
if err != nil {
log.Fatal(err)
}
if ignore {
continue
}
data, err := ioutil.ReadFile(p)
if err != nil {
log.Fatal(err)
}
files = append(files, fileData{file.Name(), string(data)})
}
f := new(bytes.Buffer)
fmt.Fprintln(f, "// This file was generated by the makefile. Do not edit.")
fmt.Fprintln(f)
fmt.Fprintln(f, "package server")
fmt.Fprintln(f)
fmt.Fprintln(f, "// defaultTemplates is a key for file name to file data of the files in web/templates.")
fmt.Fprintln(f, "var defaultTemplates = map[string]string{")
for _, file := range files {
fmt.Fprintf(f, "\t%q: %q,\n", file.name, file.data)
}
fmt.Fprintln(f, "}")
if err := ioutil.WriteFile("server/templates_default.go", f.Bytes(), 0644); err != nil {
log.Fatal(err)
}
}
package server package server
import "testing"
func TestNewTemplates(t *testing.T) {
var config TemplateConfig
if _, err := loadTemplates(config); err != nil {
t.Fatal(err)
}
}
func TestLoadTemplates(t *testing.T) {
var config TemplateConfig
config.Dir = "../web/templates"
}
{{ template "header.html" . }}
<div class="panel">
<h2 class="heading">Grant Access</h2>
<hr>
<div class="list-with-title">
<div class="subtle-text">{{ .Client }} would like to:</div>
{{ range $scope := .Scopes }}
<li class="bullet-point">
<div class="subtle-text">
{{ $scope }}
</div>
</li>
{{ end }}
</div>
<hr>
<div>
<div class="form-row">
<form method="post">
<input type="hidden" name="state" value="{{ .State }}"/>
<input type="hidden" name="approval" value="approve">
<button type="submit" class="btn btn-success">
<span class="btn-text">Grant Access</span>
</button>
</form>
</div>
<div class="form-row">
<form method="post">
<input type="hidden" name="state" value="{{ .State }}"/>
<input type="hidden" name="approval" value="rejected">
<button type="submit" class="btn btn-provider">
<span class="btn-text">Cancel</span>
</button>
</form>
</div>
</div>
</div>
{{ template "footer.html" . }}
</div>
</body>
</html>
This diff is collapsed.
{{ template "header.html" . }}
<div class="panel">
<h2 class="heading">Log in to {{ .Issuer }} </h2>
<div>
{{ range $c := .Connectors }}
<div class="form-row">
<a href="{{ $c.URL }}?state={{ $.State }}" target="_self">
<button class="btn btn-provider">
<span class="btn-icon btn-icon-{{ $c.ID }}"></span>
<span class="btn-text">Log in with {{ $c.Name }}</span>
</button>
</a>
</div>
{{ end }}
</div>
</div>
{{ template "footer.html" . }}
{{ template "header.html" . }}
<div class="panel">
<h2 class="heading">Log in to Your Account</h2>
<form method="post" action="{{ .PostURL }}">
<div class="form-row">
<div class="input-desc">
<label for="userid">Username</label>
</div>
<input tabindex="1" required id="login" name="login" type="text" class="input-box" placeholder="username" {{ if .Username }}value="{{ .Username }}" {{ else }} autofocus {{ end }}/>
</div>
<div class="form-row">
<div class="input-desc">
<label for="password">Password</label>
</div>
<input tabindex="2" required id="password" name="password" type="password" class="input-box" placeholder="password" {{ if .Invalid }} autofocus {{ end }}/>
</div>
<input type="hidden" name="state" value="{{ .State }}"/>
{{ if .Invalid }}
<div class="error-box">
Invalid username and password.
</div>
{{ end }}
<button tabindex="3" type="submit" class="btn btn-primary">Login</button>
</form>
</div>
{{ template "footer.html" . }}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment