-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth_provider.go
68 lines (59 loc) · 2.35 KB
/
auth_provider.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
package main
import (
"context"
"net/http"
)
// Full list of attributes is here:
// https://webauth.service.ohio-state.edu/~shibboleth/user-attribute-reference.html (https://archive.is/H9bOB)
//
// Note that OSUCyber is only authorized for a subset of these attributes. As of 2024-10-23, this is:
// sn, IDMUID, displayName, eduPersonScopedAffiliation, employeeNumber, givenName, mail, SessionIndex, eduPersonPrincipalName
type OSUAttributes struct {
// This attribute is `sn` in the OSU Shibboleth user attribute reference.
Surname string
// This attribute is `IDM ID` in the OSU Shibboleth user attribute reference.
IDMUID string
// This attribute is `displayName` in the OSU Shibboleth user attribute reference.
DisplayName string
// This attribute is `eduPersonScopedAffiliation` in the OSU Shibboleth user attribute reference.
Affiliations []string
// This attribute is `employeeNumber` in the OSU Shibboleth user attribute reference.
BuckID string
// This attribute is `givenName` in the OSU Shibboleth user attribute reference.
GivenName string
// This attribute is `mail` in the OSU Shibboleth user attribute reference.
Email string
// This attribute is `SessionIndex` in the OSU Shibboleth user attribute reference.
SessionIndex string
}
type AuthProvider interface {
attributesFromContext(ctx context.Context) *OSUAttributes
requireAuth(handler http.Handler) http.Handler
globalLogout(w http.ResponseWriter, r *http.Request)
logout(w http.ResponseWriter, r *http.Request)
}
type MockAuthProvider struct{}
func (m MockAuthProvider) attributesFromContext(ctx context.Context) *OSUAttributes {
return &OSUAttributes{
GivenName: "Brutus",
Surname: "Buckeye",
DisplayName: "Brutus Buckeye",
BuckID: "500123456",
IDMUID: "IDM123456789",
Email: "[email protected]",
Affiliations: []string{"[email protected]", "[email protected]"},
SessionIndex: "_0123456789abcdef01234566890abcde",
}
}
func (m MockAuthProvider) requireAuth(handler http.Handler) http.Handler {
return handler
}
func (m MockAuthProvider) globalLogout(w http.ResponseWriter, r *http.Request) {
w.Header().Add("Location", "https://webauth.service.ohio-state.edu/cgi-bin/logout.cgi")
w.WriteHeader(http.StatusFound)
}
func (m MockAuthProvider) logout(w http.ResponseWriter, r *http.Request) {
}
func mockAuthProvider() *MockAuthProvider {
return &MockAuthProvider{}
}