mirror of
https://github.com/mickael-kerjean/filestash
synced 2025-12-06 08:22:24 +01:00
84 lines
3 KiB
Go
84 lines
3 KiB
Go
package plg_authenticate_passthrough
|
|
|
|
import (
|
|
"fmt"
|
|
"html"
|
|
"net/http"
|
|
|
|
. "github.com/mickael-kerjean/filestash/server/common"
|
|
)
|
|
|
|
func init() {
|
|
Hooks.Register.AuthenticationMiddleware("passthrough", Passthrough{})
|
|
}
|
|
|
|
type Passthrough struct{}
|
|
|
|
func (this Passthrough) Setup() Form {
|
|
return Form{
|
|
Elmnts: []FormElement{
|
|
{
|
|
Name: "type",
|
|
Type: "hidden",
|
|
Value: "passthrough",
|
|
},
|
|
{
|
|
Name: "strategy",
|
|
Type: "select",
|
|
Value: "direct",
|
|
Opts: []string{"direct", "password_only", "username_and_password"},
|
|
Description: `This plugin has 3 base strategies:
|
|
1. The 'direct' strategy will redirect the user to your storage without asking for anything and use whatever is configured in the attribute mapping section.
|
|
2. The 'password_only' strategy will redirect the user to a page asking for a password which you can map to a field in the attribute mapping section like this: {{ .password }}
|
|
3. The 'username_and_password' strategy is similar to the 'password_only' strategy but you will see in the login page both a username and password field which can be used fom the attribute mapping section like this: {{ .user }} {{ .password }}`,
|
|
},
|
|
},
|
|
}
|
|
}
|
|
|
|
func (this Passthrough) EntryPoint(idpParams map[string]string, req *http.Request, res http.ResponseWriter) error {
|
|
res.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
getParams := "?label=" + html.EscapeString(req.URL.Query().Get("label")) + "&state=" + html.EscapeString(req.URL.Query().Get("state"))
|
|
switch idpParams["strategy"] {
|
|
case "direct":
|
|
res.WriteHeader(http.StatusOK)
|
|
res.Write([]byte(Page(`
|
|
<form action="` + WithBase("/api/session/auth/"+getParams) + `" method="post"></form>
|
|
<script>document.querySelector("form").submit();</script>
|
|
`)))
|
|
case "password_only":
|
|
res.WriteHeader(http.StatusOK)
|
|
res.Write([]byte(Page(`
|
|
<form action="` + WithBase("/api/session/auth/"+getParams) + `" method="post">
|
|
<label>
|
|
<input type="password" name="password" value="" placeholder="Password" />
|
|
</label>
|
|
<button>CONNECT</button>
|
|
</form>
|
|
`)))
|
|
case "username_and_password":
|
|
res.WriteHeader(http.StatusOK)
|
|
res.Write([]byte(Page(`
|
|
<form action="` + WithBase("/api/session/auth/"+getParams) + `" method="post">
|
|
<label>
|
|
<input type="text" name="user" value="" placeholder="User" />
|
|
</label>
|
|
<label>
|
|
<input type="password" name="password" value="" placeholder="Password" />
|
|
</label>
|
|
<button>CONNECT</button>
|
|
</form>
|
|
`)))
|
|
default:
|
|
res.WriteHeader(http.StatusNotFound)
|
|
res.Write([]byte(Page(fmt.Sprintf("Unknown strategy: '%s'", idpParams["strategy"]))))
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (this Passthrough) Callback(formData map[string]string, idpParams map[string]string, res http.ResponseWriter) (map[string]string, error) {
|
|
return map[string]string{
|
|
"user": formData["user"],
|
|
"password": formData["password"],
|
|
}, nil
|
|
}
|