Merge pull request #70 from jehiah/templates_dir_70

Custom Sign In Template Support
2015-03-17 23:18:00 -04:00 · 2015-03-17 23:18:00 -04:00 · 85e025db25
parent b2dfbd8564 2b2324e410
commit 85e025db25
6 changed files with 27 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -75,6 +75,7 @@ Usage of google_auth_proxy:
  -pass-host-header=true: pass the request Host Header to upstream
  -redirect-url="": the OAuth Redirect URL. ie: "https://internalapp.yourcompany.com/oauth2/callback"
  -skip-auth-regex=: bypass authentication for requests path's that match (may be given multiple times)
+  -custom templates-dir="": path to custom html templates
  -upstream=: the http url(s) of the upstream endpoint. If multiple, routing is based on path
  -version=false: print version string
 ```
--- a/contrib/google_auth_proxy.cfg.example
+++ b/contrib/google_auth_proxy.cfg.example
@ -36,6 +36,10 @@
 ## enabling exposes a username/login signin form
 # htpasswd_file = ""

+## Templates
+## optional directory with custom sign_in.html and error.html
+# custom_templates_dir = ""
+

 ## Cookie Settings
 ## Secret - the seed string for secure cookies
--- a/main.go
+++ b/main.go
@ -38,6 +38,7 @@ func main() {
 	flagSet.String("authenticated-emails-file", "", "authenticate against emails via file (one per line)")
 	flagSet.String("htpasswd-file", "", "additionally authenticate against a htpasswd file. Entries must be created with \"htpasswd -s\" for SHA encryption")
 	flagSet.Bool("display-htpasswd-form", true, "display username / password login form if an htpasswd file is provided")
+	flagSet.String("custom-templates-dir", "", "path to custom html templates")

 	flagSet.String("cookie-secret", "", "the seed string for secure cookies")
 	flagSet.String("cookie-domain", "", "an optional cookie domain to force cookies to (ie: .yourcompany.com)*")
--- a/oauthproxy.go
+++ b/oauthproxy.go
@ -5,6 +5,7 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
+	"html/template"
 	"io/ioutil"
 	"log"
 	"net/http"
@ -44,6 +45,7 @@ type OauthProxy struct {
 	PassBasicAuth       bool
 	skipAuthRegex       []string
 	compiledRegex       []*regexp.Regexp
+	templates           *template.Template
 }

 func NewReverseProxy(target *url.URL) (proxy *httputil.ReverseProxy) {
@ -103,6 +105,7 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy {
 		skipAuthRegex:      opts.SkipAuthRegex,
 		compiledRegex:      opts.CompiledRegex,
 		PassBasicAuth:      opts.PassBasicAuth,
+		templates:          loadTemplates(opts.CustomTemplatesDir),
 	}
 }

@ -245,7 +248,6 @@ func (p *OauthProxy) PingPage(rw http.ResponseWriter) {
 func (p *OauthProxy) ErrorPage(rw http.ResponseWriter, code int, title string, message string) {
 	log.Printf("ErrorPage %d %s %s", code, title, message)
 	rw.WriteHeader(code)
-	templates := getTemplates()
 	t := struct {
 		Title   string
 		Message string
@ -253,13 +255,12 @@ func (p *OauthProxy) ErrorPage(rw http.ResponseWriter, code int, title string, m
 		Title:   fmt.Sprintf("%d %s", code, title),
 		Message: message,
 	}
-	templates.ExecuteTemplate(rw, "error.html", t)
+	p.templates.ExecuteTemplate(rw, "error.html", t)
 }

 func (p *OauthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code int) {
 	p.ClearCookie(rw, req)
 	rw.WriteHeader(code)
-	templates := getTemplates()

 	t := struct {
 		SignInMessage string
@ -272,7 +273,7 @@ func (p *OauthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code
 		Redirect:      req.URL.RequestURI(),
 		Version:       VERSION,
 	}
-	templates.ExecuteTemplate(rw, "sign_in.html", t)
+	p.templates.ExecuteTemplate(rw, "sign_in.html", t)
 }

 func (p *OauthProxy) ManualSignIn(rw http.ResponseWriter, req *http.Request) (string, bool) {
--- a/options.go
+++ b/options.go
@ -19,6 +19,7 @@ type Options struct {
 	GoogleAppsDomains       []string `flag:"google-apps-domain" cfg:"google_apps_domains"`
 	HtpasswdFile            string   `flag:"htpasswd-file" cfg:"htpasswd_file"`
 	DisplayHtpasswdForm     bool     `flag:"display-htpasswd-form" cfg:"display_htpasswd_form"`
+	CustomTemplatesDir      string   `flag:"custom-templates-dir" cfg:"custom_templates_dir"`

 	CookieSecret    string        `flag:"cookie-secret" cfg:"cookie_secret" env:"GOOGLE_AUTH_PROXY_COOKIE_SECRET"`
 	CookieDomain    string        `flag:"cookie-domain" cfg:"cookie_domain" env:"GOOGLE_AUTH_PROXY_COOKIE_DOMAIN"`
--- a/templates.go
+++ b/templates.go
@ -3,8 +3,21 @@ package main
 import (
 	"html/template"
 	"log"
+	"path"
 )

+func loadTemplates(dir string) *template.Template {
+	if dir == "" {
+		return getTemplates()
+	}
+	log.Printf("using custom template directory %q", dir)
+	t, err := template.New("").ParseFiles(path.Join(dir, "sign_in.html"), path.Join(dir, "error.html"))
+	if err != nil {
+		log.Fatalf("failed parsing template %s", err)
+	}
+	return t
+}
+
 func getTemplates() *template.Template {
 	t, err := template.New("foo").Parse(`{{define "sign_in.html"}}
 <!DOCTYPE html>
@ -123,7 +136,7 @@ func getTemplates() *template.Template {
 </html>
 {{end}}`)
 	if err != nil {
-		log.Fatalf("failed parsing template %s", err.Error())
+		log.Fatalf("failed parsing template %s", err)
 	}

 	t, err = t.Parse(`{{define "error.html"}}
@ -141,7 +154,7 @@ func getTemplates() *template.Template {
 </body>
 </html>{{end}}`)
 	if err != nil {
-		log.Fatalf("failed parsing template %s", err.Error())
+		log.Fatalf("failed parsing template %s", err)
 	}
 	return t
 }