mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2025-10-28 04:35:40 +00:00
fix: fix docker label matching logic
This commit is contained in:
Stavros
@@ -234,7 +234,7 @@ func (auth *Auth) RecordLoginAttempt(identifier string, success bool) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (auth *Auth) EmailWhitelisted(email string) bool {
|
func (auth *Auth) EmailWhitelisted(email string) bool {
|
||||||
return utils.CheckFilter(auth.Config.OauthWhitelist, email, true)
|
return utils.CheckFilter(auth.Config.OauthWhitelist, email)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (auth *Auth) CreateSessionCookie(c *gin.Context, data *types.SessionCookie) error {
|
func (auth *Auth) CreateSessionCookie(c *gin.Context, data *types.SessionCookie) error {
|
||||||
@@ -368,13 +368,13 @@ func (auth *Auth) ResourceAllowed(c *gin.Context, context types.UserContext, lab
|
|||||||
// Check if oauth is allowed
|
// Check if oauth is allowed
|
||||||
if context.OAuth {
|
if context.OAuth {
|
||||||
log.Debug().Msg("Checking OAuth whitelist")
|
log.Debug().Msg("Checking OAuth whitelist")
|
||||||
return utils.CheckFilter(labels.OAuth.Whitelist, context.Email, true)
|
return utils.CheckFilter(labels.OAuth.Whitelist, context.Email)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check users
|
// Check users
|
||||||
log.Debug().Msg("Checking users")
|
log.Debug().Msg("Checking users")
|
||||||
|
|
||||||
return utils.CheckFilter(labels.Users, context.Username, true)
|
return utils.CheckFilter(labels.Users, context.Username)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (auth *Auth) OAuthGroup(c *gin.Context, context types.UserContext, labels types.Labels) bool {
|
func (auth *Auth) OAuthGroup(c *gin.Context, context types.UserContext, labels types.Labels) bool {
|
||||||
@@ -394,7 +394,7 @@ func (auth *Auth) OAuthGroup(c *gin.Context, context types.UserContext, labels t
|
|||||||
|
|
||||||
// For every group check if it is in the required groups
|
// For every group check if it is in the required groups
|
||||||
for _, group := range oauthGroups {
|
for _, group := range oauthGroups {
|
||||||
if utils.CheckFilter(labels.OAuth.Groups, group, true) {
|
if utils.CheckFilter(labels.OAuth.Groups, group) {
|
||||||
log.Debug().Str("group", group).Msg("Group is in required groups")
|
log.Debug().Str("group", group).Msg("Group is in required groups")
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -69,7 +69,7 @@ func (docker *Docker) DockerConnected() bool {
|
|||||||
return err == nil
|
return err == nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (docker *Docker) GetLabels(id string, domain string) (types.Labels, error) {
|
func (docker *Docker) GetLabels(app string, domain string) (types.Labels, error) {
|
||||||
// Check if we have access to the Docker API
|
// Check if we have access to the Docker API
|
||||||
isConnected := docker.DockerConnected()
|
isConnected := docker.DockerConnected()
|
||||||
|
|
||||||
@@ -112,9 +112,16 @@ func (docker *Docker) GetLabels(id string, domain string) (types.Labels, error)
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the labels match the id or the domain
|
// Check if the container matches the ID or domain
|
||||||
if strings.TrimPrefix(inspect.Name, "/") == id || utils.CheckFilter(labels.Domain, domain, false) { // Disable regex for now
|
for _, lDomain := range labels.Domain {
|
||||||
log.Debug().Str("id", inspect.ID).Msg("Found matching container")
|
if lDomain == domain {
|
||||||
|
log.Debug().Str("id", inspect.ID).Msg("Found matching container by domain")
|
||||||
|
return labels, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if strings.TrimPrefix(inspect.Name, "/") == app {
|
||||||
|
log.Debug().Str("id", inspect.ID).Msg("Found matching container by name")
|
||||||
return labels, nil
|
return labels, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -129,7 +129,7 @@ type Labels struct {
|
|||||||
Users string
|
Users string
|
||||||
Allowed string
|
Allowed string
|
||||||
Headers []string
|
Headers []string
|
||||||
Domain string
|
Domain []string
|
||||||
Basic BasicLabels
|
Basic BasicLabels
|
||||||
OAuth OAuthLabels
|
OAuth OAuthLabels
|
||||||
IP IPLabels
|
IP IPLabels
|
||||||
|
|||||||
@@ -293,14 +293,14 @@ func ParseSecretFile(contents string) string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check if a string matches a regex or if it is included in a comma separated list
|
// Check if a string matches a regex or if it is included in a comma separated list
|
||||||
func CheckFilter(filter string, str string, regex bool) bool {
|
func CheckFilter(filter string, str string) bool {
|
||||||
// Check if the filter is empty
|
// Check if the filter is empty
|
||||||
if len(strings.TrimSpace(filter)) == 0 {
|
if len(strings.TrimSpace(filter)) == 0 {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the filter is a regex
|
// Check if the filter is a regex
|
||||||
if strings.HasPrefix(filter, "/") && strings.HasSuffix(filter, "/") && regex {
|
if strings.HasPrefix(filter, "/") && strings.HasSuffix(filter, "/") {
|
||||||
// Create regex
|
// Create regex
|
||||||
re, err := regexp.Compile(filter[1 : len(filter)-1])
|
re, err := regexp.Compile(filter[1 : len(filter)-1])
|
||||||
|
|
||||||
|
|||||||
@@ -387,7 +387,7 @@ func TestCheckFilter(t *testing.T) {
|
|||||||
expected := true
|
expected := true
|
||||||
|
|
||||||
// Test the check filter function
|
// Test the check filter function
|
||||||
result := utils.CheckFilter(filter, str, false)
|
result := utils.CheckFilter(filter, str)
|
||||||
|
|
||||||
// Check if the result is equal to the expected
|
// Check if the result is equal to the expected
|
||||||
if result != expected {
|
if result != expected {
|
||||||
@@ -402,7 +402,7 @@ func TestCheckFilter(t *testing.T) {
|
|||||||
expected = true
|
expected = true
|
||||||
|
|
||||||
// Test the check filter function
|
// Test the check filter function
|
||||||
result = utils.CheckFilter(filter, str, true)
|
result = utils.CheckFilter(filter, str)
|
||||||
|
|
||||||
// Check if the result is equal to the expected
|
// Check if the result is equal to the expected
|
||||||
if result != expected {
|
if result != expected {
|
||||||
@@ -417,7 +417,7 @@ func TestCheckFilter(t *testing.T) {
|
|||||||
expected = true
|
expected = true
|
||||||
|
|
||||||
// Test the check filter function
|
// Test the check filter function
|
||||||
result = utils.CheckFilter(filter, str, false)
|
result = utils.CheckFilter(filter, str)
|
||||||
|
|
||||||
// Check if the result is equal to the expected
|
// Check if the result is equal to the expected
|
||||||
if result != expected {
|
if result != expected {
|
||||||
@@ -432,7 +432,7 @@ func TestCheckFilter(t *testing.T) {
|
|||||||
expected = false
|
expected = false
|
||||||
|
|
||||||
// Test the check filter function
|
// Test the check filter function
|
||||||
result = utils.CheckFilter(filter, str, true)
|
result = utils.CheckFilter(filter, str)
|
||||||
|
|
||||||
// Check if the result is equal to the expected
|
// Check if the result is equal to the expected
|
||||||
if result != expected {
|
if result != expected {
|
||||||
@@ -447,7 +447,7 @@ func TestCheckFilter(t *testing.T) {
|
|||||||
expected = false
|
expected = false
|
||||||
|
|
||||||
// Test the check filter function
|
// Test the check filter function
|
||||||
result = utils.CheckFilter(filter, str, false)
|
result = utils.CheckFilter(filter, str)
|
||||||
|
|
||||||
// Check if the result is equal to the expected
|
// Check if the result is equal to the expected
|
||||||
if result != expected {
|
if result != expected {
|
||||||
|
|||||||
Reference in New Issue
Block a user