RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/server/template.go

100 lines
2.9 KiB
Go
Raw Normal View History

[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
package server
import (
"fmt"
"io/ioutil"
"os"
"path/filepath"
"text/template"
"github.com/valyala/fasthttp"
"github.com/authelia/authelia/internal/logging"
"github.com/authelia/authelia/internal/utils"
)
var alphaNumericRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
// ServeTemplatedFile serves a templated version of a specified file,
// this is utilised to pass information between the backend and frontend
// and generate a nonce to support a restrictive CSP while using material-ui.
[FEATURE] Add theme support (#1584) * [FEATURE] Add theme support This change allows users to select a theme for Authelia on start-up. The default will continue to be the existing theme which is known as `light`. Three new options are now also provided: * `dark` * `grey` * `custom` The `custom` theme allows users to specify a primary and secondary hex color code to be utilised to style the portal. Co-authored-by: BankaiNoJutsu <lbegert@gmail.com> * Add themes to integration tests * Remove custom theme * Fix linting issue in access_control_test.go Co-authored-by: BankaiNoJutsu <lbegert@gmail.com>
2021-01-20 12:07:40 +00:00
func ServeTemplatedFile(publicDir, file, base, rememberMe, resetPassword, session, theme string) fasthttp.RequestHandler {
[MISC] Add missing CLI suite test (#1607) * [MISC] Add missing CLI suite test * Add missing test for `authelia version` command in CLI suite. * Standardise logger calls and swap CSP switch order
2021-01-16 23:23:35 +00:00
logger := logging.Logger()
feat: go:embed static assets (#1733) * feat: go:embed static assets Go 1.16 introduced the ability to embed files within a generated binary directly with the go tool chain. This simplifies our dependencies and the significantly improves the development workflow for future developers. Key points to note: Due to the inability to embed files that do not reside within the local package we need to duplicate our `config.template.yml` within `internal/configuration`. To avoid issues with the development workflow empty mock files have been included within `internal/server/public_html`. These are substituted with the respective generated files during the CI/CD and build workflows. * fix(suites): increase ldap suite test timeout * fix(server): fix swagger asset CSP
2021-02-21 23:07:06 +00:00
f, err := assets.Open(publicDir + file)
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
if err != nil {
[MISC] Add missing CLI suite test (#1607) * [MISC] Add missing CLI suite test * Add missing test for `authelia version` command in CLI suite. * Standardise logger calls and swap CSP switch order
2021-01-16 23:23:35 +00:00
logger.Fatalf("Unable to open %s: %s", file, err)
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
}
b, err := ioutil.ReadAll(f)
if err != nil {
[MISC] Add missing CLI suite test (#1607) * [MISC] Add missing CLI suite test * Add missing test for `authelia version` command in CLI suite. * Standardise logger calls and swap CSP switch order
2021-01-16 23:23:35 +00:00
logger.Fatalf("Unable to read %s: %s", file, err)
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
}
tmpl, err := template.New("file").Parse(string(b))
if err != nil {
[MISC] Add missing CLI suite test (#1607) * [MISC] Add missing CLI suite test * Add missing test for `authelia version` command in CLI suite. * Standardise logger calls and swap CSP switch order
2021-01-16 23:23:35 +00:00
logger.Fatalf("Unable to parse %s template: %s", file, err)
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
}
return func(ctx *fasthttp.RequestCtx) {
nonce := utils.RandomString(32, alphaNumericRunes)
switch extension := filepath.Ext(file); extension {
case ".html":
ctx.SetContentType("text/html; charset=utf-8")
default:
ctx.SetContentType("text/plain; charset=utf-8")
}
switch {
feat: go:embed static assets (#1733) * feat: go:embed static assets Go 1.16 introduced the ability to embed files within a generated binary directly with the go tool chain. This simplifies our dependencies and the significantly improves the development workflow for future developers. Key points to note: Due to the inability to embed files that do not reside within the local package we need to duplicate our `config.template.yml` within `internal/configuration`. To avoid issues with the development workflow empty mock files have been included within `internal/server/public_html`. These are substituted with the respective generated files during the CI/CD and build workflows. * fix(suites): increase ldap suite test timeout * fix(server): fix swagger asset CSP
2021-02-21 23:07:06 +00:00
case publicDir == swaggerAssets:
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
ctx.Response.Header.Add("Content-Security-Policy", fmt.Sprintf("base-uri 'self' ; default-src 'self' ; img-src 'self' https://validator.swagger.io data: ; object-src 'none' ; script-src 'self' 'unsafe-inline' 'nonce-%s' ; style-src 'self' 'nonce-%s'", nonce, nonce))
[MISC] Add missing CLI suite test (#1607) * [MISC] Add missing CLI suite test * Add missing test for `authelia version` command in CLI suite. * Standardise logger calls and swap CSP switch order
2021-01-16 23:23:35 +00:00
case os.Getenv("ENVIRONMENT") == dev:
ctx.Response.Header.Add("Content-Security-Policy", fmt.Sprintf("default-src 'self' 'unsafe-eval'; object-src 'none'; style-src 'self' 'nonce-%s'", nonce))
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
default:
ctx.Response.Header.Add("Content-Security-Policy", fmt.Sprintf("default-src 'self' ; object-src 'none'; style-src 'self' 'nonce-%s'", nonce))
}
[FEATURE] Add theme support (#1584) * [FEATURE] Add theme support This change allows users to select a theme for Authelia on start-up. The default will continue to be the existing theme which is known as `light`. Three new options are now also provided: * `dark` * `grey` * `custom` The `custom` theme allows users to specify a primary and secondary hex color code to be utilised to style the portal. Co-authored-by: BankaiNoJutsu <lbegert@gmail.com> * Add themes to integration tests * Remove custom theme * Fix linting issue in access_control_test.go Co-authored-by: BankaiNoJutsu <lbegert@gmail.com>
2021-01-20 12:07:40 +00:00
err := tmpl.Execute(ctx.Response.BodyWriter(), struct{ Base, CSPNonce, RememberMe, ResetPassword, Session, Theme string }{Base: base, CSPNonce: nonce, RememberMe: rememberMe, ResetPassword: resetPassword, Session: session, Theme: theme})
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
if err != nil {
fix(server): use lower case in error messages (#2151) Co-authored-by: Amir Zarrinkafsh <nightah@me.com> Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-08-03 23:18:20 +00:00
ctx.Error("an error occurred", 503)
[MISC] Add missing CLI suite test (#1607) * [MISC] Add missing CLI suite test * Add missing test for `authelia version` command in CLI suite. * Standardise logger calls and swap CSP switch order
2021-01-16 23:23:35 +00:00
logger.Errorf("Unable to execute template: %v", err)
[FEATURE] Add API docs and swagger-ui (#1544) * [FEATURE] Add API docs and swagger-ui This change will serve out swagger-ui at the `/api/` root path. * Update descriptions and summaries in API spec * Utilise frontend assets from unit testing for Docker build steps * Fix tag for /api/user/* endpoints * Fix response schema for /api/user/info/2fa_method * Template and inject the session name during runtime into swagger-ui This change also factorises and renames index.go into template.go, this can now be generically utilised to template any file. * Fix integration tests * Add U2F endpoints * Change swagger directory to api This change is to more closely conform to the golang-standards project layout. * Add authentication for u2f endpoints * Modify u2f endpoint descriptions * Rename and fix u2f 2fa sign endpoints * Fix request body for /api/secondfactor/u2f/sign endpoint Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-01-03 04:28:46 +00:00
return
}
}
}
refactor: configuration agnostic healthcheck (#2231) This makes the healthcheck simple and configured directly by Authelia's configuration on startup.
2021-08-05 04:02:07 +00:00
func writeHealthCheckEnv(disabled bool, scheme, host, path string, port int) (err error) {
if disabled {
return nil
}
_, err = os.Stat("/app/healthcheck.sh")
if err != nil {
return nil
}
_, err = os.Stat("/app/.healthcheck.env")
if err != nil {
return nil
}
file, err := os.OpenFile("/app/.healthcheck.env", os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0755)
if err != nil {
return err
}
defer func() {
_ = file.Close()
}()
if host == "0.0.0.0" {
host = "localhost"
}
_, err = file.WriteString(fmt.Sprintf(healthCheckEnv, scheme, host, port, path))
return err
}