TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-02-22 12:58:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/tsidp: fix HTTP mux layering

Browse Source 
Change-Id: I08fd8206fc8e6b405a2f2b03028f5f17866f3442
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2023-11-14 18:46:40 -08:00
parent 491b5fa92d
commit 678a3bf88a
1 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
cmd/tsidp/tsidp.go
View File

@ -69,16 +69,14 @@ func main() {
if err != nil {
log.Fatal(err)
}
mux := http.NewServeMux()
srv.Register(mux)
log.Fatal(http.Serve(ln, mux))
log.Fatal(http.Serve(ln, srv))
}
type idpServer struct {
lc *tailscale.LocalClient
serverURL string // "https://foo.bar.ts.net"
lazyMux lazy.SyncValue[*http.ServeMux]
lazySigningKey lazy.SyncValue[*signingKey]
lazySigner lazy.SyncValue[jose.Signer]
@ -108,15 +106,6 @@ type authRequest struct {
validTill time.Time
}
func (s *idpServer) Register(mux *http.ServeMux) {
mux.Handle(oidcJWKSPath, http.HandlerFunc(s.serveJWKS))
mux.Handle(oidcConfigPath, http.HandlerFunc(s.serveOpenIDConfig))
mux.Handle("/authorize/", http.HandlerFunc(s.authorize))
mux.Handle("/userinfo", http.HandlerFunc(s.serveUserInfo))
mux.Handle("/token", http.HandlerFunc(s.serveToken))
mux.Handle("/", s)
}
func (s *idpServer) authorize(w http.ResponseWriter, r *http.Request) {
who, err := s.lc.WhoIs(r.Context(), r.RemoteAddr)
if err != nil {
@ -149,15 +138,26 @@ func (s *idpServer) authorize(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, u, http.StatusFound)
}
func (s *idpServer) newMux() *http.ServeMux {
mux := http.NewServeMux()
mux.HandleFunc(oidcJWKSPath, s.serveJWKS)
mux.HandleFunc(oidcConfigPath, s.serveOpenIDConfig)
mux.HandleFunc("/authorize/", s.authorize)
mux.HandleFunc("/userinfo", s.serveUserInfo)
mux.HandleFunc("/token", s.serveToken)
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
if r.URL.Path == "/" {
io.WriteString(w, "<html><body><h1>Tailscale OIDC IdP</h1>")
return
}
http.Error(w, "tsidp: not found", http.StatusNotFound)
})
return mux
}
func (s *idpServer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
log.Printf("%v %v", r.Method, r.URL)
if r.URL.Path == "/" {
io.WriteString(w, "<html><body><h1>Tailscale OIDC IdP</h1>")
return
}
http.Error(w, "tsidp: not found", http.StatusNotFound)
s.lazyMux.Get(s.newMux).ServeHTTP(w, r)
}
func (s *idpServer) serveUserInfo(w http.ResponseWriter, r *http.Request) {