1
0
mirror of https://github.com/juanfont/headscale.git synced 2024-12-20 19:09:07 +01:00

Lint fixes 3/n

This commit is contained in:
Juan Font Alonso 2022-06-26 12:01:04 +02:00
parent a913d1b521
commit c859bea0cf
2 changed files with 61 additions and 61 deletions

6
app.go
View File

@ -407,9 +407,9 @@ func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *mux.Router {
router.HandleFunc( router.HandleFunc(
"/health", "/health",
func(w http.ResponseWriter, r *http.Request) { func(writer http.ResponseWriter, req *http.Request) {
w.WriteHeader(http.StatusOK) writer.WriteHeader(http.StatusOK)
w.Write([]byte("{\"healthy\": \"ok\"}")) writer.Write([]byte("{\"healthy\": \"ok\"}"))
}).Methods(http.MethodGet) }).Methods(http.MethodGet)
router.HandleFunc("/key", h.KeyHandler).Methods(http.MethodGet) router.HandleFunc("/key", h.KeyHandler).Methods(http.MethodGet)

116
oidc.go
View File

@ -133,16 +133,16 @@ var oidcCallbackTemplate = template.Must(
// TODO: Add groups information from OIDC tokens into machine HostInfo // TODO: Add groups information from OIDC tokens into machine HostInfo
// Listens in /oidc/callback. // Listens in /oidc/callback.
func (h *Headscale) OIDCCallback( func (h *Headscale) OIDCCallback(
w http.ResponseWriter, writer http.ResponseWriter,
r *http.Request, req *http.Request,
) { ) {
code := r.URL.Query().Get("code") code := req.URL.Query().Get("code")
state := r.URL.Query().Get("state") state := req.URL.Query().Get("state")
if code == "" || state == "" { if code == "" || state == "" {
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("Wrong params")) writer.Write([]byte("Wrong params"))
return return
} }
@ -153,9 +153,9 @@ func (h *Headscale) OIDCCallback(
Err(err). Err(err).
Caller(). Caller().
Msg("Could not exchange code for token") Msg("Could not exchange code for token")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("Could not exchange code for token")) writer.Write([]byte("Could not exchange code for token"))
return return
} }
@ -168,9 +168,9 @@ func (h *Headscale) OIDCCallback(
rawIDToken, rawIDTokenOK := oauth2Token.Extra("id_token").(string) rawIDToken, rawIDTokenOK := oauth2Token.Extra("id_token").(string)
if !rawIDTokenOK { if !rawIDTokenOK {
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("Could not extract ID Token")) writer.Write([]byte("Could not extract ID Token"))
return return
} }
@ -183,9 +183,9 @@ func (h *Headscale) OIDCCallback(
Err(err). Err(err).
Caller(). Caller().
Msg("failed to verify id token") Msg("failed to verify id token")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("Failed to verify id token")) writer.Write([]byte("Failed to verify id token"))
return return
} }
@ -204,9 +204,9 @@ func (h *Headscale) OIDCCallback(
Err(err). Err(err).
Caller(). Caller().
Msg("Failed to decode id token claims") Msg("Failed to decode id token claims")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("Failed to decode id token claims")) writer.Write([]byte("Failed to decode id token claims"))
return return
} }
@ -216,9 +216,9 @@ func (h *Headscale) OIDCCallback(
if at := strings.LastIndex(claims.Email, "@"); at < 0 || if at := strings.LastIndex(claims.Email, "@"); at < 0 ||
!IsStringInSlice(h.cfg.OIDC.AllowedDomains, claims.Email[at+1:]) { !IsStringInSlice(h.cfg.OIDC.AllowedDomains, claims.Email[at+1:]) {
log.Error().Msg("authenticated principal does not match any allowed domain") log.Error().Msg("authenticated principal does not match any allowed domain")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("unauthorized principal (domain mismatch)")) writer.Write([]byte("unauthorized principal (domain mismatch)"))
return return
} }
@ -228,9 +228,9 @@ func (h *Headscale) OIDCCallback(
if len(h.cfg.OIDC.AllowedUsers) > 0 && if len(h.cfg.OIDC.AllowedUsers) > 0 &&
!IsStringInSlice(h.cfg.OIDC.AllowedUsers, claims.Email) { !IsStringInSlice(h.cfg.OIDC.AllowedUsers, claims.Email) {
log.Error().Msg("authenticated principal does not match any allowed user") log.Error().Msg("authenticated principal does not match any allowed user")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("unauthorized principal (user mismatch)")) writer.Write([]byte("unauthorized principal (user mismatch)"))
return return
} }
@ -241,9 +241,9 @@ func (h *Headscale) OIDCCallback(
if !machineKeyFound { if !machineKeyFound {
log.Error(). log.Error().
Msg("requested machine state key expired before authorisation completed") Msg("requested machine state key expired before authorisation completed")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("state has expired")) writer.Write([]byte("state has expired"))
return return
} }
@ -257,18 +257,18 @@ func (h *Headscale) OIDCCallback(
if err != nil { if err != nil {
log.Error(). log.Error().
Msg("could not parse machine public key") Msg("could not parse machine public key")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusBadRequest) writer.WriteHeader(http.StatusBadRequest)
w.Write([]byte("could not parse public key")) writer.Write([]byte("could not parse public key"))
return return
} }
if !machineKeyOK { if !machineKeyOK {
log.Error().Msg("could not get machine key from cache") log.Error().Msg("could not get machine key from cache")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError) writer.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("could not get machine key from cache")) writer.Write([]byte("could not get machine key from cache"))
return return
} }
@ -298,16 +298,16 @@ func (h *Headscale) OIDCCallback(
Err(err). Err(err).
Msg("Could not render OIDC callback template") Msg("Could not render OIDC callback template")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError) writer.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("Could not render OIDC callback template")) writer.Write([]byte("Could not render OIDC callback template"))
return return
} }
w.Header().Set("Content-Type", "text/html; charset=utf-8") writer.Header().Set("Content-Type", "text/html; charset=utf-8")
w.WriteHeader(http.StatusOK) writer.WriteHeader(http.StatusOK)
w.Write(content.Bytes()) writer.Write(content.Bytes())
return return
} }
@ -318,9 +318,9 @@ func (h *Headscale) OIDCCallback(
) )
if err != nil { if err != nil {
log.Error().Err(err).Caller().Msgf("couldn't normalize email") log.Error().Err(err).Caller().Msgf("couldn't normalize email")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError) writer.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("couldn't normalize email")) writer.Write([]byte("couldn't normalize email"))
return return
} }
@ -337,9 +337,9 @@ func (h *Headscale) OIDCCallback(
Err(err). Err(err).
Caller(). Caller().
Msgf("could not create new namespace '%s'", namespaceName) Msgf("could not create new namespace '%s'", namespaceName)
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError) writer.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("could not create namespace")) writer.Write([]byte("could not create namespace"))
return return
} }
@ -349,9 +349,9 @@ func (h *Headscale) OIDCCallback(
Err(err). Err(err).
Str("namespace", namespaceName). Str("namespace", namespaceName).
Msg("could not find or create namespace") Msg("could not find or create namespace")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError) writer.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("could not find or create namespace")) writer.Write([]byte("could not find or create namespace"))
return return
} }
@ -368,9 +368,9 @@ func (h *Headscale) OIDCCallback(
Caller(). Caller().
Err(err). Err(err).
Msg("could not register machine") Msg("could not register machine")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError) writer.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("could not register machine")) writer.Write([]byte("could not register machine"))
return return
} }
@ -386,14 +386,14 @@ func (h *Headscale) OIDCCallback(
Err(err). Err(err).
Msg("Could not render OIDC callback template") Msg("Could not render OIDC callback template")
w.Header().Set("Content-Type", "text/plain; charset=utf-8") writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError) writer.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("Could not render OIDC callback template")) writer.Write([]byte("Could not render OIDC callback template"))
return return
} }
w.Header().Set("Content-Type", "text/html; charset=utf-8") writer.Header().Set("Content-Type", "text/html; charset=utf-8")
w.WriteHeader(http.StatusOK) writer.WriteHeader(http.StatusOK)
w.Write(content.Bytes()) writer.Write(content.Bytes())
} }