Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generic OAuth2: decoding the user json #191

Open
ccoenen opened this issue Sep 30, 2020 · 1 comment
Open

Generic OAuth2: decoding the user json #191

ccoenen opened this issue Sep 30, 2020 · 1 comment
Labels
enhancement New feature or request

Comments

@ccoenen
Copy link

ccoenen commented Sep 30, 2020

I would love to complete my nextcloud login I mentioned in #189, but it turns out that I was missing one part: I am not receiving the X-Forwarded-User header. I believe, traefik-forward-auth currently has no way of configuring where to look for that info, right? I may be missing something, but I did not find a config option for that.

Nextcloud returns this info at the USER_URL (example taken from nextcloud/server#5694 (comment) !)

{
   "ocs":{
      "meta":{
         "status":"ok",
         "statuscode":200,
         "message":"OK"
      },
      "data":{
         "enabled":"true",
         "id":"lukas",
         "quota":{
            "free":3909529214976,
            "used":6657835832,
            "total":3916187050808,
            "relative":0.17,
            "quota":-3
         },
         "email":"lukas@nextcloud.com",
         "phone":"",
         "address":"",
         "website":"",
         "twitter":"",
         "groups":[
            "Engineering",
            "General"
         ],
         "display-name":"Lukas Reschke"
      }
   }
}

So, in other oauth adapters, I configure these things:

username: "ocs.data.id"
displayname: "ocs.data.display-name",
email: "ocs.data.email"
groups: "ocs.data.groups"

and so on.

If I'm reading this correctly, there's no such option (yet) in traefik-forward-auth, it is always parsed into the same User object:

traefik-forward-auth/internal/provider/generic_oauth.go

Line 93 in 04f5499

err = json.NewDecoder(res.Body).Decode(&user)

that object is defined here, but I do not think I can configure it in any way?

traefik-forward-auth/internal/provider/providers.go

Lines 31 to 33 in 04f5499

type User struct {
Email string `json:"email"`
}

I would like to request this as a configurable option, or if it is already, a pointer on how to configure this.
@thomseddon
Copy link
Owner

We actually have a PR proposed for this currently in #159

I still need to do a little more review on that before it's merged, but I'm guessing that will work for you?

@thomseddon thomseddon added the enhancement New feature or request label Oct 8, 2020
@ccoenen ccoenen mentioned this issue Oct 8, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ccoenen @thomseddon