Commit 9c8cf0e0 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Fix global permission flags and config


Co-authored-by: Tomas's avatarConfiks <confiks@scriptbase.org>
parent 8c63cec3
......@@ -55,9 +55,15 @@ func setFlags(cmd *cobra.Command) error {
flags.StringP("jwtprivatekey", "w", "", "JWT private key or path to it")
flags.IntP("port", "p", 8088, "Port at which to listen")
flags.Bool("noauth", false, "Whether or not to authenticate requestors")
flags.String("permissions", "", "Default permissions")
flags.String("requestors", "", "Requestor configuration (in JSON)")
flags.StringSlice("disclosing", nil, "Comma-separated list of attributes that all requestors may verify")
flags.StringSlice("signing", nil, "Comma-separated list of attributes that all requestors may request in signatures")
flags.StringSlice("issuing", nil, "Comma-separated list of attributes that all requestors may issue")
flags.Lookup("disclosing").NoOptDefVal = "*"
flags.Lookup("signing").NoOptDefVal = "*"
flags.Lookup("issuing").NoOptDefVal = "*"
return viper.BindPFlags(flags)
}
......@@ -94,26 +100,27 @@ func configure() error {
JwtPrivateKey: viper.GetString("jwtprivatekey"),
}
// Handle special permissions
permissions := viper.GetString("permissions")
if len(permissions) > 0 {
if err := json.Unmarshal([]byte(permissions), &conf.GlobalPermissions); err != nil {
return errors.WrapPrefix(err, "Failed to parse permissions", 0)
}
} else if len(viper.GetStringMap("permissions")) > 0 {
// Handle global permissions
if len(viper.GetStringMap("permissions")) > 0 { // First read config file
if err := viper.UnmarshalKey("permissions", &conf.GlobalPermissions); err != nil {
return errors.WrapPrefix(err, "Failed to unmarshal permissions", 0)
}
}
requestors := viper.GetString("requestors")
handlePermission(&conf.GlobalPermissions.Disclosing, "disclosing") // Read flag or env var
handlePermission(&conf.GlobalPermissions.Signing, "signing")
handlePermission(&conf.GlobalPermissions.Issuing, "issuing")
// Handle requestors
if len(viper.GetStringMap("requestors")) > 0 { // First read config file
if err := viper.UnmarshalKey("requestors", &conf.Requestors); err != nil {
return errors.WrapPrefix(err, "Failed to unmarshal requestors", 0)
}
}
requestors := viper.GetString("requestors") // Read flag or env var
if len(requestors) > 0 {
if err := json.Unmarshal([]byte(requestors), &conf.Requestors); err != nil {
return errors.WrapPrefix(err, "Failed to parse requestors", 0)
}
} else if len(viper.GetStringMap("requestors")) > 0 {
if err := viper.UnmarshalKey("requestors", &conf.Requestors); err != nil {
return errors.WrapPrefix(err, "Failed to unmarshal requestors", 0)
}
}
bts, _ := json.MarshalIndent(conf, "", " ")
......@@ -122,3 +129,13 @@ func configure() error {
return nil
}
func handlePermission(conf *[]string, typ string) {
if viper.GetString(typ) == "*" {
*conf = []string{"*"}
}
perms := viper.GetStringSlice(typ)
if len(perms) > 0 {
*conf = perms
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment