diff options
| -rw-r--r-- | app/middleware/init.go | 8 | ||||
| -rw-r--r-- | app/middleware/user.go | 8 | ||||
| -rw-r--r-- | app/middleware/user_test.go | 12 | ||||
| -rw-r--r-- | etc/envoy/envoy.yaml | 10 |
4 files changed, 16 insertions, 22 deletions
diff --git a/app/middleware/init.go b/app/middleware/init.go index 4ff10c4..770bd19 100644 --- a/app/middleware/init.go +++ b/app/middleware/init.go @@ -10,10 +10,10 @@ import ( func init() { mapper.Register(func(h http.Header) *domain.User { return &domain.User{ - ID: domain.ID(h.Get("x-id-jwt-claim-sub")), - Username: h.Get("x-id-jwt-claim-username"), - ProfileURL: h.Get("x-id-jwt-claim-profile-url"), - Picture: h.Get("x-id-jwt-claim-picture-url"), + ID: domain.ID(h.Get("x-jwt-claim-sub")), + Username: h.Get("x-jwt-claim-username"), + ProfileURL: h.Get("x-jwt-claim-profile-url"), + Picture: h.Get("x-jwt-claim-picture-url"), } }) } diff --git a/app/middleware/user.go b/app/middleware/user.go index 0ffc8cf..184bf1a 100644 --- a/app/middleware/user.go +++ b/app/middleware/user.go @@ -12,13 +12,7 @@ import ( func User() func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - log.WithFields(r.Context(), log.Fields{ - "payload": r.Header.Get("x-id-jwt-payload"), - "photo": r.Header.Get("x-id-jwt-claim-picture-url"), - "profile": r.Header.Get("x-id-jwt-claim-profile-url"), - "sub": r.Header.Get("x-id-jwt-claim-sub"), - "username": r.Header.Get("x-id-jwt-claim-username"), - }) + log.WithFields(r.Context(), log.Fields{"sub": r.Header.Get("x-jwt-claim-sub")}) next.ServeHTTP(w, r.WithContext(cfg.CurrentUser.With( r.Context(), diff --git a/app/middleware/user_test.go b/app/middleware/user_test.go index c778c98..371605c 100644 --- a/app/middleware/user_test.go +++ b/app/middleware/user_test.go @@ -14,7 +14,7 @@ import ( func TestUser(t *testing.T) { middleware := User() - t.Run("when x-id-jwt-claim-* headers are not provided", func(t *testing.T) { + t.Run("when x-jwt-claim-* headers are not provided", func(t *testing.T) { server := middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { require.False(t, IsLoggedIn(r)) @@ -27,7 +27,7 @@ func TestUser(t *testing.T) { assert.Equal(t, http.StatusTeapot, w.Code) }) - t.Run("when x-id-jwt-claim-* headers are provided", func(t *testing.T) { + t.Run("when x-jwt-claim-* headers are provided", func(t *testing.T) { server := middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { require.True(t, IsLoggedIn(r)) @@ -43,10 +43,10 @@ func TestUser(t *testing.T) { })) r, w := test.RequestResponse("GET", "/", - test.WithRequestHeader("x-id-jwt-claim-sub", "1"), - test.WithRequestHeader("x-id-jwt-claim-username", "root"), - test.WithRequestHeader("x-id-jwt-claim-profile-url", "https://gitlab.com/tanuki"), - test.WithRequestHeader("x-id-jwt-claim-picture-url", "https://example.com/profile.png"), + test.WithRequestHeader("x-jwt-claim-sub", "1"), + test.WithRequestHeader("x-jwt-claim-username", "root"), + test.WithRequestHeader("x-jwt-claim-profile-url", "https://gitlab.com/tanuki"), + test.WithRequestHeader("x-jwt-claim-picture-url", "https://example.com/profile.png"), ) server.ServeHTTP(w, r) diff --git a/etc/envoy/envoy.yaml b/etc/envoy/envoy.yaml index a8cdc59..b483fe9 100644 --- a/etc/envoy/envoy.yaml +++ b/etc/envoy/envoy.yaml @@ -178,15 +178,15 @@ static_resources: - OAUTH_CLIENT_ID claim_to_headers: - claim_name: sub - header_name: x-id-jwt-claim-sub + header_name: x-jwt-claim-sub - claim_name: nickname - header_name: x-id-jwt-claim-username + header_name: x-jwt-claim-username - claim_name: profile - header_name: x-id-jwt-claim-profile-url + header_name: x-jwt-claim-profile-url - claim_name: picture - header_name: x-id-jwt-claim-picture-url + header_name: x-jwt-claim-picture-url forward: true - forward_payload_header: x-id-jwt-payload + forward_payload_header: x-jwt-payload from_cookies: - id_token issuer: https://example.com |