From c628755c8e66d2d239b065ec0341e555a00c587c Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@helsinki.at>
Date: Wed, 27 Mar 2019 03:13:07 +0100
Subject: [PATCH] added auth backends listing

---
 auth/auth.go | 29 ++++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

diff --git a/auth/auth.go b/auth/auth.go
index 3984b08..826e498 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -64,14 +64,17 @@ func login(w http.ResponseWriter, r *http.Request) {
 	switch strings.ToLower(backend) {
 	case "oidc":
 		if auth.oidc == nil {
-			sendHTTPResponse(w, http.StatusBadRequest, HTTPResponse{Error: "OIDC authentication is not configured"})
+			resp := HTTPResponse{Error: "OIDC authentication is not configured"}
+			sendHTTPResponse(w, http.StatusBadRequest, resp)
 			return
 		}
 		auth.oidc.HandleLogin(w, r)
 	case "":
-		sendHTTPResponse(w, http.StatusNotImplemented, HTTPResponse{Error: "default/fallback authentication backend has not been implemented yet"})
+		resp := HTTPResponse{Error: "default/fallback authentication backend has not been implemented yet"}
+		sendHTTPResponse(w, http.StatusNotImplemented, resp)
 	default:
-		sendHTTPResponse(w, http.StatusBadRequest, HTTPResponse{Error: "invalid authentication backend: " + backend})
+		resp := HTTPResponse{Error: "invalid authentication backend: " + backend}
+		sendHTTPResponse(w, http.StatusBadRequest, resp)
 	}
 }
 
@@ -98,6 +101,25 @@ func whoami(w http.ResponseWriter, r *http.Request) {
 	json.NewEncoder(w).Encode(s)
 }
 
+type AuthBackendInfo struct {
+	Name        string
+	Description string
+}
+
+func listBackends(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+
+	backends := []AuthBackendInfo{}
+	if auth.oidc != nil {
+		backend := AuthBackendInfo{Name: "oidc"}
+		backend.Description = "OpenID Connect using Identity Provider: " + auth.config.OIDC.IssuerURL
+		backends = append(backends, backend)
+	}
+
+	json.NewEncoder(w).Encode(backends)
+}
+
 func disabled(w http.ResponseWriter, r *http.Request) {
 	sendHTTPResponse(w, http.StatusBadRequest, HTTPResponse{Error: "authentication is disabled"})
 }
@@ -111,6 +133,7 @@ func InstallHTTPHandler(r *mux.Router) {
 	r.HandleFunc("/login", login)
 	r.HandleFunc("/logout", logout)
 	r.HandleFunc("/whoami", whoami)
+	r.HandleFunc("/backends", listBackends)
 	if auth.oidc != nil {
 		r.Handle("/oidc/callback", auth.oidc.CallbackHandler())
 	}
-- 
GitLab