zendesk support

henrod · henrod · commit fbd6141d58eb · 2018-03-21T10:09:05.000-03:00
diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/Gopkg.toml b/Gopkg.toml
@@ -36,5 +36,5 @@
   name = "google.golang.org/api"
 
 [[constraint]]
-  name = "gopkg.in/fsnotify.v1"
-  version = "~1.2.0"
+  name = "github.com/fsnotify/fsnotify"
+  version = "~1.4.0"
diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@ oauth2_proxy
 A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others)
 to validate accounts by email, domain or group.
 
-[![Build Status](https://secure.travis-ci.org/bitly/oauth2_proxy.svg?branch=master)](http://travis-ci.org/bitly/oauth2_proxy)
+[![Build Status](https://secure.travis-ci.org/topfreegames/oauth2_proxy.svg?branch=master)](http://travis-ci.org/topfreegames/oauth2_proxy)
 
 
 ![Sign In Page](https://cloud.githubusercontent.com/assets/45028/4970624/7feb7dd8-6886-11e4-93e0-c9904af44ea8.png)
@@ -15,7 +15,7 @@ to validate accounts by email, domain or group.
 
 ## Installation
 
-1. Download [Prebuilt Binary](https://github.com/bitly/oauth2_proxy/releases) (current release is `v2.2`) or build with `$ go get github.com/bitly/oauth2_proxy` which will put the binary in `$GOROOT/bin`
+1. Download [Prebuilt Binary](https://github.com/topfreegames/oauth2_proxy/releases) (current release is `v2.2`) or build with `$ go get github.com/topfreegames/oauth2_proxy` which will put the binary in `$GOROOT/bin`
 Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v2.3`.
 ```
 sha256sum -c sha256sum.txt 2>&1 | grep OK
@@ -37,6 +37,7 @@ Valid providers are :
 * [GitHub](#github-auth-provider)
 * [GitLab](#gitlab-auth-provider)
 * [LinkedIn](#linkedin-auth-provider)
+* [Zendesk](#zendesk-auth-provider)
 
 The provider can be selected using the `provider` configuration value.
 
@@ -155,6 +156,13 @@ OpenID Connect is a spec for OAUTH 2.0 + identity that is implemented by many ma
     -cookie-secure=false
     -email-domain example.com
 
+### Zendesk Auth Provider
+
+1. Follow these steps to register Zendesk OAuth2 application: [Register your application with Zendesk](https://support.zendesk.com/hc/en-us/articles/203663836-Using-OAuth-authentication-with-your-application#topic_s21_lfs_qk).
+2. For "Redirect URLs", provide `https://internal.yourcompany.com/oauth2/callback`.
+3. Provide **Unique Identifier** (passed as `--client-id`) and take note of **Secret** (passed as `--client-secret`).
+3. Provide your subdomain via the `--zendesk-subdomain=<YOUR SUBDOMAIN>` option.
+
 ## Email Authentication
 
 To authorize by email domain use `--email-domain=yourcompany.com`. To authorize individual email addresses use `--authenticated-emails-file=/path/to/file` with one email per line. To authorize all email addresses use `--email-domain=*`.
diff --git a/contrib/oauth2_proxy.cfg.example b/contrib/oauth2_proxy.cfg.example
@@ -1,5 +1,5 @@
 ## OAuth2 Proxy Config File
-## https://github.com/bitly/oauth2_proxy
+## https://github.com/topfreegames/oauth2_proxy
 
 ## <addr>:<port> to listen on for HTTP/HTTPS clients
 # http_address = "127.0.0.1:4180"
diff --git a/dist.sh b/dist.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 # build binary distributions for linux/amd64 and darwin/amd64
-set -e
+# set -e
 
 DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 echo "working dir $DIR"
@@ -24,7 +24,7 @@ for os in windows linux darwin; do
     fi
     BUILD=$(mktemp -d ${TMPDIR:-/tmp}/oauth2_proxy.XXXXXX)
     TARGET="oauth2_proxy-$version.$os-$arch.$goversion"
-    FILENAME="oauth2_proxy-$version.$os-$arch$EXT"
+    FILENAME="oauth2_proxy"
     GOOS=$os GOARCH=$arch CGO_ENABLED=0 \
         go build -ldflags="-s -w" -o $BUILD/$TARGET/$FILENAME || exit 1
     pushd $BUILD/$TARGET
diff --git a/main.go b/main.go
@@ -46,6 +46,7 @@ func main() {
 	flagSet.String("azure-tenant", "common", "go to a tenant-specific or common (tenant-independent) endpoint.")
 	flagSet.String("github-org", "", "restrict logins to members of this organisation")
 	flagSet.String("github-team", "", "restrict logins to members of this team")
+	flagSet.String("zendesk-subdomain", "", "subdomain for Zendesk")
 	flagSet.Var(&googleGroups, "google-group", "restrict logins to members of this google group (may be given multiple times).")
 	flagSet.String("google-admin-email", "", "the google admin to impersonate for api calls")
 	flagSet.String("google-service-account-json", "", "the path to the service account json credentials")
diff --git a/oauthproxy.go b/oauthproxy.go
@@ -14,9 +14,9 @@ import (
 	"strings"
 	"time"
 
-	"github.com/bitly/oauth2_proxy/cookie"
-	"github.com/bitly/oauth2_proxy/providers"
 	"github.com/mbland/hmacauth"
+	"github.com/topfreegames/oauth2_proxy/cookie"
+	"github.com/topfreegames/oauth2_proxy/providers"
 )
 
 const SignatureHeader = "GAP-Signature"
diff --git a/oauthproxy_test.go b/oauthproxy_test.go
@@ -15,9 +15,9 @@ import (
 	"testing"
 	"time"
 
-	"github.com/bitly/oauth2_proxy/providers"
 	"github.com/mbland/hmacauth"
 	"github.com/stretchr/testify/assert"
+	"github.com/topfreegames/oauth2_proxy/providers"
 )
 
 func init() {
diff --git a/options.go b/options.go
@@ -13,9 +13,9 @@ import (
 	"strings"
 	"time"
 
-	"github.com/bitly/oauth2_proxy/providers"
 	oidc "github.com/coreos/go-oidc"
 	"github.com/mbland/hmacauth"
+	"github.com/topfreegames/oauth2_proxy/providers"
 )
 
 // Configuration Options that can be set by Command Line Flag, or Config File
@@ -37,6 +37,7 @@ type Options struct {
 	GoogleGroups             []string `flag:"google-group" cfg:"google_group"`
 	GoogleAdminEmail         string   `flag:"google-admin-email" cfg:"google_admin_email"`
 	GoogleServiceAccountJSON string   `flag:"google-service-account-json" cfg:"google_service_account_json"`
+	ZendeskSubdomain         string   `flag:"zendesk-subdomain" cfg:"zendesk_subdomain"`
 	HtpasswdFile             string   `flag:"htpasswd-file" cfg:"htpasswd_file"`
 	DisplayHtpasswdForm      bool     `flag:"display-htpasswd-form" cfg:"display_htpasswd_form"`
 	CustomTemplatesDir       string   `flag:"custom-templates-dir" cfg:"custom_templates_dir"`
@@ -263,6 +264,8 @@ func parseProviderInfo(o *Options, msgs []string) []string {
 		p.Configure(o.AzureTenant)
 	case *providers.GitHubProvider:
 		p.SetOrgTeam(o.GitHubOrg, o.GitHubTeam)
+	case *providers.ZendeskProvider:
+		p.Configure(o.ZendeskSubdomain)
 	case *providers.GoogleProvider:
 		if o.GoogleServiceAccountJSON != "" {
 			file, err := os.Open(o.GoogleServiceAccountJSON)
diff --git a/providers/azure.go b/providers/azure.go
@@ -4,7 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"github.com/bitly/go-simplejson"
-	"github.com/bitly/oauth2_proxy/api"
+	"github.com/topfreegames/oauth2_proxy/api"
 	"log"
 	"net/http"
 	"net/url"
diff --git a/providers/facebook.go b/providers/facebook.go
@@ -6,7 +6,7 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/bitly/oauth2_proxy/api"
+	"github.com/topfreegames/oauth2_proxy/api"
 )
 
 type FacebookProvider struct {
diff --git a/providers/gitlab.go b/providers/gitlab.go
@@ -5,7 +5,7 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/bitly/oauth2_proxy/api"
+	"github.com/topfreegames/oauth2_proxy/api"
 )
 
 type GitLabProvider struct {
diff --git a/providers/internal_util.go b/providers/internal_util.go
@@ -6,7 +6,7 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/bitly/oauth2_proxy/api"
+	"github.com/topfreegames/oauth2_proxy/api"
 )
 
 // stripToken is a helper function to obfuscate "access_token"
diff --git a/providers/linkedin.go b/providers/linkedin.go
@@ -6,7 +6,7 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/bitly/oauth2_proxy/api"
+	"github.com/topfreegames/oauth2_proxy/api"
 )
 
 type LinkedInProvider struct {
diff --git a/providers/provider_data.go b/providers/provider_data.go
@@ -5,10 +5,12 @@ import (
 )
 
 type ProviderData struct {
-	ProviderName      string
-	ClientID          string
-	ClientSecret      string
-	LoginURL          *url.URL
+	ProviderName string
+	ClientID     string
+	ClientSecret string
+	LoginURL     *url.URL
+
+	// RedeemURL: use authorization code to request an access token
 	RedeemURL         *url.URL
 	ProfileURL        *url.URL
 	ProtectedResource *url.URL
diff --git a/providers/provider_default.go b/providers/provider_default.go
@@ -9,7 +9,7 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/bitly/oauth2_proxy/cookie"
+	"github.com/topfreegames/oauth2_proxy/cookie"
 )
 
 func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error) {
diff --git a/providers/providers.go b/providers/providers.go
@@ -1,7 +1,7 @@
 package providers
 
 import (
-	"github.com/bitly/oauth2_proxy/cookie"
+	"github.com/topfreegames/oauth2_proxy/cookie"
 )
 
 type Provider interface {
@@ -31,6 +31,8 @@ func New(provider string, p *ProviderData) Provider {
 		return NewGitLabProvider(p)
 	case "oidc":
 		return NewOIDCProvider(p)
+	case "zendesk":
+		return NewZendeskProvider(p)
 	default:
 		return NewGoogleProvider(p)
 	}
diff --git a/providers/session_state.go b/providers/session_state.go
diff --git a/providers/session_state_test.go b/providers/session_state_test.go
diff --git a/providers/zendesk.go b/providers/zendesk.go
diff --git a/providers/zendesk_test.go b/providers/zendesk_test.go
diff --git a/templates.go b/templates.go
diff --git a/version.go b/version.go
diff --git a/watcher.go b/watcher.go

Original file line number	Diff line number	Diff line change
`@@ -15,9 +15,9 @@ import (`
`15`	`15`	`"testing"`
`16`	`16`	`"time"`
`17`	`17`
`18`		`- "github.com/bitly/oauth2_proxy/providers"`
`19`	`18`	`"github.com/mbland/hmacauth"`
`20`	`19`	`"github.com/stretchr/testify/assert"`
	`20`	`+ "github.com/topfreegames/oauth2_proxy/providers"`
`21`	`21`	`)`
`22`	`22`
`23`	`23`	`func init() {`