1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
package main
import (
"github.com/gorilla/csrf"
"log"
"net/http"
"time"
)
type PwmanServer struct {
LdapInfo *LdapInfo
PwnedDBFile string
Krb5Conf string
ChangePwScript string
RemoteUserHeader string
}
var pwman *PwmanServer
func main() {
ldapInfo := &LdapInfo{Server: "localhost", Port: 6636, SSLSkipVerify: true, User: "cn=admin,dc=nordu,dc=net", Password: "secretpw"}
pwman = &PwmanServer{
LdapInfo: ldapInfo,
PwnedDBFile: "/Users/markus/Downloads/pwned-passwords-ordered-2.0.txt",
Krb5Conf: "./krb5.conf",
ChangePwScript: "./create-kdc-principal.pl",
RemoteUserHeader: "X-Remote-User",
}
base_path := "/sso"
v := Views()
mux := http.NewServeMux()
mux.Handle(base_path+"/", FlashMessage(RemoteUser(v.Index())))
mux.Handle(base_path+"/sso", FlashMessage(RemoteUser(v.ChangePassword("SSO"))))
mux.Handle(base_path+"/tacacs", FlashMessage(RemoteUser(v.ChangePassword("TACACS"))))
mux.Handle(base_path+"/eduroam", FlashMessage(RemoteUser(v.ChangePassword("eduroam"))))
mux.Handle(base_path+"/pubkeys", FlashMessage(RemoteUser(v.ChangeSSHKeys())))
mux.Handle(base_path+"/static/", http.StripPrefix(base_path+"/static", http.FileServer(http.Dir("static"))))
CSRF := csrf.Protect([]byte("f3b4ON3nQkmNPNP.hiyp7Z5DBAMsXo7c_"), csrf.Secure(false))
server := &http.Server{
Addr: ":3000",
Handler: CSRF(mux),
ReadTimeout: 5 * time.Second,
WriteTimeout: 5 * time.Second,
}
log.Println("Listening on: http://0.0.0.0:3000")
log.Fatal(server.ListenAndServe())
}
//type CustomMux struct {
// base_path string
// mux *http.ServeMux
//}
//
//func NewCustomMux(base_path string) *CustomMux {
// return &CustomMux{base_path, http.NewServeMux()}
//}
//
//func (m *CustomMux) Handle(path string, h http.Handler) {
// m.mux.Handle(path, h)
//}
//
//func (m *CustomMux) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// clean_path := filepath.Clean(r.URL.Path)
// log.Println(clean_path)
// if !strings.HasPrefix(clean_path, m.base_path) {
// http.NotFound(w, r)
// return
// }
// r.URL.Path = clean_path[len(m.base_path):]
// log.Println(clean_path[len(m.base_path):])
// m.mux.ServeHTTP(w, r)
//}
//type RemoteUserMux map[string] http.Handler
//
//func (m RemoteUserMux) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// handler, ok := m[r.URL.Path
//}
|
