diff options
-rw-r--r-- | app.go | 2 | ||||
-rw-r--r-- | internal/auth/auth.go | 4 | ||||
-rw-r--r-- | internal/auth/auth_test.go | 3 | ||||
-rw-r--r-- | internal/config/config.go | 2 | ||||
-rw-r--r-- | internal/config/flags.go | 1 |
5 files changed, 8 insertions, 4 deletions
@@ -481,7 +481,7 @@ func (a *theApp) setAuth(config *cfg.Config) { var err error a.Auth, err = auth.New(config.General.Domain, config.Authentication.Secret, config.Authentication.ClientID, config.Authentication.ClientSecret, - config.Authentication.RedirectURI, config.GitLab.InternalServer, config.GitLab.PublicServer, config.Authentication.Scope) + config.Authentication.RedirectURI, config.GitLab.InternalServer, config.GitLab.PublicServer, config.Authentication.Scope, config.Authentication.Timeout) if err != nil { log.WithError(err).Fatal("could not initialize auth package") } diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 45b77b4f..a6e1f7e7 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -660,7 +660,7 @@ func generateKeys(secret string, count int) ([][]byte, error) { } // New when authentication supported this will be used to create authentication handler -func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, internalGitlabServer, publicGitlabServer, authScope string) (*Auth, error) { +func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, internalGitlabServer, publicGitlabServer, authScope string, authTimeout time.Duration) (*Auth, error) { // generate 3 keys, 2 for the cookie store and 1 for JWT signing keys, err := generateKeys(storeSecret, 3) if err != nil { @@ -675,7 +675,7 @@ func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, internal internalGitlabServer: strings.TrimRight(internalGitlabServer, "/"), publicGitlabServer: strings.TrimRight(publicGitlabServer, "/"), apiClient: &http.Client{ - Timeout: 5 * time.Second, + Timeout: authTimeout, Transport: httptransport.DefaultTransport, }, store: sessions.NewCookieStore(keys[0], keys[1]), diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 61b4e88a..4b035132 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -10,6 +10,7 @@ import ( "net/url" "strings" "testing" + "time" "github.com/golang/mock/gomock" "github.com/gorilla/sessions" @@ -30,7 +31,7 @@ func createTestAuth(t *testing.T, internalServer string, publicServer string) *A "http://pages.gitlab-example.com/auth", internalServer, publicServer, - "scope") + "scope", 5*time.Second) require.NoError(t, err) diff --git a/internal/config/config.go b/internal/config/config.go index cef23be8..7644e5ad 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -85,6 +85,7 @@ type Auth struct { ClientSecret string RedirectURI string Scope string + Timeout time.Duration } // Cache configuration for GitLab API @@ -219,6 +220,7 @@ func loadConfig() (*Config, error) { ClientSecret: *clientSecret, RedirectURI: *redirectURI, Scope: *authScope, + Timeout: *authTimeout, }, Log: Log{ Format: *logFormat, diff --git a/internal/config/flags.go b/internal/config/flags.go index 5ddc7df6..091e07e3 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -70,6 +70,7 @@ var ( clientSecret = flag.String("auth-client-secret", "", "GitLab application Client Secret") redirectURI = flag.String("auth-redirect-uri", "", "GitLab application redirect URI") authScope = flag.String("auth-scope", "api", "Scope to be used for authentication (must match GitLab Pages OAuth application settings)") + authTimeout = flag.Duration("auth-timeout", 5*time.Second, "GitLab application client timeout for authentication") maxConns = flag.Int("max-conns", 0, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners, 0 for no limit") maxURILength = flag.Int("max-uri-length", 1024, "Limit the length of URI, 0 for unlimited.") insecureCiphers = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4") |