From 0a2122d4960ebdca71a21cdb6038696f1746c3f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Osman=20=C4=B0lge=20=C3=9Cnald=C4=B1?= Date: Mon, 14 Mar 2022 23:22:02 +0000 Subject: feat: allow auth http.Client timeout to be configurable Changelog: added --- internal/auth/auth.go | 4 ++-- internal/auth/auth_test.go | 3 ++- internal/config/config.go | 2 ++ internal/config/flags.go | 1 + 4 files changed, 7 insertions(+), 3 deletions(-) (limited to 'internal') diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 45b77b4f..a6e1f7e7 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -660,7 +660,7 @@ func generateKeys(secret string, count int) ([][]byte, error) { } // New when authentication supported this will be used to create authentication handler -func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, internalGitlabServer, publicGitlabServer, authScope string) (*Auth, error) { +func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, internalGitlabServer, publicGitlabServer, authScope string, authTimeout time.Duration) (*Auth, error) { // generate 3 keys, 2 for the cookie store and 1 for JWT signing keys, err := generateKeys(storeSecret, 3) if err != nil { @@ -675,7 +675,7 @@ func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, internal internalGitlabServer: strings.TrimRight(internalGitlabServer, "/"), publicGitlabServer: strings.TrimRight(publicGitlabServer, "/"), apiClient: &http.Client{ - Timeout: 5 * time.Second, + Timeout: authTimeout, Transport: httptransport.DefaultTransport, }, store: sessions.NewCookieStore(keys[0], keys[1]), diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index 61b4e88a..4b035132 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -10,6 +10,7 @@ import ( "net/url" "strings" "testing" + "time" "github.com/golang/mock/gomock" "github.com/gorilla/sessions" @@ -30,7 +31,7 @@ func createTestAuth(t *testing.T, internalServer string, publicServer string) *A "http://pages.gitlab-example.com/auth", internalServer, publicServer, - "scope") + "scope", 5*time.Second) require.NoError(t, err) diff --git a/internal/config/config.go b/internal/config/config.go index cef23be8..7644e5ad 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -85,6 +85,7 @@ type Auth struct { ClientSecret string RedirectURI string Scope string + Timeout time.Duration } // Cache configuration for GitLab API @@ -219,6 +220,7 @@ func loadConfig() (*Config, error) { ClientSecret: *clientSecret, RedirectURI: *redirectURI, Scope: *authScope, + Timeout: *authTimeout, }, Log: Log{ Format: *logFormat, diff --git a/internal/config/flags.go b/internal/config/flags.go index 5ddc7df6..091e07e3 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -70,6 +70,7 @@ var ( clientSecret = flag.String("auth-client-secret", "", "GitLab application Client Secret") redirectURI = flag.String("auth-redirect-uri", "", "GitLab application redirect URI") authScope = flag.String("auth-scope", "api", "Scope to be used for authentication (must match GitLab Pages OAuth application settings)") + authTimeout = flag.Duration("auth-timeout", 5*time.Second, "GitLab application client timeout for authentication") maxConns = flag.Int("max-conns", 0, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners, 0 for no limit") maxURILength = flag.Int("max-uri-length", 1024, "Limit the length of URI, 0 for unlimited.") insecureCiphers = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4") -- cgit v1.2.3