graham.systems / ladon
An OIDC-protected index page for your homeserver.
fork atom
ladon / auth / env.go
at main 51 lines 1.2 kB view raw
Graham Barber feat: push initial version to github
724a2dbe
1package auth 2 3import ( 4 "log" 5 "os" 6 7 gonanoid "github.com/matoous/go-nanoid/v2" 8) 9 10type EnvConfig struct { 11 LadonHost string 12 ClientID string 13 ClientSecret string 14 Issuer string 15 SessionSecret []byte 16} 17 18const LADON_HOST_ENV_KEY = "LADON_DOMAIN" 19const OIDC_ID_ENV_KEY = "OIDC_CLIENT_ID" 20const OIDC_SECRET_ENV_KEY = "OIDC_CLIENT_SECRET" 21const OIDC_ISSUER_ENV_KEY = "OIDC_ISSUER" 22const SESSION_SECRET = "SESSION_SECRET" 23 24func ensureEnvVar(key string) string { 25 val, isSet := os.LookupEnv(key) 26 27 if !isSet { 28 log.Fatalf("%s is not set in environment", key) 29 } 30 31 return val 32} 33 34func EnvMustParse() *EnvConfig { 35 sessionSecret := os.Getenv(SESSION_SECRET) 36 37 if len(sessionSecret) != 16 { 38 log.Fatalf("session secret must be 16 characters") 39 } else if sessionSecret == "" { 40 log.Println("ladon: no session secret set, generating one") 41 sessionSecret = gonanoid.Must(16) 42 } 43 44 return &EnvConfig{ 45 LadonHost: ensureEnvVar(LADON_HOST_ENV_KEY), 46 ClientID: ensureEnvVar(OIDC_ID_ENV_KEY), 47 ClientSecret: ensureEnvVar(OIDC_SECRET_ENV_KEY), 48 Issuer: ensureEnvVar(OIDC_ISSUER_ENV_KEY), 49 SessionSecret: []byte(sessionSecret), 50 } 51}