From a09c4337ffe315e388de6f75b15c452184fe4c71 Mon Sep 17 00:00:00 2001
From: Nick Badger <nbadger@mintel.com>
Date: Fri, 8 Jun 2018 15:26:51 +0100
Subject: [PATCH] Added option to serve requests from a specific prefix

---
 .../templates/configmap.yaml                  |  1 +
 .../templates/deployment.yaml                 |  4 +--
 charts/dex-k8s-authenticator/values.yaml      |  1 +
 dex-auth.go                                   |  3 ++-
 examples/config.yaml                          |  1 +
 html/static/main.css                          |  2 +-
 main.go                                       | 25 +++++++++++--------
 templates.go                                  |  3 +++
 templates/index.html                          | 10 ++++----
 templates/kubeconfig.html                     | 20 +++++++--------
 templates/linux-mac-common.html               | 14 +++++------
 templates/windows-tab.html                    | 14 +++++------
 12 files changed, 53 insertions(+), 45 deletions(-)

diff --git a/charts/dex-k8s-authenticator/templates/configmap.yaml b/charts/dex-k8s-authenticator/templates/configmap.yaml
index 4e8d417..b024515 100644
--- a/charts/dex-k8s-authenticator/templates/configmap.yaml
+++ b/charts/dex-k8s-authenticator/templates/configmap.yaml
@@ -12,6 +12,7 @@ data:
   config.yaml: |-
     {{- with .Values.dexK8sAuthenticator }}
     listen: http://0.0.0.0:{{ default "5555" .port }}
+    web_path_prefix: {{ default "/" .web_path_prefix }}
     debug: {{ default "false" .debug }}
     {{- if .logoUrl }}
     logo_uri: {{ .logoUrl }}
diff --git a/charts/dex-k8s-authenticator/templates/deployment.yaml b/charts/dex-k8s-authenticator/templates/deployment.yaml
index c6a898d..3b47999 100644
--- a/charts/dex-k8s-authenticator/templates/deployment.yaml
+++ b/charts/dex-k8s-authenticator/templates/deployment.yaml
@@ -39,11 +39,11 @@ spec:
           protocol: TCP
         livenessProbe:
           httpGet:
-            path: /
+            path: {{ .Values.dexK8sAuthenticator.web_path_prefix }}
             port: http
         readinessProbe:
           httpGet:
-            path: /
+            path: {{ .Values.dexK8sAuthenticator.web_path_prefix }}
             port: http
         volumeMounts:
         - name: config
diff --git a/charts/dex-k8s-authenticator/values.yaml b/charts/dex-k8s-authenticator/values.yaml
index 31b87fb..bb2f256 100644
--- a/charts/dex-k8s-authenticator/values.yaml
+++ b/charts/dex-k8s-authenticator/values.yaml
@@ -14,6 +14,7 @@ image:
 dexK8sAuthenticator:
   port: 5555
   debug: false
+  web_path_prefix: /
   #logoUrl: http://<path-to-your-logo.png>
   #tlsCert: /path/to/dex-client.crt
   #tlsKey: /path/to/dex-client.key
diff --git a/dex-auth.go b/dex-auth.go
index 562dba1..85fe22e 100644
--- a/dex-auth.go
+++ b/dex-auth.go
@@ -34,7 +34,7 @@ func (cluster *Cluster) handleLogin(w http.ResponseWriter, r *http.Request) {
 
 	scopes = append(scopes, "openid", "profile", "email", "offline_access", "groups")
 
-	log.Printf("Handling /login for: %s", cluster.Name)
+	log.Printf("Handling login-uri for: %s", cluster.Name)
 	authCodeURL := cluster.oauth2Config(scopes).AuthCodeURL(exampleAppState, oauth2.AccessTypeOffline)
 	log.Printf("Redirecting post-loginto: %s", authCodeURL)
 	http.Redirect(w, r, authCodeURL, http.StatusSeeOther)
@@ -109,6 +109,7 @@ func (cluster *Cluster) handleCallback(w http.ResponseWriter, r *http.Request) {
 	cluster.renderToken(w, rawIDToken, token.RefreshToken,
 		viper.GetString("idp_ca_uri"),
 		viper.GetString("logo_uri"),
+		viper.GetString("web_path_prefix"),
 		viper.GetString("kubectl_version"),
 		buff.Bytes())
 }
diff --git a/examples/config.yaml b/examples/config.yaml
index 554ba23..e5687d6 100644
--- a/examples/config.yaml
+++ b/examples/config.yaml
@@ -12,6 +12,7 @@ clusters:
 #tls_cert: /path/to/dex-client.crt
 #tls_key: /path/to/dex-client.key
 
+web_path_prefix: /
 listen: http://127.0.0.1:5555
 #logo_uri: http://<path-to-your-logo.png>
 kubectl_version: v1.10.2
diff --git a/html/static/main.css b/html/static/main.css
index c5fdeda..04bf8e7 100644
--- a/html/static/main.css
+++ b/html/static/main.css
@@ -63,7 +63,7 @@ pre {
 
 .dex-btn-icon--local {
   background-color: #84B6EF;
-  background-image: url(/static/button.svg);
+  background-image: url({{ .Web_Path_Prefix }}static/button.svg);
 }
 
 .dex-btn-text {
diff --git a/main.go b/main.go
index 5b459d4..99c8d94 100644
--- a/main.go
+++ b/main.go
@@ -74,9 +74,9 @@ type Cluster struct {
 
 // Define our configuration
 type Config struct {
-	Clusters []Cluster
-	Listen   string
-
+	Clusters        []Cluster
+	Listen          string
+	Web_Path_Prefix string
 	TLS_Cert        string
 	TLS_Key         string
 	IDP_Ca_URI      string
@@ -188,21 +188,23 @@ func start_app(config Config) {
 		}
 
 		// Each cluster gets a different login and callback URL
-		callback_uri := path.Join(base_redirect_uri.Path)
-		http.HandleFunc(callback_uri, cluster.handleCallback)
-		log.Printf("Registered callback handler at: %s", callback_uri)
+		http.HandleFunc(base_redirect_uri.Path, cluster.handleCallback)
+		log.Printf("Registered callback handler at: %s", base_redirect_uri.Path)
 
-		login_uri := path.Join("/login", cluster.Name)
+		login_uri := path.Join(config.Web_Path_Prefix, "login", cluster.Name)
 		http.HandleFunc(login_uri, cluster.handleLogin)
-		log.Printf("Registered login handler at: /login/%s", cluster.Name)
+		log.Printf("Registered login handler at: %s", login_uri)
 	}
 
 	// Index page
-	http.HandleFunc("/", config.handleIndex)
+	http.HandleFunc(config.Web_Path_Prefix, config.handleIndex)
 
 	// Serve static html assets
-	fs := http.FileServer(http.Dir("html/static"))
-	http.Handle("/static/", http.StripPrefix("/static/", fs))
+	fs := http.FileServer(http.Dir("html/static/"))
+	static_uri := path.Join(config.Web_Path_Prefix, "static") + "/"
+	log.Printf("Registered static assets handler at: %s", static_uri)
+
+	http.Handle(static_uri, http.StripPrefix(static_uri, fs))
 
 	// Determine whether to use TLS or not
 	switch listenURL.Scheme {
@@ -311,6 +313,7 @@ func initConfig() {
 
 		viper.SetConfigName(strings.Split(base, ".")[0])
 		viper.AddConfigPath(path)
+		viper.SetDefault("web_path_prefix", "/")
 
 		config, err := ioutil.ReadFile(config_file)
 		if err != nil {
diff --git a/templates.go b/templates.go
index 7fc5ed3..7a25304 100644
--- a/templates.go
+++ b/templates.go
@@ -38,6 +38,7 @@ type templateData struct {
 	K8sCaPem         string
 	IDPCaURI         string
 	LogoURI          string
+	Web_Path_Prefix  string
 	KubectlVersion   string
 }
 
@@ -46,6 +47,7 @@ func (cluster *Cluster) renderToken(w http.ResponseWriter,
 	refreshToken string,
 	idpCaURI string,
 	logoURI string,
+	webPathPrefix string,
 	kubectlVersion string,
 	claims []byte) {
 
@@ -74,6 +76,7 @@ func (cluster *Cluster) renderToken(w http.ResponseWriter,
 		K8sCaPem:         cluster.K8s_Ca_Pem,
 		IDPCaURI:         idpCaURI,
 		LogoURI:          logoURI,
+		Web_Path_Prefix:  webPathPrefix,
 		KubectlVersion:   kubectlVersion}
 
 	err = templates.ExecuteTemplate(w, "kubeconfig.html", token_data)
diff --git a/templates/index.html b/templates/index.html
index 23c3438..a40e00e 100644
--- a/templates/index.html
+++ b/templates/index.html
@@ -8,16 +8,16 @@
 
     <title>Generate Kubernetes Token</title>
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <link href="/static/main.css" rel="stylesheet" type="text/css">
-    <link href="/static/styles.css" rel="stylesheet" type="text/css">
-    <link rel="icon" href="/static/favicon.png">
+    <link href="{{ .Web_Path_Prefix }}static/main.css" rel="stylesheet" type="text/css">
+    <link href="{{ .Web_Path_Prefix }}static/styles.css" rel="stylesheet" type="text/css">
+    <link rel="icon" href="{{ .Web_Path_Prefix }}static/favicon.png">
   </head>
 
   <body class="theme-body">
     <div class="theme-navbar">
       {{ if .Logo_Uri }}
       <div class="theme-navbar__logo-wrap">
-          <img class="theme-navbar__logo" src="{{ .Logo_Uri}}"/>
+          <img class="theme-navbar__logo" src="{{ .Logo_Uri }}"/>
       </div>
       {{ end }}
     </div>
@@ -35,7 +35,7 @@ <h2 class="theme-heading">Generate Kubernetes Token</h2>
 
             <div class="theme-form-row">
                 <p class="theme-form-description">{{$cluster.Description}}</p>
-                <a href="/login/{{$cluster.Name}}" target="_self">                    
+                <a href="{{ $.Web_Path_Prefix }}login/{{$cluster.Name}}" target="_self">
                   <button class="dex-btn theme-btn-provider">
                     <span class="dex-btn-icon dex-btn-icon--local"></span>
                     <span class="dex-btn-text">{{$cluster.Short_Description}}</span>
diff --git a/templates/kubeconfig.html b/templates/kubeconfig.html
index 85e6b13..e4cc57d 100644
--- a/templates/kubeconfig.html
+++ b/templates/kubeconfig.html
@@ -1,5 +1,3 @@
-
-
 <!DOCTYPE html>
 <html>
   <head>
@@ -10,10 +8,10 @@
 
     <title>Kubernetes Configuration</title>
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <link href="/static/main.css" rel="stylesheet" type="text/css">
-    <link href="/static/styles.css" rel="stylesheet" type="text/css">
-    <link href="/static/tabs.css" rel="stylesheet" type="text/css">
-    <link rel="icon" href="/static/favicon.png">
+    <link href="{{ .Web_Path_Prefix }}static/main.css" rel="stylesheet" type="text/css">
+    <link href="{{ .Web_Path_Prefix }}static/styles.css" rel="stylesheet" type="text/css">
+    <link href="{{ .Web_Path_Prefix }}static/tabs.css" rel="stylesheet" type="text/css">
+    <link rel="icon" href="{{ .Web_Path_Prefix }}static/favicon.png">
   </head>
 
 <body class="theme-body">
@@ -28,7 +26,7 @@
   <div class="dex-kubeconfig-container">
     <div class="theme-panel">
       <div style="float:right">
-        <a href="/">Login Again</a>
+        <a href="{{ .Web_Path_Prefix }}">Login Again</a>
       </div>
       <h2 class="theme-heading">Generated Kubernetes Token - {{ .ShortDescription }}</h2>
 
@@ -62,10 +60,10 @@ <h2 class="theme-heading">Generated Kubernetes Token - {{ .ShortDescription }}</
     </div>
   </div>
 
-  <script src="/static/highlight.pack.min.js"></script>
-  <script src="/static/clipboard.min.js"></script> 
-  <script src="/static/snippets.js"></script>
-  <script src="/static/tooltips.js"></script>
+  <script src="{{ .Web_Path_Prefix }}static/highlight.pack.min.js"></script>
+  <script src="{{ .Web_Path_Prefix }}static/clipboard.min.js"></script>
+  <script src="{{ .Web_Path_Prefix }}static/snippets.js"></script>
+  <script src="{{ .Web_Path_Prefix }}static/tooltips.js"></script>
   <script>
       var clipboard = new ClipboardJS('.btn');
       clipboard.on('success', function(e) {
diff --git a/templates/linux-mac-common.html b/templates/linux-mac-common.html
index 3d61004..652a1b9 100644
--- a/templates/linux-mac-common.html
+++ b/templates/linux-mac-common.html
@@ -6,7 +6,7 @@ <h3>Copy IDP CA Certificate</h3>
     <div class="command">
       
       <button class="btn" style="float:right" data-clipboard-snippet="">
-        <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+        <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
       </button>
       <pre><code>curl --create-dirs -s {{ .IDPCaURI }} -o ${HOME}/.kube/certs/{{ .ClusterName }}/idp-ca.crt</code></pre>
     </div>
@@ -19,7 +19,7 @@ <h3>Copy Kubernetes CA Certificate From URL</h3>
     <div class="command">
 
       <button class="btn" style="float: right" data-clipboard-snippet="">
-        <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+        <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
       </button>
       <pre><code>curl --create-dirs -s {{ .K8sCaURI }} -o ${HOME}/.kube/certs/{{ .ClusterName }}/k8s-ca.crt</code></pre>
     </div>
@@ -33,7 +33,7 @@ <h3>Copy Kubernetes CA Certificate From PEM</h3>
     <div class="command"> 
 
       <button class="btn" style="float:right" data-clipboard-snippet="">
-        <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+        <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
       </button>
       <pre><code>mkdir -p ${HOME}/.kube/certs/{{ .ClusterName }}/ &amp;&amp; cat &lt;&lt; EOF &gt; ${HOME}/.kube/certs/{{ .ClusterName }}/k8s-ca.crt
 {{ .K8sCaPem }}
@@ -48,7 +48,7 @@ <h3>Run configuration commands</h3>
   <div class="command">
 
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt="">
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt="">
     </button>
   <pre><code>kubectl config set-cluster {{ .ClientID }} \
     --certificate-authority=${HOME}/.kube/certs/{{ .ClusterName}}/k8s-ca.crt \
@@ -58,7 +58,7 @@ <h3>Run configuration commands</h3>
   <div class="command">
 
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
     </button>
   <pre><code>kubectl config set-credentials {{ .Username }}-{{ .ClientID }} \
     --auth-provider=oidc \
@@ -75,7 +75,7 @@ <h3>Run configuration commands</h3>
   <div class="command">
 
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt="">
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt="">
     </button>
     <pre><code class="hljs">kubectl config set-context {{ .Username }}-{{ .ClientID }} \
     --cluster={{ .ClientID }} \
@@ -85,7 +85,7 @@ <h3>Run configuration commands</h3>
   <div class="command">
 
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
     </button>
     <pre><code class="hljs">kubectl config use-context {{ .Username }}-{{ .ClientID}}</code></pre>          
   </div>           
diff --git a/templates/windows-tab.html b/templates/windows-tab.html
index 300f4ca..dfc5584 100644
--- a/templates/windows-tab.html
+++ b/templates/windows-tab.html
@@ -23,7 +23,7 @@ <h3>Copy IDP CA Certificate</h3>
     <div class="command">
       
       <button class="btn" style="float:right" data-clipboard-snippet="">
-        <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+        <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
       </button>
 
       <pre><code>curl --create-dirs -s {{ .IDPCaURI }} -o ${HOME}/.kube/certs/{{ .ClusterName }}/idp-ca.crt</code></pre>
@@ -37,7 +37,7 @@ <h3>Copy Kubernetes CA Certificate From URL</h3>
     <div class="command">
 
       <button class="btn" style="float: right" data-clipboard-snippet="">
-        <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+        <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
       </button>
       <pre><code>curl --create-dirs -s {{ .K8sCaURI }} -o ${HOME}/.kube/certs/{{ .ClusterName }}/k8s-ca.crt</code></pre>
     </div>
@@ -51,7 +51,7 @@ <h3>Copy Kubernetes CA Certificate From PEM</h3>
     <div class="command">
       
       <button class="btn" style="float:right" data-clipboard-snippet="">
-        <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+        <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
       </button>
       <pre><code>mkdir -p ${HOME}/.kube/certs/{{ .ClusterName }}/ &amp;&amp; cat &lt;&lt; EOF &gt; ${HOME}/.kube/certs/{{ .ClusterName }}/k8s-ca.crt
 {{ .K8sCaPem }}
@@ -66,7 +66,7 @@ <h3>Run configuration commands</h3>
   <div class="command">
 
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt="">
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt="">
     </button>
   <pre><code>kubectl config set-cluster {{ .ClientID }} --certificate-authority=${HOME}/.kube/certs/{{ .ClusterName}}/k8s-ca.crt --server={{ .K8sMasterURI }}</code></pre>
   </div>
@@ -74,7 +74,7 @@ <h3>Run configuration commands</h3>
   <div class="command">
 
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
     </button>
   <pre><code>kubectl config set-credentials {{ .Username }}-{{ .ClientID }} --auth-provider=oidc --auth-provider-arg=idp-issuer-url={{ .Issuer }} --auth-provider-arg=client-id={{ .ClientID }} --auth-provider-arg=client-secret={{ .ClientSecret }} --auth-provider-arg=refresh-token={{ .RefreshToken }} --auth-provider-arg=id-token={{ .IDToken }}
   {{- if .IDPCaURI }} --auth-provider-arg=idp-certificate-authority=${HOME}/.kube/certs/{{ .ClusterName }}/idp-ca.crt
@@ -84,14 +84,14 @@ <h3>Run configuration commands</h3>
   <div class="command">
 
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt="">
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt="">
     </button>
     <pre><code class="hljs">kubectl config set-context {{ .Username }}-{{ .ClientID }} --cluster={{ .ClientID }} --user={{ .Username}}-{{.ClientID }}</code></pre>
   </div>
 
   <div class="command">
     <button class="btn" style="float:right" data-clipboard-snippet="">
-      <img class="clippy" width="13" src="/static/clippy.svg" alt=""/>
+      <img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
     </button>
     <pre><code class="hljs">kubectl config use-context {{ .Username }}-{{ .ClientID}}</code></pre>          
   </div>