From ed8ef3b963d559d8e520c8b7cf4fa13db91fa802 Mon Sep 17 00:00:00 2001
From: Simon Gottschlag <simon.gottschlag@xenit.se>
Date: Fri, 8 Feb 2019 06:49:14 +0100
Subject: [PATCH] Add resource to redirect query

---
 pkg/cfg/cfg.go       | 18 ++++++++----------
 pkg/cookie/cookie.go | 17 ++++++++---------
 2 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/pkg/cfg/cfg.go b/pkg/cfg/cfg.go
index cbb76b80..da38f5d1 100644
--- a/pkg/cfg/cfg.go
+++ b/pkg/cfg/cfg.go
@@ -215,16 +215,6 @@ func Get(key string) string {
 	return viper.GetString(key)
 }
 
-// GetInt int value for key
-func GetInt(key string) int {
-	return viper.GetInt(key)
-}
-
-// GetBool bool value for key
-func GetBool(key string) bool {
-	return viper.GetBool(key)
-}
-
 // BasicTest just a quick sanity check to see if the config is sound
 func BasicTest() error {
 	for _, opt := range RequiredOptions {
@@ -416,6 +406,9 @@ func setDefaults() {
 		} else if GenOAuth.Provider == Providers.GitHub {
 			setDefaultsGitHub()
 			configureOAuthClient()
+		} else if GenOAuth.Provider == Providers.ADFS {
+			setDefaultsADFS()
+			configureOAuthClient()
 		} else {
 			configureOAuthClient()
 		}
@@ -441,6 +434,11 @@ func setDefaultsGoogle() {
 	}
 }
 
+func setDefaultsADFS() {
+	log.Info("configuring ADFS OAuth")
+	OAuthopts = oauth2.SetAuthURLParam("resource", GenOAuth.RedirectURL) // Needed or all claims won't be included
+}
+
 func setDefaultsGitHub() {
 	// log.Info("configuring GitHub OAuth")
 	if GenOAuth.AuthURL == "" {
diff --git a/pkg/cookie/cookie.go b/pkg/cookie/cookie.go
index 2a48a5ca..f6a140b3 100644
--- a/pkg/cookie/cookie.go
+++ b/pkg/cookie/cookie.go
@@ -10,8 +10,7 @@ import (
 	"github.com/vouch/vouch-proxy/pkg/domains"
 )
 
-var defaultMaxAge = cfg.GetInt("JWT.MaxAge") * 60
-
+var defaultMaxAge = cfg.Cfg.JWT.MaxAge * 60
 
 // SetCookie http
 func SetCookie(w http.ResponseWriter, r *http.Request, val string) {
@@ -25,25 +24,25 @@ func setCookie(w http.ResponseWriter, r *http.Request, val string, maxAge int) {
 	}
 	domain := domains.Matches(r.Host)
 	// Allow overriding the cookie domain in the config file
-	if cfg.Get("Cookie.Domain") != "" {
-		domain = cfg.Get("Cookie.Domain")
+	if cfg.Cfg.Cookie.Domain != "" {
+		domain = cfg.Cfg.Cookie.Domain
 		log.Debugf("setting the cookie domain to %v", domain)
 	}
 	// log.Debugf("cookie %s expires %d", cfg.Cfg.Cookie.Name, expires)
 	http.SetCookie(w, &http.Cookie{
-		Name:     cfg.Get("Cookie.Name"),
+		Name:     cfg.Cfg.Cookie.Name,
 		Value:    val,
 		Path:     "/",
 		Domain:   domain,
 		MaxAge:   maxAge,
-		Secure:   cfg.GetBool("Cookie.Secure"),
-		HttpOnly: cfg.GetBool("Cookie.HTTPOnly"),
+		Secure:   cfg.Cfg.Cookie.Secure,
+		HttpOnly: cfg.Cfg.Cookie.HTTPOnly,
 	})
 }
 
 // Cookie get the vouch jwt cookie
 func Cookie(r *http.Request) (string, error) {
-	cookie, err := r.Cookie(cfg.Get("Cookie.Name"))
+	cookie, err := r.Cookie(cfg.Cfg.Cookie.Name)
 	if err != nil {
 		return "", err
 	}
@@ -52,7 +51,7 @@ func Cookie(r *http.Request) (string, error) {
 	}
 
 	log.WithFields(log.Fields{
-		"cookieName":  cfg.Get("Cookie.Name"),
+		"cookieName":  cfg.Cfg.Cookie.Name,
 		"cookieValue": cookie.Value,
 	}).Debug("cookie")
 	return cookie.Value, err