diff --git a/src/apps.js b/src/apps.js index 76fecea72..6cbb88956 100644 --- a/src/apps.js +++ b/src/apps.js @@ -6,7 +6,6 @@ exports = module.exports = { AppsError: AppsError, hasAccessTo: hasAccessTo, - requiresOAuthProxy: requiresOAuthProxy, get: get, getBySubdomain: getBySubdomain, @@ -281,19 +280,6 @@ function hasAccessTo(app, user, callback) { }); } -function requiresOAuthProxy(app) { - assert.strictEqual(typeof app, 'object'); - - var tmp = app.accessRestriction; - - // if no accessRestriction set, or the app uses one of the auth modules, we do not need the oauth proxy - if (tmp === null) return false; - if (app.manifest.addons['ldap'] || app.manifest.addons['oauth'] || app.manifest.addons['simpleauth']) return false; - - // check if any restrictions are set - return !!((tmp.users && tmp.users.length) || (tmp.groups && tmp.groups.length)); -} - function get(appId, callback) { assert.strictEqual(typeof appId, 'string'); assert.strictEqual(typeof callback, 'function'); diff --git a/src/apptask.js b/src/apptask.js index 82f746454..860d2616b 100644 --- a/src/apptask.js +++ b/src/apptask.js @@ -101,12 +101,11 @@ function configureNginx(app, callback) { assert.strictEqual(typeof callback, 'function'); var vhost = config.appFqdn(app.location); - var oauthProxy = apps.requiresOAuthProxy(app); certificates.ensureCertificate(vhost, function (error, certFilePath, keyFilePath) { if (error) return callback(error); - nginx.configureApp(app, oauthProxy, certFilePath, keyFilePath, callback); + nginx.configureApp(app, certFilePath, keyFilePath, callback); }); } @@ -163,7 +162,7 @@ function allocateOAuthProxyCredentials(app, callback) { assert.strictEqual(typeof app, 'object'); assert.strictEqual(typeof callback, 'function'); - if (!apps.requiresOAuthProxy(app)) return callback(null); + if (!nginx.requiresOAuthProxy(app)) return callback(null); var id = 'cid-' + uuid.v4(); var clientSecret = hat(256); diff --git a/src/nginx.js b/src/nginx.js index 3fdadc204..d1369532e 100644 --- a/src/nginx.js +++ b/src/nginx.js @@ -13,6 +13,7 @@ var assert = require('assert'), shell = require('./shell.js'); exports = module.exports = { + requiresOAuthProxy: requiresOAuthProxy, configureAdmin: configureAdmin, configureApp: configureApp, unconfigureApp: unconfigureApp, @@ -22,6 +23,19 @@ exports = module.exports = { var NGINX_APPCONFIG_EJS = fs.readFileSync(__dirname + '/../setup/start/nginx/appconfig.ejs', { encoding: 'utf8' }), RELOAD_NGINX_CMD = path.join(__dirname, 'scripts/reloadnginx.sh'); +function requiresOAuthProxy(app) { + assert.strictEqual(typeof app, 'object'); + + var tmp = app.accessRestriction; + + // if no accessRestriction set, or the app uses one of the auth modules, we do not need the oauth proxy + if (tmp === null) return false; + if (app.manifest.addons['ldap'] || app.manifest.addons['oauth'] || app.manifest.addons['simpleauth']) return false; + + // check if any restrictions are set + return !!((tmp.users && tmp.users.length) || (tmp.groups && tmp.groups.length)); +} + function configureAdmin(certFilePath, keyFilePath, callback) { assert.strictEqual(typeof certFilePath, 'string'); assert.strictEqual(typeof keyFilePath, 'string'); @@ -43,14 +57,14 @@ function configureAdmin(certFilePath, keyFilePath, callback) { reload(callback); } -function configureApp(app, oauthProxy, certFilePath, keyFilePath, callback) { +function configureApp(app, certFilePath, keyFilePath, callback) { assert.strictEqual(typeof app, 'object'); - assert.strictEqual(typeof oauthProxy, 'boolean'); assert.strictEqual(typeof certFilePath, 'string'); assert.strictEqual(typeof keyFilePath, 'string'); assert.strictEqual(typeof callback, 'function'); var sourceDir = path.resolve(__dirname, '..'); + var oauthProxy = requiresOAuthProxy(app); var endpoint = oauthProxy ? 'oauthproxy' : 'app'; var vhost = config.appFqdn(app.location);