From 656c8a62d145fc565e9a98e060329239d2d59fbd Mon Sep 17 00:00:00 2001
From: Corey Hulen <corey@hulen.com>
Date: Tue, 12 Jun 2018 10:16:39 -0700
Subject: Prototype for CBA (#8475)

* Prototype for CBA

* Fixing gofmt issues

* Do not require password if logging in with certificate

* Fixing issues from feedback

* Adding unit tests

* Fixing feedback
---
 model/client4.go | 10 +++++++++-
 model/config.go  | 20 ++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletion(-)

(limited to 'model')

diff --git a/model/client4.go b/model/client4.go
index 8096b2364..f5a856835 100644
--- a/model/client4.go
+++ b/model/client4.go
@@ -57,6 +57,7 @@ type Client4 struct {
 	HttpClient *http.Client // The http client
 	AuthToken  string
 	AuthType   string
+	HttpHeader map[string]string // Headers to be copied over for each request
 }
 
 func closeBody(r *http.Response) {
@@ -78,7 +79,7 @@ func (c *Client4) Must(result interface{}, resp *Response) interface{} {
 }
 
 func NewAPIv4Client(url string) *Client4 {
-	return &Client4{url, url + API_URL_SUFFIX, &http.Client{}, "", ""}
+	return &Client4{url, url + API_URL_SUFFIX, &http.Client{}, "", "", map[string]string{}}
 }
 
 func BuildErrorResponse(r *http.Response, err *AppError) *Response {
@@ -423,6 +424,13 @@ func (c *Client4) DoApiRequest(method, url, data, etag string) (*http.Response,
 		rq.Header.Set(HEADER_AUTH, c.AuthType+" "+c.AuthToken)
 	}
 
+	if c.HttpHeader != nil && len(c.HttpHeader) > 0 {
+
+		for k, v := range c.HttpHeader {
+			rq.Header.Set(k, v)
+		}
+	}
+
 	if rp, err := c.HttpClient.Do(rq); err != nil || rp == nil {
 		return nil, NewAppError(url, "model.client.connecting.app_error", nil, err.Error(), 0)
 	} else if rp.StatusCode == 304 {
diff --git a/model/config.go b/model/config.go
index f2bebf03b..47e2f68a4 100644
--- a/model/config.go
+++ b/model/config.go
@@ -160,6 +160,9 @@ const (
 	COMPLIANCE_EXPORT_TYPE_GLOBALRELAY = "globalrelay"
 	GLOBALRELAY_CUSTOMER_TYPE_A9       = "A9"
 	GLOBALRELAY_CUSTOMER_TYPE_A10      = "A10"
+
+	CLIENT_SIDE_CERT_CHECK_PRIMARY_AUTH   = "primary"
+	CLIENT_SIDE_CERT_CHECK_SECONDARY_AUTH = "secondary"
 )
 
 type ServiceSettings struct {
@@ -545,6 +548,21 @@ func (s *MetricsSettings) SetDefaults() {
 	}
 }
 
+type ExperimentalSettings struct {
+	ClientSideCertEnable *bool
+	ClientSideCertCheck  *string
+}
+
+func (s *ExperimentalSettings) SetDefaults() {
+	if s.ClientSideCertEnable == nil {
+		s.ClientSideCertEnable = NewBool(false)
+	}
+
+	if s.ClientSideCertCheck == nil {
+		s.ClientSideCertCheck = NewString(CLIENT_SIDE_CERT_CHECK_SECONDARY_AUTH)
+	}
+}
+
 type AnalyticsSettings struct {
 	MaxUsersForStatistics *int
 }
@@ -1829,6 +1847,7 @@ type Config struct {
 	NativeAppSettings     NativeAppSettings
 	ClusterSettings       ClusterSettings
 	MetricsSettings       MetricsSettings
+	ExperimentalSettings  ExperimentalSettings
 	AnalyticsSettings     AnalyticsSettings
 	WebrtcSettings        WebrtcSettings
 	ElasticsearchSettings ElasticsearchSettings
@@ -1891,6 +1910,7 @@ func (o *Config) SetDefaults() {
 	o.PasswordSettings.SetDefaults()
 	o.TeamSettings.SetDefaults()
 	o.MetricsSettings.SetDefaults()
+	o.ExperimentalSettings.SetDefaults()
 	o.SupportSettings.SetDefaults()
 	o.AnnouncementSettings.SetDefaults()
 	o.ThemeSettings.SetDefaults()
-- 
cgit v1.2.3-1-g7c22