Add authenticated user info to HTTP header

authenticator.go

@@ -115,6 +115,9 @@ func (a *GoogleAuth) Authenticate(domain []string, c martini.Context, tokens oau
 		if user != nil {
 			log.Printf("user %s logged in", email)
 			c.Map(user)
+			if userKey := a.conf.Auth.Header.UserKey; userKey != "" {
+				r.Header.Set(userKey, email)
+			}
 		} else {
 			log.Printf("email doesn't allow: %s", email)
 			forbidden(w)

conf.go

@@ -23,6 +23,7 @@ type SSLConf struct {
 type AuthConf struct {
 	Session AuthSessionConf `yaml:"session"`
 	Info    AuthInfoConf    `yaml:"info"`
+	Header  AuthHeaderConf  `yaml:"header"`
 }
 
 type AuthSessionConf struct {
@@ -38,6 +39,10 @@ type AuthInfoConf struct {
 	ApiEndpoint  string `yaml:"api_endpoint"`
 }
 
+type AuthHeaderConf struct {
+	UserKey string `yaml:"user_key"`
+}
+
 type ProxyConf struct {
 	Path  string `yaml:"path"`
 	Dest  string `yaml:"dest"`

config_sample.yml

@@ -20,6 +20,10 @@ auth:
     # your app redirect_url for the service: if the service is Google, path is always "/oauth2callback"
     redirect_url: https://yourapp.example.com/oauth2callback
 
+#  # HTTP request header definitions (optional)
+#  header:
+#    user_key: your key # field name for authenticated user info (ex. x-gate-user)
+
 # # restrict user request. (optional)
 # restrictions:
 #   - yourdomain.com    # domain of your Google App (Google)

config_test.go

@@ -29,6 +29,9 @@ auth:
     client_secret: 'secret client secret'
     redirect_url: 'http://example.com/oauth2callback'
 
+  header:
+    user_key: 'x-gate-user'
+
 htdocs: ./
 
 proxy:
@@ -48,6 +51,10 @@ proxy:
 	if conf.Addr != ":9999" {
 		t.Errorf("unexpected address: %s", conf.Addr)
 	}
+
+	if conf.Auth.Header.UserKey != "x-gate-user" {
+		t.Errorf("unexpected auth header user key: %s", conf.Auth.Header.UserKey)
+	}
 }
 
 func TestParseMultiRestrictions(t *testing.T) {