From dcbe67d89c6684457c37018a267e4469afbe31bf Mon Sep 17 00:00:00 2001
From: Eric Chiang <eric.chiang@coreos.com>
Date: Fri, 7 Oct 2016 11:53:01 -0700
Subject: [PATCH] {cmd/dex,server}: expose skip approval screen option

---
 cmd/dex/config.go | 3 +++
 cmd/dex/serve.go  | 1 +
 server/server.go  | 6 +++++-
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/cmd/dex/config.go b/cmd/dex/config.go
index 482075f3..b1beb850 100644
--- a/cmd/dex/config.go
+++ b/cmd/dex/config.go
@@ -72,6 +72,9 @@ func (p password) toPassword() (storage.Password, error) {
 // OAuth2 describes enabled OAuth2 extensions.
 type OAuth2 struct {
 	ResponseTypes []string `yaml:"responseTypes"`
+	// If specified, do not prompt the user to approve client authorization. The
+	// act of logging in implies authorization.
+	SkipApprovalScreen bool `yaml:"skipApprovalScreen"`
 }
 
 // Web is the config format for the HTTP server.
diff --git a/cmd/dex/serve.go b/cmd/dex/serve.go
index 0e35e6af..17a63613 100644
--- a/cmd/dex/serve.go
+++ b/cmd/dex/serve.go
@@ -116,6 +116,7 @@ func serve(cmd *cobra.Command, args []string) error {
 
 	serverConfig := server.Config{
 		SupportedResponseTypes: c.OAuth2.ResponseTypes,
+		SkipApprovalScreen:     c.OAuth2.SkipApprovalScreen,
 		Issuer:                 c.Issuer,
 		Connectors:             connectors,
 		Storage:                s,
diff --git a/server/server.go b/server/server.go
index 703af668..904d826e 100644
--- a/server/server.go
+++ b/server/server.go
@@ -41,6 +41,10 @@ type Config struct {
 	// flow. If no response types are supplied this value defaults to "code".
 	SupportedResponseTypes []string
 
+	// If enabled, the server won't prompt the user to approve authorization requests.
+	// Logging in implies approval.
+	SkipApprovalScreen bool
+
 	RotateKeysAfter  time.Duration // Defaults to 6 hours.
 	IDTokensValidFor time.Duration // Defaults to 24 hours
 
@@ -73,7 +77,6 @@ type Server struct {
 	templates *templates
 
 	// If enabled, don't prompt user for approval after logging in through connector.
-	// No package level API to set this, only used in tests.
 	skipApproval bool
 
 	supportedResponseTypes map[string]bool
@@ -145,6 +148,7 @@ func newServer(c Config, rotationStrategy rotationStrategy) (*Server, error) {
 		),
 		supportedResponseTypes: supported,
 		idTokensValidFor:       value(c.IDTokensValidFor, 24*time.Hour),
+		skipApproval:           c.SkipApprovalScreen,
 		now:                    now,
 		templates:              tmpls,
 	}
-- 
GitLab