diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py index 331898a..bef6897 100644 --- a/powerdnsadmin/models/setting.py +++ b/powerdnsadmin/models/setting.py @@ -73,6 +73,7 @@ class Setting(db.Model): 'github_oauth_authorize_url': 'https://github.com/login/oauth/authorize', 'github_oauth_jwks_url': '', + 'github_oauth_metadata_url': '', 'google_oauth_enabled': False, 'google_oauth_client_id': '', 'google_oauth_client_secret': '', @@ -80,6 +81,7 @@ class Setting(db.Model): 'google_oauth_scope': 'openid email profile', 'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth', 'google_oauth_jwks_url': '', + 'google_oauth_metadata_url': '', 'google_base_url': 'https://www.googleapis.com/oauth2/v3/', 'azure_oauth_enabled': False, 'azure_oauth_key': '', @@ -91,6 +93,7 @@ class Setting(db.Model): 'azure_oauth_authorize_url': 'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize', 'azure_oauth_jwks_url': '', + 'azure_oauth_metadata_url': '', 'azure_sg_enabled': False, 'azure_admin_group': '', 'azure_operator_group': '', diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py index 5aea1d2..900e70c 100644 --- a/powerdnsadmin/routes/admin.py +++ b/powerdnsadmin/routes/admin.py @@ -1636,6 +1636,8 @@ def setting_authentication(): request.form.get('google_oauth_client_id')) Setting().set('google_oauth_client_secret', request.form.get('google_oauth_client_secret')) + Setting().set('google_oauth_metadata_url', + request.form.get('google_oauth_metadata_url')) Setting().set('google_token_url', request.form.get('google_token_url')) Setting().set('google_oauth_scope', @@ -1671,6 +1673,8 @@ def setting_authentication(): request.form.get('github_oauth_scope')) Setting().set('github_oauth_api_url', request.form.get('github_oauth_api_url')) + Setting().set('github_oauth_metadata_url', + request.form.get('github_oauth_metadata_url')) Setting().set('github_oauth_token_url', request.form.get('github_oauth_token_url')) Setting().set('github_oauth_authorize_url', @@ -1702,6 +1706,8 @@ def setting_authentication(): request.form.get('azure_oauth_scope')) Setting().set('azure_oauth_api_url', request.form.get('azure_oauth_api_url')) + Setting().set('azure_oauth_metadata_url', + request.form.get('azure_oauth_metadata_url')) Setting().set('azure_oauth_token_url', request.form.get('azure_oauth_token_url')) Setting().set('azure_oauth_authorize_url', @@ -1755,14 +1761,14 @@ def setting_authentication(): request.form.get('oidc_oauth_scope')) Setting().set('oidc_oauth_api_url', request.form.get('oidc_oauth_api_url')) + Setting().set('oidc_oauth_metadata_url', + request.form.get('oidc_oauth_metadata_url')) Setting().set('oidc_oauth_token_url', request.form.get('oidc_oauth_token_url')) Setting().set('oidc_oauth_authorize_url', request.form.get('oidc_oauth_authorize_url')) Setting().set('oidc_oauth_jwks_url', request.form.get('oidc_oauth_jwks_url')) - Setting().set('oidc_oauth_metadata_url', - request.form.get('oidc_oauth_metadata_url')) Setting().set('oidc_oauth_logout_url', request.form.get('oidc_oauth_logout_url')) Setting().set('oidc_oauth_username', diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py index 691b153..c1fb626 100644 --- a/powerdnsadmin/services/azure.py +++ b/powerdnsadmin/services/azure.py @@ -24,6 +24,7 @@ def azure_oauth(): access_token_url=Setting().get('azure_oauth_token_url'), authorize_url=Setting().get('azure_oauth_authorize_url'), jwks_url=Setting().get('azure_oauth_jwks_url'), + server_metadata_url=Setting().get('azure_oauth_metadata_url'), client_kwargs={'scope': Setting().get('azure_oauth_scope')}, fetch_token=fetch_azure_token, ) diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py index 8bcbe87..13c2f00 100644 --- a/powerdnsadmin/services/github.py +++ b/powerdnsadmin/services/github.py @@ -25,6 +25,7 @@ def github_oauth(): access_token_url=Setting().get('github_oauth_token_url'), authorize_url=Setting().get('github_oauth_authorize_url'), jwks_url=Setting().get('github_oauth_jwks_url'), + server_metadata_url=Setting().get('github_oauth_metadata_url'), client_kwargs={'scope': Setting().get('github_oauth_scope')}, fetch_token=fetch_github_token, update_token=update_token) diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py index 0a62463..fc9af12 100644 --- a/powerdnsadmin/services/google.py +++ b/powerdnsadmin/services/google.py @@ -24,6 +24,7 @@ def google_oauth(): access_token_url=Setting().get('google_token_url'), authorize_url=Setting().get('google_authorize_url'), jwks_url=Setting().get('google_oauth_jwks_url'), + server_metadata_url=Setting().get('google_oauth_metadata_url'), client_kwargs={'scope': Setting().get('google_oauth_scope')}, fetch_token=fetch_google_token, update_token=update_token) diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html index 5750d89..7675797 100644 --- a/powerdnsadmin/templates/admin_setting_authentication.html +++ b/powerdnsadmin/templates/admin_setting_authentication.html @@ -630,9 +630,16 @@ value="{{ SETTING.get('google_oauth_client_secret') }}"> - -
- -