cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2024-11-08 14:40:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for oidc_oauth_metadata_url configuration option

Browse Source 
This commit adds support for the `oidc_oauth_metadata_url` configuration
option. This option specifies the URL of the OIDC server's
metadata endpoint, which contains information about the OIDC server's
endpoints, supported scopes, and other configuration details. By using this
option, we can ensure compatibility with different OIDC servers and reduce
the risk of errors due to manual endpoint configuration.
This commit is contained in:
AdvanticGmbH 2023-02-23 09:21:01 +01:00
parent 1cda4f774a
commit 5ad384bfe9
7 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
configs/docker_config.py
View File

@ -11,6 +11,7 @@ legal_envvars = (
'OIDC_OAUTH_API_URL',
'OIDC_OAUTH_TOKEN_URL',
'OIDC_OAUTH_AUTHORIZE_URL',
'OIDC_OAUTH_METADATA_URL',
'BIND_ADDRESS',
'PORT',
'LOG_LEVEL',

1
docs/oauth.md
View File

@ -51,6 +51,7 @@ Enable OpenID Connect OAuth option.
* API URL, <oidc_provider_link>/auth (The ending can be different with each provider)
* Token URL, <oidc_provider_link>/token
* Authorize URL, <oidc_provider_link>/auth
* Metadata URL, <oidc_provider_link>/.well-known/openid-configuration
* Logout URL, <oidc_provider_link>/logout
* Username, This will be the claim that will be used as the username. (Usually preferred_username)

1
docs/wiki/configuration/Environment-variables.md
View File

@ -20,6 +20,7 @@
| OIDC_OAUTH_API_URL | | | |
| OIDC_OAUTH_AUTHORIZE_URL |
| OIDC_OAUTH_TOKEN_URL | | | |
| OIDC_OAUTH_METADATA_URL | | | |
| PORT |
| REMOTE_USER_COOKIES |
| REMOTE_USER_LOGOUT_URL |

1
powerdnsadmin/models/setting.py
View File

@ -104,6 +104,7 @@ class Setting(db.Model):
'oidc_oauth_api_url': '',
'oidc_oauth_token_url': '',
'oidc_oauth_authorize_url': '',
'oidc_oauth_metadata_url': '',
'oidc_oauth_logout_url': '',
'oidc_oauth_username': 'preferred_username',
'oidc_oauth_firstname': 'given_name',

2
powerdnsadmin/routes/admin.py
View File

@ -1731,6 +1731,8 @@ def setting_authentication():
request.form.get('oidc_oauth_token_url'))
Setting().set('oidc_oauth_authorize_url',
request.form.get('oidc_oauth_authorize_url'))
Setting().set('oidc_oauth_metadata_url',
request.form.get('oidc_oauth_metadata_url'))
Setting().set('oidc_oauth_logout_url',
request.form.get('oidc_oauth_logout_url'))
Setting().set('oidc_oauth_username',

1
powerdnsadmin/services/oidc.py
View File

@ -23,6 +23,7 @@ def oidc_oauth():
request_token_url=None,
access_token_url=Setting().get('oidc_oauth_token_url'),
authorize_url=Setting().get('oidc_oauth_authorize_url'),
server_metadata_url=Setting().get('oidc_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('oidc_oauth_scope')},
fetch_token=fetch_oidc_token,
update_token=update_token)

11
powerdnsadmin/templates/admin_setting_authentication.html
View File

@ -1210,6 +1210,17 @@
value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_metadata_url">Metadata
URL</label>
<input type="text" class="form-control"
name="oidc_oauth_metadata_url"
id="oidc_oauth_metadata_url"
placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
data-error="Plesae input Metadata URL"
value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_logout_url">Logout
URL</label>