From 63db17ec21cb13e11bd806037f1074d9239e0072 Mon Sep 17 00:00:00 2001
From: Ymage <heltem+git@o2php.com>
Date: Sun, 18 Dec 2022 12:50:59 +0100
Subject: [PATCH] Add missing OIDC env vars Set SAML_ENABLED default to false

---
 configs/docker_config.py      | 10 ++++++++++
 powerdnsadmin/routes/index.py |  8 ++++----
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index e780882..0d006bd 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -8,10 +8,19 @@ FILESYSTEM_SESSIONS_ENABLED = True
 
 legal_envvars = (
     'SECRET_KEY',
+    'OIDC_OAUTH_ENABLED',
+    'OIDC_OAUTH_KEY',
+    'OIDC_OAUTH_SECRET',
     'OIDC_OAUTH_API_URL',
     'OIDC_OAUTH_TOKEN_URL',
     'OIDC_OAUTH_AUTHORIZE_URL',
     'OIDC_OAUTH_METADATA_URL',
+    'OIDC_OAUTH_LOGOUT_URL',
+    'OIDC_OAUTH_SCOPE',
+    'OIDC_OAUTH_USERNAME',
+    'OIDC_OAUTH_FIRSTNAME',
+    'OIDC_OAUTH_LAST_NAME',
+    'OIDC_OAUTH_EMAIL',
     'BIND_ADDRESS',
     'PORT',
     'LOG_LEVEL',
@@ -73,6 +82,7 @@ legal_envvars_bool = (
     'MAIL_DEBUG',
     'MAIL_USE_TLS',
     'MAIL_USE_SSL',
+    'OIDC_OAUTH_ENABLED',
     'SAML_ENABLED',
     'SAML_DEBUG',
     'SAML_SIGN_REQUEST',
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 14ad275..72305a6 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -140,7 +140,7 @@ def oidc_login():
 
 @index_bp.route('/login', methods=['GET', 'POST'])
 def login():
-    SAML_ENABLED = current_app.config.get('SAML_ENABLED')
+    SAML_ENABLED = current_app.config.get('SAML_ENABLED', False)
 
     if g.user is not None and current_user.is_authenticated:
         return redirect(url_for('dashboard.dashboard'))
@@ -956,7 +956,7 @@ def dyndns_update():
 ### START SAML AUTHENTICATION ###
 @index_bp.route('/saml/login')
 def saml_login():
-    if not current_app.config.get('SAML_ENABLED'):
+    if not current_app.config.get('SAML_ENABLED', False):
         abort(400)
     from onelogin.saml2.utils import OneLogin_Saml2_Utils
     req = saml.prepare_flask_request(request)
@@ -968,7 +968,7 @@ def saml_login():
 
 @index_bp.route('/saml/metadata')
 def saml_metadata():
-    if not current_app.config.get('SAML_ENABLED'):
+    if not current_app.config.get('SAML_ENABLED', False):
         current_app.logger.error("SAML authentication is disabled.")
         abort(400)
     from onelogin.saml2.utils import OneLogin_Saml2_Utils
@@ -990,7 +990,7 @@ def saml_metadata():
 @csrf.exempt
 def saml_authorized():
     errors = []
-    if not current_app.config.get('SAML_ENABLED'):
+    if not current_app.config.get('SAML_ENABLED', False):
         current_app.logger.error("SAML authentication is disabled.")
         abort(400)
     from onelogin.saml2.utils import OneLogin_Saml2_Utils