mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-09 15:10:27 +00:00
Add missing OIDC env vars
Set SAML_ENABLED default to false
This commit is contained in:
parent
4a5b78c3ef
commit
63db17ec21
@ -8,10 +8,19 @@ FILESYSTEM_SESSIONS_ENABLED = True
|
|||||||
|
|
||||||
legal_envvars = (
|
legal_envvars = (
|
||||||
'SECRET_KEY',
|
'SECRET_KEY',
|
||||||
|
'OIDC_OAUTH_ENABLED',
|
||||||
|
'OIDC_OAUTH_KEY',
|
||||||
|
'OIDC_OAUTH_SECRET',
|
||||||
'OIDC_OAUTH_API_URL',
|
'OIDC_OAUTH_API_URL',
|
||||||
'OIDC_OAUTH_TOKEN_URL',
|
'OIDC_OAUTH_TOKEN_URL',
|
||||||
'OIDC_OAUTH_AUTHORIZE_URL',
|
'OIDC_OAUTH_AUTHORIZE_URL',
|
||||||
'OIDC_OAUTH_METADATA_URL',
|
'OIDC_OAUTH_METADATA_URL',
|
||||||
|
'OIDC_OAUTH_LOGOUT_URL',
|
||||||
|
'OIDC_OAUTH_SCOPE',
|
||||||
|
'OIDC_OAUTH_USERNAME',
|
||||||
|
'OIDC_OAUTH_FIRSTNAME',
|
||||||
|
'OIDC_OAUTH_LAST_NAME',
|
||||||
|
'OIDC_OAUTH_EMAIL',
|
||||||
'BIND_ADDRESS',
|
'BIND_ADDRESS',
|
||||||
'PORT',
|
'PORT',
|
||||||
'LOG_LEVEL',
|
'LOG_LEVEL',
|
||||||
@ -73,6 +82,7 @@ legal_envvars_bool = (
|
|||||||
'MAIL_DEBUG',
|
'MAIL_DEBUG',
|
||||||
'MAIL_USE_TLS',
|
'MAIL_USE_TLS',
|
||||||
'MAIL_USE_SSL',
|
'MAIL_USE_SSL',
|
||||||
|
'OIDC_OAUTH_ENABLED',
|
||||||
'SAML_ENABLED',
|
'SAML_ENABLED',
|
||||||
'SAML_DEBUG',
|
'SAML_DEBUG',
|
||||||
'SAML_SIGN_REQUEST',
|
'SAML_SIGN_REQUEST',
|
||||||
|
@ -140,7 +140,7 @@ def oidc_login():
|
|||||||
|
|
||||||
@index_bp.route('/login', methods=['GET', 'POST'])
|
@index_bp.route('/login', methods=['GET', 'POST'])
|
||||||
def login():
|
def login():
|
||||||
SAML_ENABLED = current_app.config.get('SAML_ENABLED')
|
SAML_ENABLED = current_app.config.get('SAML_ENABLED', False)
|
||||||
|
|
||||||
if g.user is not None and current_user.is_authenticated:
|
if g.user is not None and current_user.is_authenticated:
|
||||||
return redirect(url_for('dashboard.dashboard'))
|
return redirect(url_for('dashboard.dashboard'))
|
||||||
@ -956,7 +956,7 @@ def dyndns_update():
|
|||||||
### START SAML AUTHENTICATION ###
|
### START SAML AUTHENTICATION ###
|
||||||
@index_bp.route('/saml/login')
|
@index_bp.route('/saml/login')
|
||||||
def saml_login():
|
def saml_login():
|
||||||
if not current_app.config.get('SAML_ENABLED'):
|
if not current_app.config.get('SAML_ENABLED', False):
|
||||||
abort(400)
|
abort(400)
|
||||||
from onelogin.saml2.utils import OneLogin_Saml2_Utils
|
from onelogin.saml2.utils import OneLogin_Saml2_Utils
|
||||||
req = saml.prepare_flask_request(request)
|
req = saml.prepare_flask_request(request)
|
||||||
@ -968,7 +968,7 @@ def saml_login():
|
|||||||
|
|
||||||
@index_bp.route('/saml/metadata')
|
@index_bp.route('/saml/metadata')
|
||||||
def saml_metadata():
|
def saml_metadata():
|
||||||
if not current_app.config.get('SAML_ENABLED'):
|
if not current_app.config.get('SAML_ENABLED', False):
|
||||||
current_app.logger.error("SAML authentication is disabled.")
|
current_app.logger.error("SAML authentication is disabled.")
|
||||||
abort(400)
|
abort(400)
|
||||||
from onelogin.saml2.utils import OneLogin_Saml2_Utils
|
from onelogin.saml2.utils import OneLogin_Saml2_Utils
|
||||||
@ -990,7 +990,7 @@ def saml_metadata():
|
|||||||
@csrf.exempt
|
@csrf.exempt
|
||||||
def saml_authorized():
|
def saml_authorized():
|
||||||
errors = []
|
errors = []
|
||||||
if not current_app.config.get('SAML_ENABLED'):
|
if not current_app.config.get('SAML_ENABLED', False):
|
||||||
current_app.logger.error("SAML authentication is disabled.")
|
current_app.logger.error("SAML authentication is disabled.")
|
||||||
abort(400)
|
abort(400)
|
||||||
from onelogin.saml2.utils import OneLogin_Saml2_Utils
|
from onelogin.saml2.utils import OneLogin_Saml2_Utils
|
||||||
|
Loading…
Reference in New Issue
Block a user