cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2024-11-12 16:40:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1397 from AdvanticGmbH/oauth_fix

Browse Source 
Add support for oidc_oauth_metadata_url configuration option
This commit is contained in:
Matt Scott 2023-02-23 06:49:47 -05:00 committed by GitHub
commit e3e5c265f4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
configs/docker_config.py
View File

@ -11,6 +11,7 @@ legal_envvars = (
'OIDC_OAUTH_API_URL', 'OIDC_OAUTH_API_URL',
'OIDC_OAUTH_TOKEN_URL', 'OIDC_OAUTH_TOKEN_URL',
'OIDC_OAUTH_AUTHORIZE_URL', 'OIDC_OAUTH_AUTHORIZE_URL',
'OIDC_OAUTH_METADATA_URL',
'BIND_ADDRESS', 'BIND_ADDRESS',
'PORT', 'PORT',
'LOG_LEVEL', 'LOG_LEVEL',

1
docs/oauth.md
View File

@ -51,6 +51,7 @@ Enable OpenID Connect OAuth option.
* API URL, <oidc_provider_link>/auth (The ending can be different with each provider) * API URL, <oidc_provider_link>/auth (The ending can be different with each provider)
* Token URL, <oidc_provider_link>/token * Token URL, <oidc_provider_link>/token
* Authorize URL, <oidc_provider_link>/auth * Authorize URL, <oidc_provider_link>/auth
* Metadata URL, <oidc_provider_link>/.well-known/openid-configuration
* Logout URL, <oidc_provider_link>/logout * Logout URL, <oidc_provider_link>/logout
* Username, This will be the claim that will be used as the username. (Usually preferred_username) * Username, This will be the claim that will be used as the username. (Usually preferred_username)

1
docs/wiki/configuration/Environment-variables.md
View File

@ -20,6 +20,7 @@
| OIDC_OAUTH_API_URL | | | | | OIDC_OAUTH_API_URL | | | |
| OIDC_OAUTH_AUTHORIZE_URL | | OIDC_OAUTH_AUTHORIZE_URL |
| OIDC_OAUTH_TOKEN_URL | | | | | OIDC_OAUTH_TOKEN_URL | | | |
| OIDC_OAUTH_METADATA_URL | | | |
| PORT | | PORT |
| REMOTE_USER_COOKIES | | REMOTE_USER_COOKIES |
| REMOTE_USER_LOGOUT_URL | | REMOTE_USER_LOGOUT_URL |

1
powerdnsadmin/models/setting.py
View File

@ -104,6 +104,7 @@ class Setting(db.Model):
'oidc_oauth_api_url': '', 'oidc_oauth_api_url': '',
'oidc_oauth_token_url': '', 'oidc_oauth_token_url': '',
'oidc_oauth_authorize_url': '', 'oidc_oauth_authorize_url': '',
'oidc_oauth_metadata_url': '',
'oidc_oauth_logout_url': '', 'oidc_oauth_logout_url': '',
'oidc_oauth_username': 'preferred_username', 'oidc_oauth_username': 'preferred_username',
'oidc_oauth_firstname': 'given_name', 'oidc_oauth_firstname': 'given_name',

2
powerdnsadmin/routes/admin.py
View File

@ -1731,6 +1731,8 @@ def setting_authentication():
request.form.get('oidc_oauth_token_url')) request.form.get('oidc_oauth_token_url'))
Setting().set('oidc_oauth_authorize_url', Setting().set('oidc_oauth_authorize_url',
request.form.get('oidc_oauth_authorize_url')) request.form.get('oidc_oauth_authorize_url'))
Setting().set('oidc_oauth_metadata_url',
request.form.get('oidc_oauth_metadata_url'))
Setting().set('oidc_oauth_logout_url', Setting().set('oidc_oauth_logout_url',
request.form.get('oidc_oauth_logout_url')) request.form.get('oidc_oauth_logout_url'))
Setting().set('oidc_oauth_username', Setting().set('oidc_oauth_username',

1
powerdnsadmin/services/oidc.py
View File

@ -23,6 +23,7 @@ def oidc_oauth():
request_token_url=None, request_token_url=None,
access_token_url=Setting().get('oidc_oauth_token_url'), access_token_url=Setting().get('oidc_oauth_token_url'),
authorize_url=Setting().get('oidc_oauth_authorize_url'), authorize_url=Setting().get('oidc_oauth_authorize_url'),
server_metadata_url=Setting().get('oidc_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('oidc_oauth_scope')}, client_kwargs={'scope': Setting().get('oidc_oauth_scope')},
fetch_token=fetch_oidc_token, fetch_token=fetch_oidc_token,
update_token=update_token) update_token=update_token)

11
powerdnsadmin/templates/admin_setting_authentication.html
View File

@ -1210,6 +1210,17 @@
value="{{ SETTING.get('oidc_oauth_authorize_url') }}"> value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
<div class="form-group">
<label for="oidc_oauth_metadata_url">Metadata
URL</label>
<input type="text" class="form-control"
name="oidc_oauth_metadata_url"
id="oidc_oauth_metadata_url"
placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
data-error="Plesae input Metadata URL"
value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group"> <div class="form-group">
<label for="oidc_oauth_logout_url">Logout <label for="oidc_oauth_logout_url">Logout
URL</label> URL</label>