cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2024-11-12 16:40:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1436 from PowerDNS-Admin/1435-feature-add-oauth-setting-for-server-metadata-url

Browse Source 
Feature: Add OAuth Setting for Server Metadata URL
This commit is contained in:
Matt Scott 2023-03-12 09:20:47 -04:00 committed by GitHub
commit f09d37ae42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 57 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
powerdnsadmin/models/setting.py
View File

@ -73,6 +73,7 @@ class Setting(db.Model):
'github_oauth_authorize_url': 'github_oauth_authorize_url':
'https://github.com/login/oauth/authorize', 'https://github.com/login/oauth/authorize',
'github_oauth_jwks_url': '', 'github_oauth_jwks_url': '',
'github_oauth_metadata_url': '',
'google_oauth_enabled': False, 'google_oauth_enabled': False,
'google_oauth_client_id': '', 'google_oauth_client_id': '',
'google_oauth_client_secret': '', 'google_oauth_client_secret': '',
@ -80,6 +81,7 @@ class Setting(db.Model):
'google_oauth_scope': 'openid email profile', 'google_oauth_scope': 'openid email profile',
'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth', 'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
'google_oauth_jwks_url': '', 'google_oauth_jwks_url': '',
'google_oauth_metadata_url': '',
'google_base_url': 'https://www.googleapis.com/oauth2/v3/', 'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
'azure_oauth_enabled': False, 'azure_oauth_enabled': False,
'azure_oauth_key': '', 'azure_oauth_key': '',
@ -91,6 +93,7 @@ class Setting(db.Model):
'azure_oauth_authorize_url': 'azure_oauth_authorize_url':
'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize', 'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize',
'azure_oauth_jwks_url': '', 'azure_oauth_jwks_url': '',
'azure_oauth_metadata_url': '',
'azure_sg_enabled': False, 'azure_sg_enabled': False,
'azure_admin_group': '', 'azure_admin_group': '',
'azure_operator_group': '', 'azure_operator_group': '',

10
powerdnsadmin/routes/admin.py
View File

@ -1636,6 +1636,8 @@ def setting_authentication():
request.form.get('google_oauth_client_id')) request.form.get('google_oauth_client_id'))
Setting().set('google_oauth_client_secret', Setting().set('google_oauth_client_secret',
request.form.get('google_oauth_client_secret')) request.form.get('google_oauth_client_secret'))
Setting().set('google_oauth_metadata_url',
request.form.get('google_oauth_metadata_url'))
Setting().set('google_token_url', Setting().set('google_token_url',
request.form.get('google_token_url')) request.form.get('google_token_url'))
Setting().set('google_oauth_scope', Setting().set('google_oauth_scope',
@ -1671,6 +1673,8 @@ def setting_authentication():
request.form.get('github_oauth_scope')) request.form.get('github_oauth_scope'))
Setting().set('github_oauth_api_url', Setting().set('github_oauth_api_url',
request.form.get('github_oauth_api_url')) request.form.get('github_oauth_api_url'))
Setting().set('github_oauth_metadata_url',
request.form.get('github_oauth_metadata_url'))
Setting().set('github_oauth_token_url', Setting().set('github_oauth_token_url',
request.form.get('github_oauth_token_url')) request.form.get('github_oauth_token_url'))
Setting().set('github_oauth_authorize_url', Setting().set('github_oauth_authorize_url',
@ -1702,6 +1706,8 @@ def setting_authentication():
request.form.get('azure_oauth_scope')) request.form.get('azure_oauth_scope'))
Setting().set('azure_oauth_api_url', Setting().set('azure_oauth_api_url',
request.form.get('azure_oauth_api_url')) request.form.get('azure_oauth_api_url'))
Setting().set('azure_oauth_metadata_url',
request.form.get('azure_oauth_metadata_url'))
Setting().set('azure_oauth_token_url', Setting().set('azure_oauth_token_url',
request.form.get('azure_oauth_token_url')) request.form.get('azure_oauth_token_url'))
Setting().set('azure_oauth_authorize_url', Setting().set('azure_oauth_authorize_url',
@ -1755,14 +1761,14 @@ def setting_authentication():
request.form.get('oidc_oauth_scope')) request.form.get('oidc_oauth_scope'))
Setting().set('oidc_oauth_api_url', Setting().set('oidc_oauth_api_url',
request.form.get('oidc_oauth_api_url')) request.form.get('oidc_oauth_api_url'))
Setting().set('oidc_oauth_metadata_url',
request.form.get('oidc_oauth_metadata_url'))
Setting().set('oidc_oauth_token_url', Setting().set('oidc_oauth_token_url',
request.form.get('oidc_oauth_token_url')) request.form.get('oidc_oauth_token_url'))
Setting().set('oidc_oauth_authorize_url', Setting().set('oidc_oauth_authorize_url',
request.form.get('oidc_oauth_authorize_url')) request.form.get('oidc_oauth_authorize_url'))
Setting().set('oidc_oauth_jwks_url', Setting().set('oidc_oauth_jwks_url',
request.form.get('oidc_oauth_jwks_url')) request.form.get('oidc_oauth_jwks_url'))
Setting().set('oidc_oauth_metadata_url',
request.form.get('oidc_oauth_metadata_url'))
Setting().set('oidc_oauth_logout_url', Setting().set('oidc_oauth_logout_url',
request.form.get('oidc_oauth_logout_url')) request.form.get('oidc_oauth_logout_url'))
Setting().set('oidc_oauth_username', Setting().set('oidc_oauth_username',

1
powerdnsadmin/services/azure.py
View File

@ -24,6 +24,7 @@ def azure_oauth():
access_token_url=Setting().get('azure_oauth_token_url'), access_token_url=Setting().get('azure_oauth_token_url'),
authorize_url=Setting().get('azure_oauth_authorize_url'), authorize_url=Setting().get('azure_oauth_authorize_url'),
jwks_url=Setting().get('azure_oauth_jwks_url'), jwks_url=Setting().get('azure_oauth_jwks_url'),
server_metadata_url=Setting().get('azure_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('azure_oauth_scope')}, client_kwargs={'scope': Setting().get('azure_oauth_scope')},
fetch_token=fetch_azure_token, fetch_token=fetch_azure_token,
) )

1
powerdnsadmin/services/github.py
View File

@ -25,6 +25,7 @@ def github_oauth():
access_token_url=Setting().get('github_oauth_token_url'), access_token_url=Setting().get('github_oauth_token_url'),
authorize_url=Setting().get('github_oauth_authorize_url'), authorize_url=Setting().get('github_oauth_authorize_url'),
jwks_url=Setting().get('github_oauth_jwks_url'), jwks_url=Setting().get('github_oauth_jwks_url'),
server_metadata_url=Setting().get('github_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('github_oauth_scope')}, client_kwargs={'scope': Setting().get('github_oauth_scope')},
fetch_token=fetch_github_token, fetch_token=fetch_github_token,
update_token=update_token) update_token=update_token)

1
powerdnsadmin/services/google.py
View File

@ -24,6 +24,7 @@ def google_oauth():
access_token_url=Setting().get('google_token_url'), access_token_url=Setting().get('google_token_url'),
authorize_url=Setting().get('google_authorize_url'), authorize_url=Setting().get('google_authorize_url'),
jwks_url=Setting().get('google_oauth_jwks_url'), jwks_url=Setting().get('google_oauth_jwks_url'),
server_metadata_url=Setting().get('google_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('google_oauth_scope')}, client_kwargs={'scope': Setting().get('google_oauth_scope')},
fetch_token=fetch_google_token, fetch_token=fetch_google_token,
update_token=update_token) update_token=update_token)

65
powerdnsadmin/templates/admin_setting_authentication.html
View File

@ -630,9 +630,16 @@
value="{{ SETTING.get('google_oauth_client_secret') }}"> value="{{ SETTING.get('google_oauth_client_secret') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
</fieldset> <div class="form-group">
<fieldset> <label for="google_oauth_metadata_url">Metadata URL</label>
<legend>ADVANCE</legend> <input type="text" class="form-control"
name="google_oauth_metadata_url"
id="google_oauth_metadata_url"
placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
data-error="Please input Metadata URL"
value="{{ SETTING.get('google_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group"> <div class="form-group">
<label for="google_token_url">Token URL</label> <label for="google_token_url">Token URL</label>
<input type="text" class="form-control" <input type="text" class="form-control"
@ -761,9 +768,6 @@
value="{{ SETTING.get('github_oauth_secret') }}"> value="{{ SETTING.get('github_oauth_secret') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
</fieldset>
<fieldset>
<legend>ADVANCE</legend>
<div class="form-group"> <div class="form-group">
<label for="github_oauth_scope">Scope</label> <label for="github_oauth_scope">Scope</label>
<input type="text" class="form-control" <input type="text" class="form-control"
@ -784,6 +788,16 @@
value="{{ SETTING.get('github_oauth_api_url') }}"> value="{{ SETTING.get('github_oauth_api_url') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
<div class="form-group">
<label for="github_oauth_metadata_url">Metadata URL</label>
<input type="text" class="form-control"
name="github_oauth_metadata_url"
id="github_oauth_metadata_url"
placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
data-error="Please input Metadata URL"
value="{{ SETTING.get('github_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group"> <div class="form-group">
<label for="github_oauth_token_url">Token <label for="github_oauth_token_url">Token
URL</label> URL</label>
@ -893,9 +907,6 @@
value="{{ SETTING.get('azure_oauth_secret') }}"> value="{{ SETTING.get('azure_oauth_secret') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
</fieldset>
<fieldset>
<legend>ADVANCED</legend>
<div class="form-group"> <div class="form-group">
<label for="azure_oauth_scope">Scope</label> <label for="azure_oauth_scope">Scope</label>
<input type="text" class="form-control" <input type="text" class="form-control"
@ -916,6 +927,16 @@
value="{{ SETTING.get('azure_oauth_api_url') }}"> value="{{ SETTING.get('azure_oauth_api_url') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
<div class="form-group">
<label for="azure_oauth_metadata_url">Metadata URL</label>
<input type="text" class="form-control"
name="azure_oauth_metadata_url"
id="azure_oauth_metadata_url"
placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
data-error="Please input Metadata URL"
value="{{ SETTING.get('azure_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group"> <div class="form-group">
<label for="azure_oauth_token_url">Token URL</label> <label for="azure_oauth_token_url">Token URL</label>
<input type="text" class="form-control" <input type="text" class="form-control"
@ -1222,6 +1243,17 @@
value="{{ SETTING.get('oidc_oauth_api_url') }}"> value="{{ SETTING.get('oidc_oauth_api_url') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
<div class="form-group">
<label for="oidc_oauth_metadata_url">Metadata
URL</label>
<input type="text" class="form-control"
name="oidc_oauth_metadata_url"
id="oidc_oauth_metadata_url"
placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
data-error="Please input Metadata URL"
value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group"> <div class="form-group">
<label for="oidc_oauth_token_url">Token URL</label> <label for="oidc_oauth_token_url">Token URL</label>
<input type="text" class="form-control" <input type="text" class="form-control"
@ -1254,17 +1286,6 @@
value="{{ SETTING.get('oidc_oauth_jwks_url') }}"> value="{{ SETTING.get('oidc_oauth_jwks_url') }}">
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
<div class="form-group">
<label for="oidc_oauth_metadata_url">Metadata
URL</label>
<input type="text" class="form-control"
name="oidc_oauth_metadata_url"
id="oidc_oauth_metadata_url"
placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
data-error="Please input Metadata URL"
value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group"> <div class="form-group">
<label for="oidc_oauth_logout_url">Logout <label for="oidc_oauth_logout_url">Logout
URL</label> URL</label>
@ -1278,7 +1299,7 @@
</div> </div>
</fieldset> </fieldset>
<fieldset> <fieldset>
<legend>CLAIMS</legend> <legend>Claims</legend>
<div class="form-group"> <div class="form-group">
<label for="oidc_oauth_username">Username</label> <label for="oidc_oauth_username">Username</label>
<input type="text" class="form-control" <input type="text" class="form-control"
@ -1320,7 +1341,7 @@
</div> </div>
</fieldset> </fieldset>
<fieldset> <fieldset>
<legend>ADVANCE</legend> <legend>Advanced</legend>
<div class="form-group"> <div class="form-group">
<label for="oidc_oauth_account_name_property">Autoprovision <label for="oidc_oauth_account_name_property">Autoprovision
Account Name property</label> Account Name property</label>