Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Projects Releases Packages Wiki Activity

*: fix --no-db client decoding

Browse source
This commit is contained in:
Eric Chiang 2016-02-09 16:18:05 -08:00
parent dcf5835189
commit 3b125d6073
2 changed files with 43 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
server/config.go
View file

@ -108,15 +108,10 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
return err return err
} }
cf, err := os.Open(cfg.ClientsFile) clients, err := loadClients(cfg.ClientsFile)
if err != nil { if err != nil {
return fmt.Errorf("unable to read clients from file %s: %v", cfg.ClientsFile, err) return fmt.Errorf("unable to read clients from file %s: %v", cfg.ClientsFile, err)
} }
defer cf.Close()
var clients []oidc.ClientIdentity
if err := json.NewDecoder(cf).Decode(&clients); err != nil {
return fmt.Errorf("unable to read client identities from file %s: %v", cfg.ClientsFile, err)
}
ciRepo, err := db.NewClientIdentityRepoFromClients(dbMap, clients) ciRepo, err := db.NewClientIdentityRepoFromClients(dbMap, clients)
if err != nil { if err != nil {
return fmt.Errorf("failed to create client identity repo: %v", err) return fmt.Errorf("failed to create client identity repo: %v", err)
@ -164,7 +159,6 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
srv.SessionManager = sm srv.SessionManager = sm
srv.RefreshTokenRepo = refTokRepo srv.RefreshTokenRepo = refTokRepo
return nil return nil
} }
func loadUsers(filepath string) (users []user.UserWithRemoteIdentities, err error) { func loadUsers(filepath string) (users []user.UserWithRemoteIdentities, err error) {
@ -177,6 +171,44 @@ func loadUsers(filepath string) (users []user.UserWithRemoteIdentities, err erro
return return
} }
func loadClients(filepath string) ([]oidc.ClientIdentity, error) {
f, err := os.Open(filepath)
if err != nil {
return nil, err
}
defer f.Close()
var c []struct {
ID string `json:"id"`
Secret string `json:"secret"`
RedirectURLs []string `json:"redirectURLs"`
}
if err := json.NewDecoder(f).Decode(&c); err != nil {
return nil, err
}
clients := make([]oidc.ClientIdentity, len(c))
for i, client := range c {
redirectURIs := make([]url.URL, len(client.RedirectURLs))
for j, u := range client.RedirectURLs {
uri, err := url.Parse(u)
if err != nil {
return nil, err
}
redirectURIs[j] = *uri
}
clients[i] = oidc.ClientIdentity{
Credentials: oidc.ClientCredentials{
ID: client.ID,
Secret: client.Secret,
},
Metadata: oidc.ClientMetadata{
RedirectURIs: redirectURIs,
},
}
}
return clients, nil
}
func (cfg *MultiServerConfig) Configure(srv *Server) error { func (cfg *MultiServerConfig) Configure(srv *Server) error {
if len(cfg.KeySecrets) == 0 { if len(cfg.KeySecrets) == 0 {
return errors.New("missing key secret") return errors.New("missing key secret")

8
static/fixtures/clients.json
View file

@ -1,22 +1,22 @@
[ [
{ {
"id": "XXX", "id": "XXX",
"secret": "secrete", "secret": "c2VjcmV0ZQ==",
"redirectURLs": ["http://127.0.0.1:5555/callback"] "redirectURLs": ["http://127.0.0.1:5555/callback"]
}, },
{ {
"id": "example-app", "id": "example-app",
"secret": "example-app-secret", "secret": "ZXhhbXBsZS1hcHAtc2VjcmV0",
"redirectURLs": ["http://127.0.0.1:5555/callback"] "redirectURLs": ["http://127.0.0.1:5555/callback"]
}, },
{ {
"id": "example-cli", "id": "example-cli",
"secret": "example-cli-secret", "secret": "ZXhhbXBsZS1jbGktc2VjcmV0",
"redirectURLs": ["http://127.0.0.1:8000/admin/v1/oauth/login"] "redirectURLs": ["http://127.0.0.1:8000/admin/v1/oauth/login"]
}, },
{ {
"id": "oauth2_proxy", "id": "oauth2_proxy",
"secret": "proxy", "secret": "cHJveHk=",
"redirectURLs": ["http://127.0.0.1:4180/oauth2/callback"] "redirectURLs": ["http://127.0.0.1:4180/oauth2/callback"]
} }
] ]