*: fix --no-db client decoding
This commit is contained in:
parent
dcf5835189
commit
3b125d6073
2 changed files with 43 additions and 11 deletions
|
@ -108,15 +108,10 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
|
|||
return err
|
||||
}
|
||||
|
||||
cf, err := os.Open(cfg.ClientsFile)
|
||||
clients, err := loadClients(cfg.ClientsFile)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to read clients from file %s: %v", cfg.ClientsFile, err)
|
||||
}
|
||||
defer cf.Close()
|
||||
var clients []oidc.ClientIdentity
|
||||
if err := json.NewDecoder(cf).Decode(&clients); err != nil {
|
||||
return fmt.Errorf("unable to read client identities from file %s: %v", cfg.ClientsFile, err)
|
||||
}
|
||||
ciRepo, err := db.NewClientIdentityRepoFromClients(dbMap, clients)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create client identity repo: %v", err)
|
||||
|
@ -164,7 +159,6 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
|
|||
srv.SessionManager = sm
|
||||
srv.RefreshTokenRepo = refTokRepo
|
||||
return nil
|
||||
|
||||
}
|
||||
|
||||
func loadUsers(filepath string) (users []user.UserWithRemoteIdentities, err error) {
|
||||
|
@ -177,6 +171,44 @@ func loadUsers(filepath string) (users []user.UserWithRemoteIdentities, err erro
|
|||
return
|
||||
}
|
||||
|
||||
func loadClients(filepath string) ([]oidc.ClientIdentity, error) {
|
||||
f, err := os.Open(filepath)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer f.Close()
|
||||
var c []struct {
|
||||
ID string `json:"id"`
|
||||
Secret string `json:"secret"`
|
||||
RedirectURLs []string `json:"redirectURLs"`
|
||||
}
|
||||
if err := json.NewDecoder(f).Decode(&c); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
clients := make([]oidc.ClientIdentity, len(c))
|
||||
for i, client := range c {
|
||||
redirectURIs := make([]url.URL, len(client.RedirectURLs))
|
||||
for j, u := range client.RedirectURLs {
|
||||
uri, err := url.Parse(u)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
redirectURIs[j] = *uri
|
||||
}
|
||||
|
||||
clients[i] = oidc.ClientIdentity{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: client.ID,
|
||||
Secret: client.Secret,
|
||||
},
|
||||
Metadata: oidc.ClientMetadata{
|
||||
RedirectURIs: redirectURIs,
|
||||
},
|
||||
}
|
||||
}
|
||||
return clients, nil
|
||||
}
|
||||
|
||||
func (cfg *MultiServerConfig) Configure(srv *Server) error {
|
||||
if len(cfg.KeySecrets) == 0 {
|
||||
return errors.New("missing key secret")
|
||||
|
|
|
@ -1,22 +1,22 @@
|
|||
[
|
||||
{
|
||||
"id": "XXX",
|
||||
"secret": "secrete",
|
||||
"secret": "c2VjcmV0ZQ==",
|
||||
"redirectURLs": ["http://127.0.0.1:5555/callback"]
|
||||
},
|
||||
{
|
||||
"id": "example-app",
|
||||
"secret": "example-app-secret",
|
||||
"secret": "ZXhhbXBsZS1hcHAtc2VjcmV0",
|
||||
"redirectURLs": ["http://127.0.0.1:5555/callback"]
|
||||
},
|
||||
{
|
||||
"id": "example-cli",
|
||||
"secret": "example-cli-secret",
|
||||
"secret": "ZXhhbXBsZS1jbGktc2VjcmV0",
|
||||
"redirectURLs": ["http://127.0.0.1:8000/admin/v1/oauth/login"]
|
||||
},
|
||||
{
|
||||
"id": "oauth2_proxy",
|
||||
"secret": "proxy",
|
||||
"secret": "cHJveHk=",
|
||||
"redirectURLs": ["http://127.0.0.1:4180/oauth2/callback"]
|
||||
}
|
||||
]
|
||||
|
|
Reference in a new issue