mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #669 from ericchiang/config-env

Browse source 
cmd/dex: only expand from env for storages and connectors
This commit is contained in:
Eric Chiang 2016-11-05 17:56:11 -07:00 committed by GitHub
commit 96fb0733fe
4 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
cmd/dex/config.go
View file

@ -4,6 +4,7 @@ import (
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"fmt" "fmt"
"os"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
@ -145,7 +146,8 @@ func (s *Storage) UnmarshalJSON(b []byte) error {
storageConfig := f() storageConfig := f()
if len(store.Config) != 0 { if len(store.Config) != 0 {
if err := json.Unmarshal([]byte(store.Config), storageConfig); err != nil { data := []byte(os.ExpandEnv(string(store.Config)))
if err := json.Unmarshal(data, storageConfig); err != nil {
return fmt.Errorf("parse storace config: %v", err) return fmt.Errorf("parse storace config: %v", err)
} }
} }
@ -199,7 +201,8 @@ func (c *Connector) UnmarshalJSON(b []byte) error {
connConfig := f() connConfig := f()
if len(conn.Config) != 0 { if len(conn.Config) != 0 {
if err := json.Unmarshal([]byte(conn.Config), connConfig); err != nil { data := []byte(os.ExpandEnv(string(conn.Config)))
if err := json.Unmarshal(data, connConfig); err != nil {
return fmt.Errorf("parse connector config: %v", err) return fmt.Errorf("parse connector config: %v", err)
} }
} }

9
cmd/dex/config_test.go
View file

@ -39,9 +39,8 @@ connectors:
name: Google name: Google
config: config:
issuer: https://accounts.google.com issuer: https://accounts.google.com
# Config values starting with a "$" will read from the environment. clientID: foo
clientID: $GOOGLE_CLIENT_ID clientSecret: bar
clientSecret: $GOOGLE_CLIENT_SECRET
redirectURI: http://127.0.0.1:5556/dex/callback/google redirectURI: http://127.0.0.1:5556/dex/callback/google
enablePasswordDB: true enablePasswordDB: true
@ -96,8 +95,8 @@ expiry:
Name: "Google", Name: "Google",
Config: &oidc.Config{ Config: &oidc.Config{
Issuer: "https://accounts.google.com", Issuer: "https://accounts.google.com",
ClientID: "$GOOGLE_CLIENT_ID", ClientID: "foo",
ClientSecret: "$GOOGLE_CLIENT_SECRET", ClientSecret: "bar",
RedirectURI: "http://127.0.0.1:5556/dex/callback/google", RedirectURI: "http://127.0.0.1:5556/dex/callback/google",
}, },
}, },

2
cmd/dex/serve.go
View file

@ -9,7 +9,6 @@ import (
"log" "log"
"net" "net"
"net/http" "net/http"
"os"
"time" "time"
"github.com/ghodss/yaml" "github.com/ghodss/yaml"
@ -48,7 +47,6 @@ func serve(cmd *cobra.Command, args []string) error {
if err != nil { if err != nil {
return fmt.Errorf("read config file %s: %v", configFile, err) return fmt.Errorf("read config file %s: %v", configFile, err)
} }
configData = []byte(os.ExpandEnv(string(configData)))
var c Config var c Config
if err := yaml.Unmarshal(configData, &c); err != nil { if err := yaml.Unmarshal(configData, &c); err != nil {

2
examples/config-dev.yaml
View file

@ -58,7 +58,7 @@ enablePasswordDB: true
staticPasswords: staticPasswords:
- email: "admin@example.com" - email: "admin@example.com"
# bcrypt hash of the string "password" # bcrypt hash of the string "password"
hash: "$2a$10$33EMT0cVYVlPy6WAMCLsceLYjWhuHpbz5yuZxu/GAFj03J9Lytjuy" hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W"
username: "admin" username: "admin"
userID: "08a8684b-db88-4b73-90a9-3cd1661f5466" userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"