pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-09 04:06:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

disable global idp routes if idp mode is org

Browse Source
This commit is contained in:
miloschwartz
2026-02-13 15:46:13 -08:00
parent be89e5ca55
commit 1f8e89772d
4 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/routers/idp/createIdpOrgPolicy.ts
View File

@@ -70,6 +70,15 @@ export async function createIdpOrgPolicy(
const { idpId, orgId } = parsedParams.data; const { idpId, orgId } = parsedParams.data;
const { roleMapping, orgMapping } = parsedBody.data; const { roleMapping, orgMapping } = parsedBody.data;
if (process.env.IDENTITY_PROVIDER_MODE === "org") {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Global IdP creation is not allowed in the current identity provider mode. Set app.identity_provider_mode to 'global' in the private configuration to enable this feature."
)
);
}
const [existing] = await db const [existing] = await db
.select() .select()
.from(idp) .from(idp)

11
server/routers/idp/createOidcIdp.ts
View File

@@ -80,6 +80,17 @@ export async function createOidcIdp(
tags tags
} = parsedBody.data; } = parsedBody.data;
if (
process.env.IDENTITY_PROVIDER_MODE === "org"
) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Global IdP creation is not allowed in the current identity provider mode. Set app.identity_provider_mode to 'global' in the private configuration to enable this feature."
)
);
}
const key = config.getRawConfig().server.secret!; const key = config.getRawConfig().server.secret!;
const encryptedSecret = encrypt(clientSecret, key); const encryptedSecret = encrypt(clientSecret, key);

9
server/routers/idp/updateIdpOrgPolicy.ts
View File

@@ -69,6 +69,15 @@ export async function updateIdpOrgPolicy(
const { idpId, orgId } = parsedParams.data; const { idpId, orgId } = parsedParams.data;
const { roleMapping, orgMapping } = parsedBody.data; const { roleMapping, orgMapping } = parsedBody.data;
if (process.env.IDENTITY_PROVIDER_MODE === "org") {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Global IdP creation is not allowed in the current identity provider mode. Set app.identity_provider_mode to 'global' in the private configuration to enable this feature."
)
);
}
// Check if IDP and policy exist // Check if IDP and policy exist
const [existing] = await db const [existing] = await db
.select() .select()

9
server/routers/idp/updateOidcIdp.ts
View File

@@ -99,6 +99,15 @@ export async function updateOidcIdp(
tags tags
} = parsedBody.data; } = parsedBody.data;
if (process.env.IDENTITY_PROVIDER_MODE === "org") {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Global IdP creation is not allowed in the current identity provider mode. Set app.identity_provider_mode to 'global' in the private configuration to enable this feature."
)
);
}
// Check if IDP exists and is of type OIDC // Check if IDP exists and is of type OIDC
const [existingIdp] = await db const [existingIdp] = await db
.select() .select()