sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-05-05 00:26:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Automatically load IdP OIDC configuration (#847)

Browse Source
This commit is contained in:
Bethuel
2023-05-11 16:14:00 +03:00
committed by GitHub
parent e4c28f64fa
commit 2c50d7af1e
9 changed files with 91 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
management/server/idp/auth0.go
View File

@@ -32,10 +32,10 @@ type Auth0Manager struct {
// Auth0ClientConfig auth0 manager client configurations
type Auth0ClientConfig struct {
Audience string
AuthIssuer string
AuthIssuer string `json:"-"`
ClientID string
ClientSecret string
GrantType string
GrantType string `json:"-"`
}
// auth0JWTRequest payload struct to request a JWT Token
@@ -110,7 +110,8 @@ type auth0Profile struct {
}
// NewAuth0Manager creates a new instance of the Auth0Manager
func NewAuth0Manager(config Auth0ClientConfig, appMetrics telemetry.AppMetrics) (*Auth0Manager, error) {
func NewAuth0Manager(oidcConfig OIDCConfig, config Auth0ClientConfig,
appMetrics telemetry.AppMetrics) (*Auth0Manager, error) {
httpTransport := http.DefaultTransport.(*http.Transport).Clone()
httpTransport.MaxIdleConns = 5
@@ -121,17 +122,19 @@ func NewAuth0Manager(config Auth0ClientConfig, appMetrics telemetry.AppMetrics)
}
helper := JsonParser{}
config.AuthIssuer = oidcConfig.TokenEndpoint
config.GrantType = "client_credentials"
if config.ClientID == "" || config.ClientSecret == "" || config.GrantType == "" || config.Audience == "" || config.AuthIssuer == "" {
return nil, fmt.Errorf("auth0 idp configuration is not complete")
if config.ClientID == "" {
return nil, fmt.Errorf("auth0 IdP configuration is incomplete, clientID is missing")
}
if config.GrantType != "client_credentials" {
return nil, fmt.Errorf("auth0 idp configuration failed. Grant Type should be client_credentials")
if config.ClientSecret == "" {
return nil, fmt.Errorf("auth0 IdP configuration is incomplete, ClientSecret is missing")
}
if !strings.HasPrefix(strings.ToLower(config.AuthIssuer), "https://") {
return nil, fmt.Errorf("auth0 idp configuration failed. AuthIssuer should contain https://")
if config.Audience == "" {
return nil, fmt.Errorf("auth0 IdP configuration is incomplete, Audience is missing")
}
credentials := &Auth0Credentials{