sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-18 16:26:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "add management side of OIDC authentication"

Browse Source 
This reverts commit 02ce918114.
This commit is contained in:
Alisdair MacLeod
2026-02-03 10:03:38 +00:00
parent 02ce918114
commit 76a39c1dcb
5 changed files with 16 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
management/internals/modules/reverseproxy/reverseproxy.go
View File

@@ -6,11 +6,9 @@ import (
"net/url"
"strconv"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/rs/xid"
log "github.com/sirupsen/logrus"
"github.com/netbirdio/netbird/management/server/types"
"github.com/netbirdio/netbird/shared/management/http/api"
"github.com/netbirdio/netbird/shared/management/proto"
)
@@ -45,7 +43,6 @@ type PINAuthConfig struct {
type BearerAuthConfig struct {
Enabled bool `json:"enabled"`
IdentityProviderID string `json:"identity_provider_id,omitempty"`
DistributionGroups []string `json:"distribution_groups,omitempty" gorm:"serializer:json"`
}
@@ -102,7 +99,6 @@ func (r *ReverseProxy) ToAPIResponse() *api.ReverseProxy {
authConfig.BearerAuth = &api.BearerAuthConfig{
Enabled: r.Auth.BearerAuth.Enabled,
DistributionGroups: &r.Auth.BearerAuth.DistributionGroups,
IdentityProviderId: &r.Auth.BearerAuth.IdentityProviderID,
}
}
@@ -136,7 +132,7 @@ func (r *ReverseProxy) ToAPIResponse() *api.ReverseProxy {
}
}
func (r *ReverseProxy) ToProtoMapping(operation Operation, setupKey string, idp *types.IdentityProvider) *proto.ProxyMapping {
func (r *ReverseProxy) ToProtoMapping(operation Operation, setupKey string) *proto.ProxyMapping {
pathMappings := make([]*proto.PathMapping, 0, len(r.Targets))
for _, target := range r.Targets {
if !target.Enabled {
@@ -173,12 +169,12 @@ func (r *ReverseProxy) ToProtoMapping(operation Operation, setupKey string, idp
auth.Pin = true
}
if r.Auth.BearerAuth != nil && r.Auth.BearerAuth.Enabled && idp != nil {
if r.Auth.BearerAuth != nil && r.Auth.BearerAuth.Enabled {
auth.Oidc = &proto.OIDC{
OidcProviderUrl: idp.Issuer,
OidcClientId: idp.ClientID,
OidcClientSecret: idp.ClientSecret,
OidcScopes: []string{oidc.ScopeOpenID, "profile", "email"},
OidcProviderUrl: "", // TODO:
OidcClientId: "", // TODO:
OidcClientSecret: "", // TODO:
OidcScopes: nil, // TODO:
DistributionGroups: r.Auth.BearerAuth.DistributionGroups,
}
}
@@ -251,9 +247,6 @@ func (r *ReverseProxy) FromAPIRequest(req *api.ReverseProxyRequest, accountID st
bearerAuth := &BearerAuthConfig{
Enabled: req.Auth.BearerAuth.Enabled,
}
if req.Auth.BearerAuth.IdentityProviderId != nil {
bearerAuth.IdentityProviderID = *req.Auth.BearerAuth.IdentityProviderId
}
if req.Auth.BearerAuth.DistributionGroups != nil {
bearerAuth.DistributionGroups = *req.Auth.BearerAuth.DistributionGroups
}