From a50133f6fdb9305725b72ab4a993d1aefcd5a9c5 Mon Sep 17 00:00:00 2001
From: Jonas Plum <cugu@users.noreply.github.com>
Date: Sat, 1 Oct 2022 03:05:07 +0200
Subject: [PATCH] Add auth url (#466)

* Add auth url

Co-authored-by: Jonas Plum <git@jonasplum.de>
---
 auth/auth.go |  4 ++++
 cmd/cmd.go   | 17 +++++++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/auth/auth.go b/auth/auth.go
index a1ee294..c19e81f 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -31,6 +31,7 @@ type Config struct {
 	OIDCAuthEnable   bool
 
 	OIDCIssuer       string
+	AuthURL          string
 	OAuth2           *oauth2.Config
 	UserCreateConfig *UserCreateConfig
 
@@ -64,6 +65,9 @@ func (c *Config) Load(ctx context.Context) error {
 		if err == nil {
 			c.provider = provider
 			c.OAuth2.Endpoint = provider.Endpoint()
+			if c.AuthURL != "" {
+				c.OAuth2.Endpoint.AuthURL = c.AuthURL
+			}
 
 			break
 		}
diff --git a/cmd/cmd.go b/cmd/cmd.go
index a85e929..93af75c 100644
--- a/cmd/cmd.go
+++ b/cmd/cmd.go
@@ -1,6 +1,8 @@
 package cmd
 
 import (
+	"errors"
+
 	"github.com/alecthomas/kong"
 	kongyaml "github.com/alecthomas/kong-yaml"
 	"github.com/coreos/go-oidc/v3/oidc"
@@ -30,9 +32,10 @@ type CLI struct {
 	APIKeyAuthEnable bool `env:"API_KEY_AUTH_ENABLE" default:"true"`
 
 	OIDCEnable        bool     `env:"OIDC_ENABLE"         default:"true"`
-	OIDCIssuer        string   `env:"OIDC_ISSUER"         required:""`
+	OIDCIssuer        string   `env:"OIDC_ISSUER"`
+	AuthURL           string   `env:"OIDC_AUTH_URL"`
 	OIDCClientID      string   `env:"OIDC_CLIENT_ID"      default:"catalyst"`
-	OIDCClientSecret  string   `env:"OIDC_CLIENT_SECRET"  required:""`
+	OIDCClientSecret  string   `env:"OIDC_CLIENT_SECRET"`
 	OIDCScopes        []string `env:"OIDC_SCOPES"                                      help:"Additional scopes, ['oidc', 'profile', 'email'] are always added." placeholder:"customscopes"`
 	OIDCClaimUsername string   `env:"OIDC_CLAIM_USERNAME" default:"preferred_username" help:"username field in the OIDC claim"`
 	OIDCClaimEmail    string   `env:"OIDC_CLAIM_EMAIL"    default:"email"              help:"email field in the OIDC claim"`
@@ -57,6 +60,15 @@ func ParseCatalystConfig() (*catalyst.Config, error) {
 		kong.Configuration(kongyaml.Loader, "/etc/catalyst.yaml", ".catalyst.yaml"),
 	)
 
+	if cli.OIDCEnable {
+		if cli.OIDCIssuer == "" {
+			return nil, errors.New("OIDC issuer not set")
+		}
+		if cli.OIDCClientSecret == "" {
+			return nil, errors.New("OIDC client secret is required")
+		}
+	}
+
 	return MapConfig(cli)
 }
 
@@ -84,6 +96,7 @@ func MapConfig(cli CLI) (*catalyst.Config, error) {
 			APIKeyAuthEnable: cli.APIKeyAuthEnable,
 			OIDCAuthEnable:   cli.OIDCEnable,
 			OIDCIssuer:       cli.OIDCIssuer,
+			AuthURL:          cli.AuthURL,
 			OAuth2: &oauth2.Config{
 				ClientID:     cli.OIDCClientID,
 				ClientSecret: cli.OIDCClientSecret,