CSEC_PUBLIC/catalyst
1
0
Fork 0
mirror of https://github.com/SecurityBrewery/catalyst.git synced 2025-12-06 15:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add auth url (#466)

Browse Source 
* Add auth url

Co-authored-by: Jonas Plum <git@jonasplum.de>
This commit is contained in:
Jonas Plum
2022-10-01 03:05:07 +02:00
committed by GitHub
parent 5b5bba30ca
commit a50133f6fd
2 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
cmd/cmd.go
View File

@@ -1,6 +1,8 @@
package cmd
import (
"errors"
"github.com/alecthomas/kong"
kongyaml "github.com/alecthomas/kong-yaml"
"github.com/coreos/go-oidc/v3/oidc"
@@ -30,9 +32,10 @@ type CLI struct {
APIKeyAuthEnable bool `env:"API_KEY_AUTH_ENABLE" default:"true"`
OIDCEnable bool `env:"OIDC_ENABLE" default:"true"`
OIDCIssuer string `env:"OIDC_ISSUER" required:""`
OIDCIssuer string `env:"OIDC_ISSUER"`
AuthURL string `env:"OIDC_AUTH_URL"`
OIDCClientID string `env:"OIDC_CLIENT_ID" default:"catalyst"`
OIDCClientSecret string `env:"OIDC_CLIENT_SECRET" required:""`
OIDCClientSecret string `env:"OIDC_CLIENT_SECRET"`
OIDCScopes []string `env:"OIDC_SCOPES" help:"Additional scopes, ['oidc', 'profile', 'email'] are always added." placeholder:"customscopes"`
OIDCClaimUsername string `env:"OIDC_CLAIM_USERNAME" default:"preferred_username" help:"username field in the OIDC claim"`
OIDCClaimEmail string `env:"OIDC_CLAIM_EMAIL" default:"email" help:"email field in the OIDC claim"`
@@ -57,6 +60,15 @@ func ParseCatalystConfig() (*catalyst.Config, error) {
kong.Configuration(kongyaml.Loader, "/etc/catalyst.yaml", ".catalyst.yaml"),
)
if cli.OIDCEnable {
if cli.OIDCIssuer == "" {
return nil, errors.New("OIDC issuer not set")
}
if cli.OIDCClientSecret == "" {
return nil, errors.New("OIDC client secret is required")
}
}
return MapConfig(cli)
}
@@ -84,6 +96,7 @@ func MapConfig(cli CLI) (*catalyst.Config, error) {
APIKeyAuthEnable: cli.APIKeyAuthEnable,
OIDCAuthEnable: cli.OIDCEnable,
OIDCIssuer: cli.OIDCIssuer,
AuthURL: cli.AuthURL,
OAuth2: &oauth2.Config{
ClientID: cli.OIDCClientID,
ClientSecret: cli.OIDCClientSecret,