mirror of https://github.com/Xhofe/alist
feat(sso): add custom extra scope support (#7577)
Joseph Chris
GitHub
parent
aa45a82914
commit
088120df82
|
|
@ -164,6 +164,7 @@ func InitialSettings() []model.SettingItem {
|
||||||
{Key: conf.SSOApplicationName, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
{Key: conf.SSOApplicationName, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
||||||
{Key: conf.SSOEndpointName, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
{Key: conf.SSOEndpointName, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
||||||
{Key: conf.SSOJwtPublicKey, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
{Key: conf.SSOJwtPublicKey, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
||||||
|
{Key: conf.SSOExtraScopes, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
||||||
{Key: conf.SSOAutoRegister, Value: "false", Type: conf.TypeBool, Group: model.SSO, Flag: model.PRIVATE},
|
{Key: conf.SSOAutoRegister, Value: "false", Type: conf.TypeBool, Group: model.SSO, Flag: model.PRIVATE},
|
||||||
{Key: conf.SSODefaultDir, Value: "/", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
{Key: conf.SSODefaultDir, Value: "/", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
|
||||||
{Key: conf.SSODefaultPermission, Value: "0", Type: conf.TypeNumber, Group: model.SSO, Flag: model.PRIVATE},
|
{Key: conf.SSODefaultPermission, Value: "0", Type: conf.TypeNumber, Group: model.SSO, Flag: model.PRIVATE},
|
||||||
|
|
|
||||||
|
|
@ -72,6 +72,7 @@ const (
|
||||||
SSOApplicationName = "sso_application_name"
|
SSOApplicationName = "sso_application_name"
|
||||||
SSOEndpointName = "sso_endpoint_name"
|
SSOEndpointName = "sso_endpoint_name"
|
||||||
SSOJwtPublicKey = "sso_jwt_public_key"
|
SSOJwtPublicKey = "sso_jwt_public_key"
|
||||||
|
SSOExtraScopes = "sso_extra_scopes"
|
||||||
SSOAutoRegister = "sso_auto_register"
|
SSOAutoRegister = "sso_auto_register"
|
||||||
SSODefaultDir = "sso_default_dir"
|
SSODefaultDir = "sso_default_dir"
|
||||||
SSODefaultPermission = "sso_default_permission"
|
SSODefaultPermission = "sso_default_permission"
|
||||||
|
|
|
||||||
|
|
@ -4,13 +4,14 @@ import (
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"github.com/Xhofe/go-cache"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"path"
|
"path"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/Xhofe/go-cache"
|
||||||
|
|
||||||
"github.com/alist-org/alist/v3/internal/conf"
|
"github.com/alist-org/alist/v3/internal/conf"
|
||||||
"github.com/alist-org/alist/v3/internal/db"
|
"github.com/alist-org/alist/v3/internal/db"
|
||||||
"github.com/alist-org/alist/v3/internal/model"
|
"github.com/alist-org/alist/v3/internal/model"
|
||||||
|
|
@ -123,6 +124,10 @@ func GetOIDCClient(c *gin.Context, useCompatibility bool, redirectUri, method st
|
||||||
}
|
}
|
||||||
clientId := setting.GetStr(conf.SSOClientId)
|
clientId := setting.GetStr(conf.SSOClientId)
|
||||||
clientSecret := setting.GetStr(conf.SSOClientSecret)
|
clientSecret := setting.GetStr(conf.SSOClientSecret)
|
||||||
|
extraScopes := []string{}
|
||||||
|
if setting.GetStr(conf.SSOExtraScopes) != "" {
|
||||||
|
extraScopes = strings.Split(setting.GetStr(conf.SSOExtraScopes), " ")
|
||||||
|
}
|
||||||
return &oauth2.Config{
|
return &oauth2.Config{
|
||||||
ClientID: clientId,
|
ClientID: clientId,
|
||||||
ClientSecret: clientSecret,
|
ClientSecret: clientSecret,
|
||||||
|
|
@ -132,7 +137,7 @@ func GetOIDCClient(c *gin.Context, useCompatibility bool, redirectUri, method st
|
||||||
Endpoint: provider.Endpoint(),
|
Endpoint: provider.Endpoint(),
|
||||||
|
|
||||||
// "openid" is a required scope for OpenID Connect flows.
|
// "openid" is a required scope for OpenID Connect flows.
|
||||||
Scopes: []string{oidc.ScopeOpenID, "profile"},
|
Scopes: append([]string{oidc.ScopeOpenID, "profile"}, extraScopes...),
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue