refactor(auth): expose only the login url

api/http/handler/settings/settings_public.go

@@ -1,6 +1,7 @@
 package settings
 
 import (
+	"fmt"
 	"net/http"
 
 	httperror "github.com/portainer/libhttp/error"
@@ -15,10 +16,7 @@ type publicSettingsResponse struct {
 	AllowPrivilegedModeForRegularUsers bool                           `json:"AllowPrivilegedModeForRegularUsers"`
 	EnableHostManagementFeatures       bool                           `json:"EnableHostManagementFeatures"`
 	ExternalTemplates                  bool                           `json:"ExternalTemplates"`
-	AuthorizationURI                   string                         `json:"AuthorizationURI"`
-	ClientID                           string                         `json:"ClientID"`
-	RedirectURI                        string                         `json:"RedirectURI"`
-	Scopes                             string                         `json:"Scopes"`
+	OAuthLoginURI                      string                         `json:"OAuthLoginURI"`
 }
 
 // GET request on /api/settings/public
@@ -35,10 +33,11 @@ func (handler *Handler) settingsPublic(w http.ResponseWriter, r *http.Request) *
 		AllowPrivilegedModeForRegularUsers: settings.AllowPrivilegedModeForRegularUsers,
 		EnableHostManagementFeatures:       settings.EnableHostManagementFeatures,
 		ExternalTemplates:                  false,
-		AuthorizationURI:                   settings.OAuthSettings.AuthorizationURI,
-		ClientID:                           settings.OAuthSettings.ClientID,
-		RedirectURI:                        settings.OAuthSettings.RedirectURI,
-		Scopes:                             settings.OAuthSettings.Scopes,
+		OAuthLoginURI: fmt.Sprintf("%s?response_type=code&client_id=%s&redirect_uri=%s&scope=%s&state=portainer",
+			settings.OAuthSettings.AuthorizationURI,
+			settings.OAuthSettings.ClientID,
+			settings.OAuthSettings.RedirectURI,
+			settings.OAuthSettings.Scopes),
 	}
 
 	if settings.TemplatesURL != "" {

app/portainer/views/auth/auth.html

@@ -28,7 +28,7 @@
             <!-- login button -->
             <div class="form-group">
               <div class="col-sm-12">
-                <a ng-href="{{ AuthorizationURI }}?response_type=code&client_id={{ ClientID }}&redirect_uri={{ RedirectURI }}&scope={{ Scopes }}&state=portainer"><div class="btn btn-primary btn-sm pull-right" ng-if="AuthenticationMethod === 3" style="margin-left:2px"><i class="fa fa-sign-in-alt" aria-hidden="true"></i> OAuth Login</div></a>
+                <a ng-href="{{OAuthLoginURI}}"><div class="btn btn-primary btn-sm pull-right" ng-if="AuthenticationMethod === 3" style="margin-left:2px"><i class="fa fa-sign-in-alt" aria-hidden="true"></i> OAuth Login</div></a>
                 <button type="submit" class="btn btn-primary btn-sm pull-right" ng-click="authenticateUser()"><i class="fa fa-sign-in-alt" aria-hidden="true"></i> Login</button>
                   <span class="pull-left" style="margin: 5px;" ng-if="state.AuthenticationError">
                   <i class="fa fa-exclamation-triangle red-icon" aria-hidden="true" style="margin-right: 2px;"></i>

app/portainer/views/auth/authController.js

@@ -84,10 +84,7 @@ function (urlHelper, $q, $scope, $state, $stateParams, $sanitize, Authentication
     SettingsService.publicSettings()
       .then(function success(settings) {
         $scope.AuthenticationMethod = settings.AuthenticationMethod;
-        $scope.ClientID = settings.ClientID;
-        $scope.RedirectURI = settings.RedirectURI;
-        $scope.Scopes = settings.Scopes;
-        $scope.AuthorizationURI = settings.AuthorizationURI;
+        $scope.OAuthLoginURI = settings.OAuthLoginURI;
       });
 
     if ($stateParams.logout || $stateParams.error) {