mirror of https://github.com/portainer/portainer
refactor(auth): exprt oauth settings into extension
parent
0a1643bbcf
commit
515daf6dba
|
@ -1,3 +1,4 @@
|
||||||
angular.module('portainer.extensions', [
|
angular.module('portainer.extensions', [
|
||||||
'portainer.extensions.registrymanagement'
|
'portainer.extensions.registrymanagement',
|
||||||
|
'portainer.extensions.oauth'
|
||||||
]);
|
]);
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
angular.module('portainer.extensions.oauth', []);
|
|
@ -0,0 +1,164 @@
|
||||||
|
<div>
|
||||||
|
<div class="col-sm-12 form-section-title">OAuth Configuration</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_client_id" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
Client ID
|
||||||
|
<portainer-tooltip position="bottom" message="Client ID that authorization server supports"></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_client_id"
|
||||||
|
ng-model="$ctrl.settings.ClientID"
|
||||||
|
placeholder="xxxxxxxxxxxxxxxxxxxx"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_client_secret" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
Client Secret
|
||||||
|
<portainer-tooltip
|
||||||
|
position="bottom"
|
||||||
|
message="Client secret that authorization server supports"
|
||||||
|
></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="password"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_client_secret"
|
||||||
|
ng-model="$ctrl.settings.ClientSecret"
|
||||||
|
placeholder="xxxxxxxxxxxxxxxxxxxx"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_authorization_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
Authorization URI
|
||||||
|
<portainer-tooltip
|
||||||
|
position="bottom"
|
||||||
|
message="URI where the user is redirected in order to login with OAuth provider"
|
||||||
|
></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_authorization_uri"
|
||||||
|
ng-model="$ctrl.settings.AuthorizationURI"
|
||||||
|
placeholder="https://example.com/oauth/authorize"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_access_token_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
Access Token URI
|
||||||
|
<portainer-tooltip
|
||||||
|
position="bottom"
|
||||||
|
message="URI where portainer will attempt to obtain an access token"
|
||||||
|
></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_access_token_uri"
|
||||||
|
ng-model="$ctrl.settings.AccessTokenURI"
|
||||||
|
placeholder="https://example.com/oauth/token"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_resource_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
Resource URI
|
||||||
|
<portainer-tooltip
|
||||||
|
position="bottom"
|
||||||
|
message="URI where portainer will attempt to retrieve the user identifier value"
|
||||||
|
></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_resource_uri"
|
||||||
|
ng-model="$ctrl.settings.ResourceURI"
|
||||||
|
placeholder="https://example.com/user"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_redirect_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
Redirect URI
|
||||||
|
<portainer-tooltip position="bottom" message="Set this as your portainer index"></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_redirect_uri"
|
||||||
|
ng-model="$ctrl.settings.RedirectURI"
|
||||||
|
placeholder="http://yourportainer.com/"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_user_identifier" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
User Identifier
|
||||||
|
<portainer-tooltip
|
||||||
|
position="bottom"
|
||||||
|
message="Key that identifies the user in the resource server request"
|
||||||
|
></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_user_identifier"
|
||||||
|
ng-model="$ctrl.settings.UserIdentifier"
|
||||||
|
placeholder="id"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="oauth_scopes" class="col-sm-3 col-lg-2 control-label text-left">
|
||||||
|
Scopes
|
||||||
|
<portainer-tooltip
|
||||||
|
position="bottom"
|
||||||
|
message="Scopes that are required to obtain the user identifier separated by delimiter if server expects it"
|
||||||
|
></portainer-tooltip>
|
||||||
|
</label>
|
||||||
|
<div class="col-sm-9 col-lg-10">
|
||||||
|
<input
|
||||||
|
type="text"
|
||||||
|
class="form-control"
|
||||||
|
id="oauth_scopes"
|
||||||
|
ng-model="$ctrl.settings.Scopes"
|
||||||
|
placeholder="id,email,name"
|
||||||
|
/>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<span class="col-sm-12 text-muted small">
|
||||||
|
With automatic user provisioning enabled, Portainer will create user(s) automatically with standard user role. If
|
||||||
|
disabled, users must be created in Portainer in order to login.
|
||||||
|
</span>
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<div class="col-sm-12">
|
||||||
|
<label for="oauth_provisioning"> Automatic user provisioning </label>
|
||||||
|
<label class="switch" style="margin-left: 20px">
|
||||||
|
<input type="checkbox" ng-model="$ctrl.settings.OAuthAutoCreateUsers" /><i></i>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
|
@ -0,0 +1,7 @@
|
||||||
|
angular.module('portainer.extensions.oauth').component('oauthSettings', {
|
||||||
|
templateUrl: 'app/extensions/oauth/components/oauth-settings/oauth-settings.html',
|
||||||
|
bindings: {
|
||||||
|
settings: '<'
|
||||||
|
}
|
||||||
|
// controller: 'oauthSettingsController'
|
||||||
|
});
|
|
@ -12,9 +12,6 @@ function (urlHelper, $q, $scope, $state, $stateParams, $sanitize, Authentication
|
||||||
AuthenticationError: ''
|
AuthenticationError: ''
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$scope.authenticateUser = function() {
|
$scope.authenticateUser = function() {
|
||||||
var username = $scope.formValues.Username;
|
var username = $scope.formValues.Username;
|
||||||
var password = $scope.formValues.Password;
|
var password = $scope.formValues.Password;
|
||||||
|
|
|
@ -321,108 +321,7 @@
|
||||||
<!-- !group-search-settings -->
|
<!-- !group-search-settings -->
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div ng-if="settings.AuthenticationMethod === 3">
|
<oauth-settings ng-if="settings.AuthenticationMethod === 3" settings="OAuthSettings"></oauth-settings>
|
||||||
|
|
||||||
<div class="col-sm-12 form-section-title">
|
|
||||||
OAuth Configuration
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_client_id" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
Client ID
|
|
||||||
<portainer-tooltip position="bottom" message="Client ID that authorization server supports"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="text" class="form-control" id="oauth_client_id" ng-model="OAuthSettings.ClientID" placeholder="xxxxxxxxxxxxxxxxxxxx">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_client_secret" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
Client Secret
|
|
||||||
<portainer-tooltip position="bottom" message="Client secret that authorization server supports"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="password" class="form-control" id="oauth_client_secret" ng-model="OAuthSettings.ClientSecret" placeholder="xxxxxxxxxxxxxxxxxxxx">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_authorization_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
Authorization URI
|
|
||||||
<portainer-tooltip position="bottom" message="URI where the user is redirected in order to login with OAuth provider"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="text" class="form-control" id="oauth_authorization_uri" ng-model="OAuthSettings.AuthorizationURI" placeholder="https://example.com/oauth/authorize">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_access_token_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
Access Token URI
|
|
||||||
<portainer-tooltip position="bottom" message="URI where portainer will attempt to obtain an access token"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="text" class="form-control" id="oauth_access_token_uri" ng-model="OAuthSettings.AccessTokenURI" placeholder="https://example.com/oauth/token">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_resource_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
Resource URI
|
|
||||||
<portainer-tooltip position="bottom" message="URI where portainer will attempt to retrieve the user identifier value"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="text" class="form-control" id="oauth_resource_uri" ng-model="OAuthSettings.ResourceURI" placeholder="https://example.com/user">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_redirect_uri" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
Redirect URI
|
|
||||||
<portainer-tooltip position="bottom" message="Set this as your portainer index"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="text" class="form-control" id="oauth_redirect_uri" ng-model="OAuthSettings.RedirectURI" placeholder="http://yourportainer.com/">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_user_identifier" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
User Identifier
|
|
||||||
<portainer-tooltip position="bottom" message="Key that identifies the user in the resource server request"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="text" class="form-control" id="oauth_user_identifier" ng-model="OAuthSettings.UserIdentifier" placeholder="id">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<label for="oauth_scopes" class="col-sm-3 col-lg-2 control-label text-left">
|
|
||||||
Scopes
|
|
||||||
<portainer-tooltip position="bottom" message="Scopes that are required to obtain the user identifier separated by delimiter if server expects it"></portainer-tooltip>
|
|
||||||
</label>
|
|
||||||
<div class="col-sm-9 col-lg-10">
|
|
||||||
<input type="text" class="form-control" id="oauth_scopes" ng-model="OAuthSettings.Scopes" placeholder="id,email,name">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
|
||||||
<span class="col-sm-12 text-muted small">
|
|
||||||
With automatic user provisioning enabled, Portainer will create user(s) automatically with standard user role. If disabled, users must be created in Portainer in order to login.
|
|
||||||
</span>
|
|
||||||
</div>
|
|
||||||
<div class="form-group">
|
|
||||||
<div class="col-sm-12">
|
|
||||||
<label for="oauth_provisioning">
|
|
||||||
Automatic user provisioning
|
|
||||||
</label>
|
|
||||||
<label class="switch" style="margin-left: 20px">
|
|
||||||
<input type="checkbox" ng-model="OAuthSettings.OAuthAutoCreateUsers"><i></i>
|
|
||||||
</label>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<!-- actions -->
|
<!-- actions -->
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
|
|
|
@ -14,6 +14,10 @@ function ($q, $scope, Notifications, SettingsService, FileUploadService) {
|
||||||
TLSCACert: ''
|
TLSCACert: ''
|
||||||
};
|
};
|
||||||
|
|
||||||
|
$scope.isOauthEnabled = function isOauthEnabled() {
|
||||||
|
return $scope.settings.AuthenticationMethod === 3;
|
||||||
|
};
|
||||||
|
|
||||||
$scope.addSearchConfiguration = function() {
|
$scope.addSearchConfiguration = function() {
|
||||||
$scope.LDAPSettings.SearchSettings.push({ BaseDN: '', UserNameAttribute: '', Filter: '' });
|
$scope.LDAPSettings.SearchSettings.push({ BaseDN: '', UserNameAttribute: '', Filter: '' });
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in New Issue