github/paralus
1
0
Fork 0
mirror of https://github.com/paralus/paralus.git synced 2026-02-14 17:49:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

[OIdC Provider] Return client secret on GET requests

Browse Source 
- Returns client secret on GET request, so that when UI made
modification to OIdC provider, it should be able to send back the
client secret to PUT request.
- Fix issuer url validation when udpate.
This commit is contained in:
Akshay Gaikwad
2022-05-12 19:15:10 +05:30
parent 51db33f8b9
commit f604768865
3 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/models/oidc_provider.go
View File

@@ -24,7 +24,7 @@ type OIDCProvider struct {
ClientId string `bun:"client_id,notnull"`
ClientSecret string `bun:"client_secret,notnull"`
Scopes []string `bun:"scopes,array,notnull"`
IssuerURL string `bun:"issuer_url,notnull"`
IssuerURL string `bun:"issuer_url,unique,notnull"`
AuthURL string `bun:"auth_url"`
TokenURL string `bun:"token_url"`
RequestedClaims map[string]interface{} `bun:"requested_claims,type:jsonb"`

4
persistence/migrations/admindb/000029_authsrv_oidc_provider.up.sql
View File

@@ -27,6 +27,8 @@ ALTER TABLE ONLY authsrv_oidc_provider ADD CONSTRAINT authsrv_oidc_provider_pkey
ALTER TABLE ONLY authsrv_oidc_provider ADD CONSTRAINT authsrv_oidc_provider_id_name_key UNIQUE (id,name);
ALTER TABLE ONLY authsrv_oidc_provider ADD CONSTRAINT authsrv_oidc_provider_issuer_url_key UNIQUE (issuer_url);
CREATE INDEX authsrv_oidc_provider_organization_id_4219d6ee ON authsrv_oidc_provider USING btree (organization_id);
CREATE INDEX authsrv_oidc_provider_partner_id_beb7c8df ON authsrv_oidc_provider USING btree (partner_id);
@@ -37,4 +39,4 @@ ALTER TABLE ONLY authsrv_oidc_provider
ALTER TABLE ONLY authsrv_oidc_provider
ADD CONSTRAINT authsrv_oidc_provider_partner_id_beb7c8df_fk_authsrv_partner_id FOREIGN KEY (partner_id)
REFERENCES authsrv_partner(id) DEFERRABLE INITIALLY DEFERRED;
REFERENCES authsrv_partner(id) DEFERRABLE INITIALLY DEFERRED;

17
pkg/service/oidc_provider.go
View File

@@ -215,6 +215,7 @@ func (s *oidcProvider) GetByID(ctx context.Context, provider *systemv3.OIDCProvi
MapperUrl: entity.MapperURL,
MapperFilename: entity.MapperFilename,
ClientId: entity.ClientId,
ClientSecret: entity.ClientSecret,
Scopes: entity.Scopes,
IssuerUrl: entity.IssuerURL,
AuthUrl: entity.AuthURL,
@@ -261,6 +262,7 @@ func (s *oidcProvider) GetByName(ctx context.Context, provider *systemv3.OIDCPro
MapperUrl: entity.MapperURL,
MapperFilename: entity.MapperFilename,
ClientId: entity.ClientId,
ClientSecret: entity.ClientSecret,
Scopes: entity.Scopes,
IssuerUrl: entity.IssuerURL,
AuthUrl: entity.AuthURL,
@@ -299,6 +301,7 @@ func (s *oidcProvider) List(ctx context.Context) (*systemv3.OIDCProviderList, er
MapperUrl: entity.MapperURL,
MapperFilename: entity.MapperFilename,
ClientId: entity.ClientId,
ClientSecret: entity.ClientSecret,
Scopes: entity.Scopes,
IssuerUrl: entity.IssuerURL,
AuthUrl: entity.AuthURL,
@@ -347,22 +350,14 @@ func (s *oidcProvider) Update(ctx context.Context, provider *systemv3.OIDCProvid
return &systemv3.OIDCProvider{}, status.Error(codes.Internal, codes.Internal.String())
}
}
p, _ := dao.GetM(ctx, s.db, map[string]interface{}{
"issuer_url": issUrl,
"partner_id": partnerId,
"organization_id": organizationId,
}, &models.OIDCProvider{})
if p != nil {
return nil, fmt.Errorf("DUPLICATE ISSUER URL")
}
if !validateURL(issUrl) {
return &systemv3.OIDCProvider{}, fmt.Errorf("INVALID ISSUER URL")
}
mapUrl := provider.Spec.GetMapperUrl()
authUrl := provider.Spec.GetAuthUrl()
tknUrl := provider.Spec.GetTokenUrl()
if !validateURL(issUrl) {
return &systemv3.OIDCProvider{}, fmt.Errorf("INVALID ISSUER URL")
}
if len(mapUrl) != 0 && !validateURL(mapUrl) {
return &systemv3.OIDCProvider{}, fmt.Errorf("INVALID MAPPER URL")
}