replaced authentik with generic oidc provider
This commit is contained in:
Gani Georgiev
@@ -15,6 +15,10 @@ import (
|
||||
"github.com/pocketbase/pocketbase/tools/security"
|
||||
)
|
||||
|
||||
// SecretMask is the default settings secrets replacement value
|
||||
// (see Settings.RedactClone()).
|
||||
const SecretMask string = "******"
|
||||
|
||||
// Settings defines common app configuration options.
|
||||
type Settings struct {
|
||||
mux sync.RWMutex
|
||||
@@ -47,8 +51,10 @@ type Settings struct {
|
||||
StravaAuth AuthProviderConfig `form:"stravaAuth" json:"stravaAuth"`
|
||||
GiteeAuth AuthProviderConfig `form:"giteeAuth" json:"giteeAuth"`
|
||||
LivechatAuth AuthProviderConfig `form:"livechatAuth" json:"livechatAuth"`
|
||||
AuthentikAuth AuthProviderConfig `form:"authentikAuth" json:"authentikAuth"`
|
||||
GiteaAuth AuthProviderConfig `form:"giteaAuth" json:"giteaAuth"`
|
||||
OIDCAuth AuthProviderConfig `form:"oidcAuth" json:"oidcAuth"`
|
||||
OIDC2Auth AuthProviderConfig `form:"oidc2Auth" json:"oidc2Auth"`
|
||||
OIDC3Auth AuthProviderConfig `form:"oidc3Auth" json:"oidc3Auth"`
|
||||
}
|
||||
|
||||
// New creates and returns a new default Settings instance.
|
||||
@@ -138,10 +144,16 @@ func New() *Settings {
|
||||
LivechatAuth: AuthProviderConfig{
|
||||
Enabled: false,
|
||||
},
|
||||
AuthentikAuth: AuthProviderConfig{
|
||||
GiteaAuth: AuthProviderConfig{
|
||||
Enabled: false,
|
||||
},
|
||||
GiteaAuth: AuthProviderConfig{
|
||||
OIDCAuth: AuthProviderConfig{
|
||||
Enabled: false,
|
||||
},
|
||||
OIDC2Auth: AuthProviderConfig{
|
||||
Enabled: false,
|
||||
},
|
||||
OIDC3Auth: AuthProviderConfig{
|
||||
Enabled: false,
|
||||
},
|
||||
}
|
||||
@@ -176,8 +188,10 @@ func (s *Settings) Validate() error {
|
||||
validation.Field(&s.StravaAuth),
|
||||
validation.Field(&s.GiteeAuth),
|
||||
validation.Field(&s.LivechatAuth),
|
||||
validation.Field(&s.AuthentikAuth),
|
||||
validation.Field(&s.GiteaAuth),
|
||||
validation.Field(&s.OIDCAuth),
|
||||
validation.Field(&s.OIDC2Auth),
|
||||
validation.Field(&s.OIDC3Auth),
|
||||
)
|
||||
}
|
||||
|
||||
@@ -211,8 +225,6 @@ func (s *Settings) RedactClone() (*Settings, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
mask := "******"
|
||||
|
||||
sensitiveFields := []*string{
|
||||
&clone.Smtp.Password,
|
||||
&clone.S3.Secret,
|
||||
@@ -235,14 +247,16 @@ func (s *Settings) RedactClone() (*Settings, error) {
|
||||
&clone.StravaAuth.ClientSecret,
|
||||
&clone.GiteeAuth.ClientSecret,
|
||||
&clone.LivechatAuth.ClientSecret,
|
||||
&clone.AuthentikAuth.ClientSecret,
|
||||
&clone.GiteaAuth.ClientSecret,
|
||||
&clone.OIDCAuth.ClientSecret,
|
||||
&clone.OIDC2Auth.ClientSecret,
|
||||
&clone.OIDC3Auth.ClientSecret,
|
||||
}
|
||||
|
||||
// mask all sensitive fields
|
||||
for _, v := range sensitiveFields {
|
||||
if v != nil && *v != "" {
|
||||
*v = mask
|
||||
*v = SecretMask
|
||||
}
|
||||
}
|
||||
|
||||
@@ -256,21 +270,23 @@ func (s *Settings) NamedAuthProviderConfigs() map[string]AuthProviderConfig {
|
||||
defer s.mux.RUnlock()
|
||||
|
||||
return map[string]AuthProviderConfig{
|
||||
auth.NameGoogle: s.GoogleAuth,
|
||||
auth.NameFacebook: s.FacebookAuth,
|
||||
auth.NameGithub: s.GithubAuth,
|
||||
auth.NameGitlab: s.GitlabAuth,
|
||||
auth.NameDiscord: s.DiscordAuth,
|
||||
auth.NameTwitter: s.TwitterAuth,
|
||||
auth.NameMicrosoft: s.MicrosoftAuth,
|
||||
auth.NameSpotify: s.SpotifyAuth,
|
||||
auth.NameKakao: s.KakaoAuth,
|
||||
auth.NameTwitch: s.TwitchAuth,
|
||||
auth.NameStrava: s.StravaAuth,
|
||||
auth.NameGitee: s.GiteeAuth,
|
||||
auth.NameLivechat: s.LivechatAuth,
|
||||
auth.NameAuthentik: s.AuthentikAuth,
|
||||
auth.NameGitea: s.GiteaAuth,
|
||||
auth.NameGoogle: s.GoogleAuth,
|
||||
auth.NameFacebook: s.FacebookAuth,
|
||||
auth.NameGithub: s.GithubAuth,
|
||||
auth.NameGitlab: s.GitlabAuth,
|
||||
auth.NameDiscord: s.DiscordAuth,
|
||||
auth.NameTwitter: s.TwitterAuth,
|
||||
auth.NameMicrosoft: s.MicrosoftAuth,
|
||||
auth.NameSpotify: s.SpotifyAuth,
|
||||
auth.NameKakao: s.KakaoAuth,
|
||||
auth.NameTwitch: s.TwitchAuth,
|
||||
auth.NameStrava: s.StravaAuth,
|
||||
auth.NameGitee: s.GiteeAuth,
|
||||
auth.NameLivechat: s.LivechatAuth,
|
||||
auth.NameGitea: s.GiteaAuth,
|
||||
auth.NameOIDC: s.OIDCAuth,
|
||||
auth.NameOIDC + "2": s.OIDC2Auth,
|
||||
auth.NameOIDC + "3": s.OIDC3Auth,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -481,11 +497,11 @@ func (c LogsConfig) Validate() error {
|
||||
|
||||
type AuthProviderConfig struct {
|
||||
Enabled bool `form:"enabled" json:"enabled"`
|
||||
ClientId string `form:"clientId" json:"clientId,omitempty"`
|
||||
ClientSecret string `form:"clientSecret" json:"clientSecret,omitempty"`
|
||||
AuthUrl string `form:"authUrl" json:"authUrl,omitempty"`
|
||||
TokenUrl string `form:"tokenUrl" json:"tokenUrl,omitempty"`
|
||||
UserApiUrl string `form:"userApiUrl" json:"userApiUrl,omitempty"`
|
||||
ClientId string `form:"clientId" json:"clientId"`
|
||||
ClientSecret string `form:"clientSecret" json:"clientSecret"`
|
||||
AuthUrl string `form:"authUrl" json:"authUrl"`
|
||||
TokenUrl string `form:"tokenUrl" json:"tokenUrl"`
|
||||
UserApiUrl string `form:"userApiUrl" json:"userApiUrl"`
|
||||
}
|
||||
|
||||
// Validate makes `ProviderConfig` validatable by implementing [validation.Validatable] interface.
|
||||
|
||||
Reference in New Issue
Block a user