This commit is contained in:
Tao Chen 2024-05-09 16:42:39 +02:00
parent 77c6bcacca
commit bd78f564b9
2 changed files with 36 additions and 54 deletions

View file

@ -350,7 +350,7 @@ func extractIDTokenClaims(
writer.WriteHeader(http.StatusBadRequest)
_, werr := writer.Write([]byte("Failed to decode id token claims"))
if werr != nil {
util.LogErr(err,"Failed to write response")
util.LogErr(err, "Failed to write response")
}
return nil, err
}
@ -358,7 +358,7 @@ func extractIDTokenClaims(
// Unmarshal the claims into a map
mappedClaims := make(map[string]interface{})
if err := json.Unmarshal(claims, &mappedClaims); err != nil {
util.LogErr(err,"Failed to unmarshal id token claims")
util.LogErr(err, "Failed to unmarshal id token claims")
return nil, err
}
@ -388,24 +388,6 @@ func extractIDTokenClaims(
return &finalClaims, nil
}
// {
// var claims IDTokenClaims
// if err := idToken.Claims(&claims); err != nil {
// util.LogErr(err, "Failed to decode id token claims")
// writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
// writer.WriteHeader(http.StatusBadRequest)
// _, werr := writer.Write([]byte("Failed to decode id token claims"))
// if werr != nil {
// util.LogErr(err, "Failed to write response")
// }
// return nil, err
// }
// return &claims, nil
// }
// validateOIDCAllowedDomains checks that if AllowedDomains is provided,
// that the authenticated principal ends with @<alloweddomain>.
func validateOIDCAllowedDomains(

View file

@ -254,9 +254,9 @@ func LoadConfig(path string, isFile bool) error {
viper.SetDefault("oidc.claims_map.email", "email")
viper.SetDefault("oidc.claims_map.groups", "groups")
// misc
viper.SetDefault("oidc.strip_email_domain", false)
viper.SetDefault("oidc.flatten_groups", false)
viper.SetDefault("oidc.flatten_splitter", "/")
viper.SetDefault("oidc.misc.strip_email_domain", false)
viper.SetDefault("oidc.misc.flatten_groups", false)
viper.SetDefault("oidc.misc.flatten_splitter", "/")
viper.SetDefault("logtail.enabled", false)
viper.SetDefault("randomize_client_port", false)
@ -695,9 +695,9 @@ func GetOIDCConfig() (OIDCConfig, error) {
}
// get misc config
oidcMiscConfig := OIDCMiscConfig{
StripEmaildomain: viper.GetBool("oidc.strip_email_domain"),
FlattenGroups: viper.GetBool("oidc.flatten_groups"),
FlattenSplter: viper.GetString("oidc.flatten_splitter"),
StripEmaildomain: viper.GetBool("oidc.misc.strip_email_domain"),
FlattenGroups: viper.GetBool("oidc.misc.flatten_groups"),
FlattenSplter: viper.GetString("oidc.misc.flatten_splitter"),
}
// get client secret
oidcClientSecret := viper.GetString("oidc.client_secret")