From 088f4faf82f73e8dc54a88325cc5bdc7455925c2 Mon Sep 17 00:00:00 2001 From: Melora Hugues Date: Wed, 3 Jan 2024 17:10:20 +0100 Subject: [PATCH 1/2] fix: allow setting the issuer from environment variables --- README.md | 2 ++ polyculeconnect/config/config.go | 10 ++++++++++ polyculeconnect/config/config_test.go | 3 +++ 3 files changed, 15 insertions(+) diff --git a/README.md b/README.md index 35755b8..b02382c 100644 --- a/README.md +++ b/README.md @@ -51,6 +51,8 @@ The rest of the configuration is handled through environment variables # Can be debug,info,warning,error LOG_LEVEL = "info" +ISSUER = "http://localhost" + # Can be net,unix SERVER_MODE = "net" SERVER_HOST = "0.0.0.0" diff --git a/polyculeconnect/config/config.go b/polyculeconnect/config/config.go index 690d023..ae245c6 100644 --- a/polyculeconnect/config/config.go +++ b/polyculeconnect/config/config.go @@ -22,6 +22,8 @@ const ( varServerPort envVar = "SERVER_PORT" varServerSocket envVar = "SERVER_SOCK_PATH" + varIssuer envVar = "ISSUER" + varStorageType envVar = "STORAGE_TYPE" varStorageFile envVar = "STORAGE_FILEPATH" varStorageHost envVar = "STORAGE_HOST" @@ -55,6 +57,8 @@ const ( defaultServerPort = 5000 defaultServerSocket = "" + defaultIssuer = "locahost" + defaultStorageType = Memory defaultStorageFile = "./polyculeconnect.db" defaultStorageHost = "127.0.0.1" @@ -125,6 +129,9 @@ func (ac *AppConfig) UnmarshalJSON(data []byte) error { return fmt.Errorf("failed to read JSON: %w", err) } ac.OpenConnectConfig = jsonConf.OpenConnectConfig + if ac.OpenConnectConfig == nil { + ac.OpenConnectConfig = &OpenConnectConfig{} + } return nil } @@ -145,6 +152,8 @@ func (ac *AppConfig) getConfFromEnv() { ac.StorageConfig.Password = getStringFromEnv(varStoragePassword, defaultStoragePassword) ac.StorageConfig.Ssl.CaFile = getStringFromEnv(varStorageSSLCaFile, defaultStorageSSLCaFile) ac.StorageConfig.Ssl.Mode = getStringFromEnv(varStorageSSLMode, defaultStorageSSLMode) + + ac.OpenConnectConfig.Issuer = getStringFromEnv(varIssuer, defaultIssuer) } func (ac *AppConfig) RedirectURI() string { @@ -154,6 +163,7 @@ func (ac *AppConfig) RedirectURI() string { func New(filepath string) (*AppConfig, error) { var conf AppConfig conf.StorageConfig = &StorageConfig{} + conf.OpenConnectConfig = &OpenConnectConfig{} content, err := os.ReadFile(filepath) if err != nil { if !errors.Is(err, fs.ErrNotExist) { diff --git a/polyculeconnect/config/config_test.go b/polyculeconnect/config/config_test.go index 2e93854..86d480d 100644 --- a/polyculeconnect/config/config_test.go +++ b/polyculeconnect/config/config_test.go @@ -29,6 +29,9 @@ var defaultConfig = AppConfig{ CaFile string }{Mode: defaultStorageSSLMode, CaFile: defaultStorageSSLCaFile}, }, + OpenConnectConfig: &OpenConnectConfig{ + Issuer: defaultIssuer, + }, } func initJson(t *testing.T, content string) string { -- 2.45.2 From db665a30fa9c9100760fd4f211d9e3d8359e923e Mon Sep 17 00:00:00 2001 From: Melora Hugues Date: Wed, 3 Jan 2024 17:11:54 +0100 Subject: [PATCH 2/2] fix: allow setting client/secret id for a new backend --- polyculeconnect/cmd/backend/add.go | 31 ++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/polyculeconnect/cmd/backend/add.go b/polyculeconnect/cmd/backend/add.go index 7577736..ba70a18 100644 --- a/polyculeconnect/cmd/backend/add.go +++ b/polyculeconnect/cmd/backend/add.go @@ -4,15 +4,17 @@ import ( "fmt" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/cmd/utils" - "git.faercol.me/faercol/polyculeconnect/polyculeconnect/services" + "git.faercol.me/faercol/polyculeconnect/polyculeconnect/logger" "git.faercol.me/faercol/polyculeconnect/polyculeconnect/services/backend" "github.com/spf13/cobra" ) var ( - backendID string - backendName string - backendIssuer string + backendID string + backendName string + backendIssuer string + backendClientID string + backendClientSecret string ) var backendAddCmd = &cobra.Command{ @@ -25,7 +27,9 @@ Parameters to provide: - name: Human readable name to represent the backend. It will be used by the user in the authentication page to select a backend during authentication -- issuer: Full hostname of the OIDC provider, e.g. 'https://github.com'`, +- issuer: Full hostname of the OIDC provider, e.g. 'https://github.com' +- client-id: OIDC Client ID for the backend +- client-secret OIDC Client secret for the backend`, Run: func(cmd *cobra.Command, args []string) { addNewBackend() }, @@ -33,17 +37,20 @@ Parameters to provide: func addNewBackend() { c := utils.InitConfig("") + logger.Init(c.LogLevel) s := utils.InitStorage(c) - clientID, clientSecret, err := services.GenerateClientIDSecret() - if err != nil { - utils.Failf("Failed to generate client id or secret: %s", err.Error()) + if backendClientID == "" { + utils.Fail("Empty client ID") + } + if backendClientSecret == "" { + utils.Fail("Empty client secret") } backendConf := backend.BackendConfig{ Issuer: backendIssuer, - ClientID: clientID, - ClientSecret: clientSecret, + ClientID: backendClientID, + ClientSecret: backendClientSecret, RedirectURI: c.RedirectURI(), ID: backendID, Name: backendName, @@ -53,8 +60,6 @@ func addNewBackend() { } fmt.Printf("New backend %s added.\n", backendName) - printProperty("Client ID", clientID) - printProperty("Client secret", clientSecret) } func init() { @@ -63,4 +68,6 @@ func init() { backendAddCmd.Flags().StringVarP(&backendID, "id", "i", "", "ID to identify the backend in the storage") backendAddCmd.Flags().StringVarP(&backendName, "name", "n", "", "Name to represent the backend") backendAddCmd.Flags().StringVarP(&backendIssuer, "issuer", "d", "", "Full hostname of the backend") + backendAddCmd.Flags().StringVarP(&backendClientID, "client-id", "", "", "OIDC Client ID for the backend") + backendAddCmd.Flags().StringVarP(&backendClientSecret, "client-secret", "", "", "OIDC Client secret for the backend") } -- 2.45.2