feat: Add config struct of OpenID-Connect Login (#2597)

Co-authored-by: wangglb <[email protected]> Co-authored-by: Wang Zichen <[email protected]>
apache · Aug 29, 2022 · 95566d5 · 95566d5
1 parent 0458664
commit 95566d5
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 6 deletions.
diff --git a/api/conf/conf.yaml b/api/conf/conf.yaml
@@ -80,6 +80,14 @@ authentication:
     - username: user
       password: user
 
+oidc:
+  expire_time: 3600
+  app_name: authing
+  client_id:
+  client_secret:
+  scope: oidc
+  redirect_uri: oidc/callback
+
 plugins:                          # plugin list (sorted in alphabetical order)
   - api-breaker
   - authz-keycloak

diff --git a/api/internal/conf/conf.go b/api/internal/conf/conf.go
@@ -58,6 +58,7 @@ var (
 	AccessLogPath    = "logs/access.log"
 	UserList         = make(map[string]User, 2)
 	AuthConf         Authentication
+	OidcConf         Oidc
 	SSLDefaultStatus = 1 //enable ssl by default
 	ImportSizeLimit  = 10 * 1024 * 1024
 	AllowList        []string
@@ -126,10 +127,20 @@ type Authentication struct {
 	Users      []User
 }
 
+type Oidc struct {
+	ExpireTime   int    `mapstructure:"expire_time" yaml:"expire_time"`
+	AppName      string `mapstructure:"app_name"`
+	ClientId     string `mapstructure:"client_id"`
+	ClientSecret string `mapstructure:"client_secret"`
+	Scope        string
+	RedirectUri  string `mapstructure:"redirect_uri"`
+}
+
 type Config struct {
 	Conf           Conf
 	Authentication Authentication
 	Plugins        []string
+	Oidc           Oidc
 }
 
 type Security struct {
@@ -256,6 +267,9 @@ func setupConfig() {
 	// set authentication
 	initAuthentication(config.Authentication)
 
+	//set Oidc
+	initOidc(config.Oidc)
+
 	// set plugin
 	initPlugins(config.Plugins)
 
@@ -283,6 +297,10 @@ func initAuthentication(conf Authentication) {
 	}
 }
 
+func initOidc(conf Oidc) {
+	OidcConf = conf
+}
+
 func initPlugins(plugins []string) {
 	for _, pluginName := range plugins {
 		Plugins[pluginName] = true

diff --git a/api/internal/filter/invalid_request.go b/api/internal/filter/invalid_request.go
@@ -34,8 +34,5 @@ func InvalidRequest() gin.HandlerFunc {
 }
 
 func checkURL(url *url.URL) bool {
-	if strings.Contains(url.Path, "..") {
-		return false
-	}
-	return true
+	return !strings.Contains(url.Path, "..")
 }
diff --git a/api/internal/handler/data_loader/loader/openapi3/import.go b/api/internal/handler/data_loader/loader/openapi3/import.go
@@ -75,8 +75,7 @@ func (o Loader) convertToEntities(s *openapi3.Swagger) (*loader.DataSets, error)
 
 	// create upstream when servers field not empty
 	if len(s.Servers) > 0 {
-		var upstream entity.Upstream
-		upstream = entity.Upstream{
+		upstream := entity.Upstream{
 			BaseInfo: entity.BaseInfo{ID: globalUpstreamID},
 			UpstreamDef: entity.UpstreamDef{
 				Name: globalUpstreamID,