From 95566d5f5f818e02d8c8d9caf5f2ac90e1e603b5 Mon Sep 17 00:00:00 2001 From: Cosette <92791010+ljzsmllx@users.noreply.github.com> Date: Mon, 29 Aug 2022 10:24:48 +0800 Subject: [PATCH] feat: Add config struct of OpenID-Connect Login (#2597) Co-authored-by: wangglb <92615097+chunriyeqiongsaigao@users.noreply.github.com> Co-authored-by: Wang Zichen <1572839226@qq.com> --- api/conf/conf.yaml | 8 ++++++++ api/internal/conf/conf.go | 18 ++++++++++++++++++ api/internal/filter/invalid_request.go | 5 +---- .../data_loader/loader/openapi3/import.go | 3 +-- 4 files changed, 28 insertions(+), 6 deletions(-) diff --git a/api/conf/conf.yaml b/api/conf/conf.yaml index 012147ee6a..ac9377a98f 100644 --- a/api/conf/conf.yaml +++ b/api/conf/conf.yaml @@ -80,6 +80,14 @@ authentication: - username: user password: user +oidc: + expire_time: 3600 + app_name: authing + client_id: + client_secret: + scope: oidc + redirect_uri: oidc/callback + plugins: # plugin list (sorted in alphabetical order) - api-breaker - authz-keycloak diff --git a/api/internal/conf/conf.go b/api/internal/conf/conf.go index 20074238fc..7e5c8e35e6 100644 --- a/api/internal/conf/conf.go +++ b/api/internal/conf/conf.go @@ -58,6 +58,7 @@ var ( AccessLogPath = "logs/access.log" UserList = make(map[string]User, 2) AuthConf Authentication + OidcConf Oidc SSLDefaultStatus = 1 //enable ssl by default ImportSizeLimit = 10 * 1024 * 1024 AllowList []string @@ -126,10 +127,20 @@ type Authentication struct { Users []User } +type Oidc struct { + ExpireTime int `mapstructure:"expire_time" yaml:"expire_time"` + AppName string `mapstructure:"app_name"` + ClientId string `mapstructure:"client_id"` + ClientSecret string `mapstructure:"client_secret"` + Scope string + RedirectUri string `mapstructure:"redirect_uri"` +} + type Config struct { Conf Conf Authentication Authentication Plugins []string + Oidc Oidc } type Security struct { @@ -256,6 +267,9 @@ func setupConfig() { // set authentication initAuthentication(config.Authentication) + //set Oidc + initOidc(config.Oidc) + // set plugin initPlugins(config.Plugins) @@ -283,6 +297,10 @@ func initAuthentication(conf Authentication) { } } +func initOidc(conf Oidc) { + OidcConf = conf +} + func initPlugins(plugins []string) { for _, pluginName := range plugins { Plugins[pluginName] = true diff --git a/api/internal/filter/invalid_request.go b/api/internal/filter/invalid_request.go index 8c1ebc5cc5..442fccd4a4 100644 --- a/api/internal/filter/invalid_request.go +++ b/api/internal/filter/invalid_request.go @@ -34,8 +34,5 @@ func InvalidRequest() gin.HandlerFunc { } func checkURL(url *url.URL) bool { - if strings.Contains(url.Path, "..") { - return false - } - return true + return !strings.Contains(url.Path, "..") } diff --git a/api/internal/handler/data_loader/loader/openapi3/import.go b/api/internal/handler/data_loader/loader/openapi3/import.go index 8ff332a726..e1bcf9dbc1 100644 --- a/api/internal/handler/data_loader/loader/openapi3/import.go +++ b/api/internal/handler/data_loader/loader/openapi3/import.go @@ -75,8 +75,7 @@ func (o Loader) convertToEntities(s *openapi3.Swagger) (*loader.DataSets, error) // create upstream when servers field not empty if len(s.Servers) > 0 { - var upstream entity.Upstream - upstream = entity.Upstream{ + upstream := entity.Upstream{ BaseInfo: entity.BaseInfo{ID: globalUpstreamID}, UpstreamDef: entity.UpstreamDef{ Name: globalUpstreamID,