Skip to content

Commit

Permalink
feat: add enable flag to oidc function (#2672)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bzp2010
bzp2010 authored Nov 28, 2022
1 parent 8dcadce commit 1a107ec
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/backend-e2e-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
sed -i '/172.16.238.10:2379/a\ - 172.16.238.11:2379' ./api/conf/conf.yaml
sed -i '/172.16.238.10:2379/a\ - 172.16.238.12:2379' ./api/conf/conf.yaml
sed -i '[email protected]/0:[email protected]:9000@' ./api/conf/conf.yaml
sed -i 's/enabled: false/enabled: true/' ./api/conf/conf.yaml
- name: download file Dockerfile-apisix
working-directory: ./api/test/docker
Expand Down
1 change: 1 addition & 0 deletions api/conf/conf.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ authentication:
password: user

oidc:
enabled: false
expire_time: 3600
client_id: dashboard
client_secret: dashboard
Expand Down
5 changes: 4 additions & 1 deletion api/internal/conf/conf.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ const (
WebDir = "html/"

DefaultCSP = "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:"
State = "123456"
State = "123456"
)

var (
Expand All @@ -69,6 +69,7 @@ var (
Plugins = map[string]bool{}
SecurityConf Security
CookieStore = sessions.NewCookieStore([]byte("oidc"))
OidcEnabled = false
OidcId string
OidcConfig oauth2.Config
OidcExpireTime int
Expand Down Expand Up @@ -137,6 +138,7 @@ type Authentication struct {
}

type Oidc struct {
Enabled bool `mapstructure:"enabled"`
ExpireTime int `mapstructure:"expire_time" yaml:"expire_time"`
ClientID string `mapstructure:"client_id"`
ClientSecret string `mapstructure:"client_secret"`
Expand Down Expand Up @@ -309,6 +311,7 @@ func initAuthentication(conf Authentication) {
}

func initOidc(conf Oidc) {
OidcEnabled = conf.Enabled
OidcExpireTime = conf.ExpireTime
OidcConfig.ClientID = conf.ClientID
OidcConfig.ClientSecret = conf.ClientSecret
Expand Down
8 changes: 7 additions & 1 deletion api/internal/route.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,13 @@ func SetUpRouter() *gin.Engine {
r := gin.New()
logger := log.GetLogger(log.AccessLog)
// security
r.Use(filter.RequestLogHandler(logger), filter.IPFilter(), filter.InvalidRequest(), filter.Oidc(), filter.Authentication())
r.Use(filter.RequestLogHandler(logger), filter.IPFilter(), filter.InvalidRequest())

// authenticate
if conf.OidcEnabled {
r.Use(filter.Oidc())
}
r.Use(filter.Authentication())

// misc
r.Use(gzip.Gzip(gzip.DefaultCompression), filter.CORS(), filter.RequestId(), filter.SchemaCheck(), filter.RecoverHandler())
Expand Down

0 comments on commit 1a107ec

Please sign in to comment.