Skip to content

Commit

Permalink
Merge pull request PowerDNS-Admin#1436 from PowerDNS-Admin/1435-featu…
Browse files Browse the repository at this point in the history 
…re-add-oauth-setting-for-server-metadata-url

Feature: Add OAuth Setting for Server Metadata URL
  • Loading branch information
@AzorianMatt
AzorianMatt authored Mar 12, 2023
2 parents 7ce1f09 + 1afe9b4 commit f09d37a
Show file tree
Hide file tree
Showing 6 changed files with 57 additions and 24 deletions.
3 changes: 3 additions & 0 deletions powerdnsadmin/models/setting.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,13 +73,15 @@ class Setting(db.Model):
'github_oauth_authorize_url':
'https://github.com/login/oauth/authorize',
'github_oauth_jwks_url': '',
'github_oauth_metadata_url': '',
'google_oauth_enabled': False,
'google_oauth_client_id': '',
'google_oauth_client_secret': '',
'google_token_url': 'https://oauth2.googleapis.com/token',
'google_oauth_scope': 'openid email profile',
'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
'google_oauth_jwks_url': '',
'google_oauth_metadata_url': '',
'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
'azure_oauth_enabled': False,
'azure_oauth_key': '',
Expand All @@ -91,6 +93,7 @@ class Setting(db.Model):
'azure_oauth_authorize_url':
'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize',
'azure_oauth_jwks_url': '',
'azure_oauth_metadata_url': '',
'azure_sg_enabled': False,
'azure_admin_group': '',
'azure_operator_group': '',
Expand Down
10 changes: 8 additions & 2 deletions powerdnsadmin/routes/admin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1636,6 +1636,8 @@ def setting_authentication():
request.form.get('google_oauth_client_id'))
Setting().set('google_oauth_client_secret',
request.form.get('google_oauth_client_secret'))
Setting().set('google_oauth_metadata_url',
request.form.get('google_oauth_metadata_url'))
Setting().set('google_token_url',
request.form.get('google_token_url'))
Setting().set('google_oauth_scope',
Expand Down Expand Up @@ -1671,6 +1673,8 @@ def setting_authentication():
request.form.get('github_oauth_scope'))
Setting().set('github_oauth_api_url',
request.form.get('github_oauth_api_url'))
Setting().set('github_oauth_metadata_url',
request.form.get('github_oauth_metadata_url'))
Setting().set('github_oauth_token_url',
request.form.get('github_oauth_token_url'))
Setting().set('github_oauth_authorize_url',
Expand Down Expand Up @@ -1702,6 +1706,8 @@ def setting_authentication():
request.form.get('azure_oauth_scope'))
Setting().set('azure_oauth_api_url',
request.form.get('azure_oauth_api_url'))
Setting().set('azure_oauth_metadata_url',
request.form.get('azure_oauth_metadata_url'))
Setting().set('azure_oauth_token_url',
request.form.get('azure_oauth_token_url'))
Setting().set('azure_oauth_authorize_url',
Expand Down Expand Up @@ -1755,14 +1761,14 @@ def setting_authentication():
request.form.get('oidc_oauth_scope'))
Setting().set('oidc_oauth_api_url',
request.form.get('oidc_oauth_api_url'))
Setting().set('oidc_oauth_metadata_url',
request.form.get('oidc_oauth_metadata_url'))
Setting().set('oidc_oauth_token_url',
request.form.get('oidc_oauth_token_url'))
Setting().set('oidc_oauth_authorize_url',
request.form.get('oidc_oauth_authorize_url'))
Setting().set('oidc_oauth_jwks_url',
request.form.get('oidc_oauth_jwks_url'))
Setting().set('oidc_oauth_metadata_url',
request.form.get('oidc_oauth_metadata_url'))
Setting().set('oidc_oauth_logout_url',
request.form.get('oidc_oauth_logout_url'))
Setting().set('oidc_oauth_username',
Expand Down
1 change: 1 addition & 0 deletions powerdnsadmin/services/azure.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def update_token(token):
access_token_url=Setting().get('azure_oauth_token_url'),
authorize_url=Setting().get('azure_oauth_authorize_url'),
jwks_url=Setting().get('azure_oauth_jwks_url'),
server_metadata_url=Setting().get('azure_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('azure_oauth_scope')},
fetch_token=fetch_azure_token,
)
Expand Down
1 change: 1 addition & 0 deletions powerdnsadmin/services/github.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ def update_token(token):
access_token_url=Setting().get('github_oauth_token_url'),
authorize_url=Setting().get('github_oauth_authorize_url'),
jwks_url=Setting().get('github_oauth_jwks_url'),
server_metadata_url=Setting().get('github_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('github_oauth_scope')},
fetch_token=fetch_github_token,
update_token=update_token)
Expand Down
1 change: 1 addition & 0 deletions powerdnsadmin/services/google.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def update_token(token):
access_token_url=Setting().get('google_token_url'),
authorize_url=Setting().get('google_authorize_url'),
jwks_url=Setting().get('google_oauth_jwks_url'),
server_metadata_url=Setting().get('google_oauth_metadata_url'),
client_kwargs={'scope': Setting().get('google_oauth_scope')},
fetch_token=fetch_google_token,
update_token=update_token)
Expand Down
65 changes: 43 additions & 22 deletions powerdnsadmin/templates/admin_setting_authentication.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -630,9 +630,16 @@ <h3 class="card-title">Google OAuth Settings</h3>
value="{{ SETTING.get('google_oauth_client_secret') }}">
<span class="help-block with-errors"></span>
</div>
</fieldset>
<fieldset>
<legend>ADVANCE</legend>
<div class="form-group">
<label for="google_oauth_metadata_url">Metadata URL</label>
<input type="text" class="form-control"
name="google_oauth_metadata_url"
id="google_oauth_metadata_url"
placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
data-error="Please input Metadata URL"
value="{{ SETTING.get('google_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="google_token_url">Token URL</label>
<input type="text" class="form-control"
Expand Down Expand Up @@ -761,9 +768,6 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
value="{{ SETTING.get('github_oauth_secret') }}">
<span class="help-block with-errors"></span>
</div>
</fieldset>
<fieldset>
<legend>ADVANCE</legend>
<div class="form-group">
<label for="github_oauth_scope">Scope</label>
<input type="text" class="form-control"
Expand All @@ -784,6 +788,16 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
value="{{ SETTING.get('github_oauth_api_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="github_oauth_metadata_url">Metadata URL</label>
<input type="text" class="form-control"
name="github_oauth_metadata_url"
id="github_oauth_metadata_url"
placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
data-error="Please input Metadata URL"
value="{{ SETTING.get('github_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="github_oauth_token_url">Token
URL</label>
Expand Down Expand Up @@ -893,9 +907,6 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
value="{{ SETTING.get('azure_oauth_secret') }}">
<span class="help-block with-errors"></span>
</div>
</fieldset>
<fieldset>
<legend>ADVANCED</legend>
<div class="form-group">
<label for="azure_oauth_scope">Scope</label>
<input type="text" class="form-control"
Expand All @@ -916,6 +927,16 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
value="{{ SETTING.get('azure_oauth_api_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="azure_oauth_metadata_url">Metadata URL</label>
<input type="text" class="form-control"
name="azure_oauth_metadata_url"
id="azure_oauth_metadata_url"
placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
data-error="Please input Metadata URL"
value="{{ SETTING.get('azure_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="azure_oauth_token_url">Token URL</label>
<input type="text" class="form-control"
Expand Down Expand Up @@ -1222,6 +1243,17 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
value="{{ SETTING.get('oidc_oauth_api_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_metadata_url">Metadata
URL</label>
<input type="text" class="form-control"
name="oidc_oauth_metadata_url"
id="oidc_oauth_metadata_url"
placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
data-error="Please input Metadata URL"
value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_token_url">Token URL</label>
<input type="text" class="form-control"
Expand Down Expand Up @@ -1254,17 +1286,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
value="{{ SETTING.get('oidc_oauth_jwks_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_metadata_url">Metadata
URL</label>
<input type="text" class="form-control"
name="oidc_oauth_metadata_url"
id="oidc_oauth_metadata_url"
placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
data-error="Please input Metadata URL"
value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_logout_url">Logout
URL</label>
Expand All @@ -1278,7 +1299,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
</div>
</fieldset>
<fieldset>
<legend>CLAIMS</legend>
<legend>Claims</legend>
<div class="form-group">
<label for="oidc_oauth_username">Username</label>
<input type="text" class="form-control"
Expand Down Expand Up @@ -1320,7 +1341,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
</div>
</fieldset>
<fieldset>
<legend>ADVANCE</legend>
<legend>Advanced</legend>
<div class="form-group">
<label for="oidc_oauth_account_name_property">Autoprovision
Account Name property</label>
Expand Down

0 comments on commit f09d37a

Please sign in to comment.