(s *models.Settings, secretSet *bool, configuredViaEnv bool, envPreview map[string]string, callbackURL ...string)
| 461 | } |
| 462 | |
| 463 | func oidcSettingsResponse(s *models.Settings, secretSet *bool, configuredViaEnv bool, envPreview map[string]string, callbackURL ...string) map[string]interface{} { |
| 464 | res := map[string]interface{}{ |
| 465 | "configured_via_env": configuredViaEnv, |
| 466 | "env_preview": envPreview, |
| 467 | "oidc_enabled": false, |
| 468 | "oidc_issuer_url": nil, |
| 469 | "oidc_client_id": nil, |
| 470 | "oidc_client_secret_set": false, |
| 471 | "oidc_redirect_uri": nil, |
| 472 | "oidc_scopes": "openid email profile groups", |
| 473 | "oidc_auto_create_users": false, |
| 474 | "oidc_default_role": "user", |
| 475 | "oidc_disable_local_auth": false, |
| 476 | "oidc_button_text": "Login with SSO", |
| 477 | "oidc_sync_roles": false, |
| 478 | "oidc_admin_group": nil, |
| 479 | "oidc_superadmin_group": nil, |
| 480 | "oidc_host_manager_group": nil, |
| 481 | "oidc_readonly_group": nil, |
| 482 | "oidc_user_group": nil, |
| 483 | "oidc_enforce_https": true, |
| 484 | "callback_url": "", |
| 485 | } |
| 486 | if s != nil { |
| 487 | res["oidc_enabled"] = s.OidcEnabled |
| 488 | res["oidc_issuer_url"] = s.OidcIssuerURL |
| 489 | res["oidc_client_id"] = s.OidcClientID |
| 490 | res["oidc_redirect_uri"] = s.OidcRedirectURI |
| 491 | res["oidc_scopes"] = ptrOrDefault(s.OidcScopes, "openid email profile groups") |
| 492 | res["oidc_auto_create_users"] = s.OidcAutoCreateUsers |
| 493 | res["oidc_default_role"] = ptrOrDefault(s.OidcDefaultRole, "user") |
| 494 | res["oidc_disable_local_auth"] = s.OidcDisableLocalAuth |
| 495 | res["oidc_button_text"] = ptrOrDefault(s.OidcButtonText, "Login with SSO") |
| 496 | res["oidc_sync_roles"] = s.OidcSyncRoles |
| 497 | res["oidc_admin_group"] = s.OidcAdminGroup |
| 498 | res["oidc_superadmin_group"] = s.OidcSuperadminGroup |
| 499 | res["oidc_host_manager_group"] = s.OidcHostManagerGroup |
| 500 | res["oidc_readonly_group"] = s.OidcReadonlyGroup |
| 501 | res["oidc_user_group"] = s.OidcUserGroup |
| 502 | res["oidc_enforce_https"] = s.OidcEnforceHTTPS |
| 503 | } |
| 504 | if secretSet != nil { |
| 505 | res["oidc_client_secret_set"] = *secretSet |
| 506 | } |
| 507 | if len(callbackURL) > 0 { |
| 508 | res["callback_url"] = callbackURL[0] |
| 509 | } |
| 510 | return res |
| 511 | } |
| 512 | |
| 513 | func buildOidcCallbackURL(cfg *config.Config, s *models.Settings) string { |
| 514 | base := strings.TrimSuffix(cfg.CORSOrigin, "/") |
no test coverage detected