gitea/opengist
0
0
Fork 0
mirror of https://github.com/thomiceli/opengist.git synced 2025-05-13 15:52:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: add option to name an OIDC provider (#435)

Browse Source
This commit is contained in:
Philipp Eckel 2025-03-17 17:19:48 +01:00 committed by GitHub
parent da0b440360
commit dbdfcd4e85
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config.yml
View File

@ -98,6 +98,7 @@ gitea.url: https://gitea.com/
gitea.name: Gitea gitea.name: Gitea
# To create a new OAuth2 application using OpenID Connect: # To create a new OAuth2 application using OpenID Connect:
oidc.provider-name:
oidc.client-key: oidc.client-key:
oidc.secret: oidc.secret:
# Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration # Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration

1
docs/configuration/cheat-sheet.md
View File

@ -35,6 +35,7 @@ aside: false
| gitea.secret | OG_GITEA_SECRET | none | The secret for the Gitea OAuth application. | | gitea.secret | OG_GITEA_SECRET | none | The secret for the Gitea OAuth application. |
| gitea.url | OG_GITEA_URL | `https://gitea.com/` | The URL of the Gitea instance. | | gitea.url | OG_GITEA_URL | `https://gitea.com/` | The URL of the Gitea instance. |
| gitea.name | OG_GITEA_NAME | `Gitea` | The name of the Gitea instance. It is displayed in the OAuth login button. | | gitea.name | OG_GITEA_NAME | `Gitea` | The name of the Gitea instance. It is displayed in the OAuth login button. |
| oidc.provider-name | OG_OIDC_PROVIDER_NAME | none | The name of the OIDC provider |
| oidc.client-key | OG_OIDC_CLIENT_KEY | none | The client key for the OpenID application. | | oidc.client-key | OG_OIDC_CLIENT_KEY | none | The client key for the OpenID application. |
| oidc.secret | OG_OIDC_SECRET | none | The secret for the OpenID application. | | oidc.secret | OG_OIDC_SECRET | none | The secret for the OpenID application. |
| oidc.discovery-url | OG_OIDC_DISCOVERY_URL | none | Discovery endpoint of the OpenID provider. | | oidc.discovery-url | OG_OIDC_DISCOVERY_URL | none | Discovery endpoint of the OpenID provider. |

2
docs/configuration/oauth-providers.md
View File

@ -63,12 +63,14 @@ Opengist can be configured to use OAuth to authenticate users, with GitHub, Gite
* Set 'Redirect URI' to `http://opengist.url/oauth/openid-connect/callback` * Set 'Redirect URI' to `http://opengist.url/oauth/openid-connect/callback`
* Copy the 'Client ID', 'Client Secret', and the discovery endpoint, and add them to the [configuration](cheat-sheet.md) : * Copy the 'Client ID', 'Client Secret', and the discovery endpoint, and add them to the [configuration](cheat-sheet.md) :
```yaml ```yaml
oidc.provider-name: <provider-name>
oidc.client-key: <key> oidc.client-key: <key>
oidc.secret: <secret> oidc.secret: <secret>
# Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration # Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration
oidc.discovery-url: http://auth.example.com/.well-known/openid-configuration oidc.discovery-url: http://auth.example.com/.well-known/openid-configuration
``` ```
```shell ```shell
OG_OIDC_PROVIDER_NAME=<provider-name>
OG_OIDC_CLIENT_KEY=<key> OG_OIDC_CLIENT_KEY=<key>
OG_OIDC_SECRET=<secret> OG_OIDC_SECRET=<secret>
# Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration # Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration

1
internal/config/config.go
View File

@ -67,6 +67,7 @@ type config struct {
GiteaUrl string `yaml:"gitea.url" env:"OG_GITEA_URL"` GiteaUrl string `yaml:"gitea.url" env:"OG_GITEA_URL"`
GiteaName string `yaml:"gitea.name" env:"OG_GITEA_NAME"` GiteaName string `yaml:"gitea.name" env:"OG_GITEA_NAME"`
OIDCProviderName string `yaml:"oidc.provider-name" env:"OG_OIDC_PROVIDER_NAME"`
OIDCClientKey string `yaml:"oidc.client-key" env:"OG_OIDC_CLIENT_KEY"` OIDCClientKey string `yaml:"oidc.client-key" env:"OG_OIDC_CLIENT_KEY"`
OIDCSecret string `yaml:"oidc.secret" env:"OG_OIDC_SECRET"` OIDCSecret string `yaml:"oidc.secret" env:"OG_OIDC_SECRET"`
OIDCDiscoveryUrl string `yaml:"oidc.discovery-url" env:"OG_OIDC_DISCOVERY_URL"` OIDCDiscoveryUrl string `yaml:"oidc.discovery-url" env:"OG_OIDC_DISCOVERY_URL"`

1
templates/pages/admin_config.html vendored
View File

@ -64,6 +64,7 @@
<dt>Gitea Secret</dt><dd>{{ if .c.GiteaSecret }}&#60;defined&#62;{{ end }}</dd> <dt>Gitea Secret</dt><dd>{{ if .c.GiteaSecret }}&#60;defined&#62;{{ end }}</dd>
<dt>Gitea URL</dt><dd>{{ .c.GiteaUrl }}</dd> <dt>Gitea URL</dt><dd>{{ .c.GiteaUrl }}</dd>
<dt>Gitea Name</dt><dd>{{ .c.GiteaName }}</dd> <dt>Gitea Name</dt><dd>{{ .c.GiteaName }}</dd>
<dt>OIDC Provider name</dt><dd>{{ .c.OIDCProviderName }}</dd>
<dt>OIDC client Key</dt><dd>{{ if .c.OIDCClientKey }}&#60;defined&#62;{{ end }}</dd> <dt>OIDC client Key</dt><dd>{{ if .c.OIDCClientKey }}&#60;defined&#62;{{ end }}</dd>
<dt>OIDC Secret</dt><dd>{{ if .c.OIDCSecret }}&#60;defined&#62;{{ end }}</dd> <dt>OIDC Secret</dt><dd>{{ if .c.OIDCSecret }}&#60;defined&#62;{{ end }}</dd>
<dt>OIDC Discovery URL</dt><dd>{{ if .c.OIDCDiscoveryUrl }}&#60;defined&#62;{{ end }}</dd> <dt>OIDC Discovery URL</dt><dd>{{ if .c.OIDCDiscoveryUrl }}&#60;defined&#62;{{ end }}</dd>

6
templates/pages/auth_form.html vendored
View File

@ -79,7 +79,11 @@
{{ end }} {{ end }}
{{ if .oidcOauth }} {{ if .oidcOauth }}
<a href="{{ $.c.ExternalUrl }}/oauth/openid-connect" class="block w-full mb-2 text-center whitespace-nowrap text-slate-700 dark:text-slate-300{{ if .syncReposFromFS }} text-slate-500 cursor-not-allowed {{ end }}rounded border border-gray-300 dark:border-gray-600 bg-gray-50 dark:bg-gray-800 px-2.5 py-2 text-xs font-medium text-gray-700 dark:text-white shadow-sm hover:bg-gray-100 dark:hover:bg-gray-700 hover:border-gray-500 hover:text-slate-700 dark:hover:text-slate-300 focus:outline-none focus:ring-1 focus:border-primary-500 focus:ring-primary-500 leading-3"> <a href="{{ $.c.ExternalUrl }}/oauth/openid-connect" class="block w-full mb-2 text-center whitespace-nowrap text-slate-700 dark:text-slate-300{{ if .syncReposFromFS }} text-slate-500 cursor-not-allowed {{ end }}rounded border border-gray-300 dark:border-gray-600 bg-gray-50 dark:bg-gray-800 px-2.5 py-2 text-xs font-medium text-gray-700 dark:text-white shadow-sm hover:bg-gray-100 dark:hover:bg-gray-700 hover:border-gray-500 hover:text-slate-700 dark:hover:text-slate-300 focus:outline-none focus:ring-1 focus:border-primary-500 focus:ring-primary-500 leading-3">
Continue with OpenID account {{ if .c.OIDCProviderName }}
Connect with {{ .c.OIDCProviderName }} account
{{ else }}
Continue with OpenID account
{{ end }}
</a> </a>
{{ end }} {{ end }}
</div> </div>