-
Notifications
You must be signed in to change notification settings - Fork 114
/
config.go
34 lines (30 loc) · 1.26 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
package oidc
import (
"github.com/kelseyhightower/envconfig"
)
// Config represents configuration for an public/untrusted OpenID Connect
// client. The API server returns this configuration to clients that request it,
// thereby communicating how to proceed with the authorization code flow.
type Config struct {
// IssuerURL is the issuer URL provided by the OpenID Connect identity
// provider.
IssuerURL string `envconfig:"OIDC_ISSUER_URL" required:"true"`
// Client ID is the client ID provided by the OpenID Connect identity
// provider.
ClientID string `envconfig:"OIDC_CLIENT_ID" required:"true"`
// CLIClientID is the client ID provided by the OpenID Connect identity
// provider for CLI login.
CLIClientID string `envconfig:"OIDC_CLI_CLIENT_ID"`
// Scopes are the scopes to be requested during the authorization code flow.
Scopes []string
// GlobalServiceAccountNamespaces is the list of namespaces to look up
// for shared service accounts.
GlobalServiceAccountNamespaces []string `envconfig:"GLOBAL_SERVICE_ACCOUNT_NAMESPACES"`
}
// ConfigFromEnv returns a Config populated from environment variables.
func ConfigFromEnv() Config {
cfg := Config{}
envconfig.MustProcess("", &cfg)
cfg.Scopes = []string{"openid", "profile", "email", "groups"}
return cfg
}