Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add enable flag to oidc function #2672

Merged
merged 1 commit into from
Nov 28, 2022
Merged

feat: add enable flag to oidc function #2672

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/backend-e2e-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
sed -i '/172.16.238.10:2379/a\ - 172.16.238.11:2379' ./api/conf/conf.yaml
sed -i '/172.16.238.10:2379/a\ - 172.16.238.12:2379' ./api/conf/conf.yaml
sed -i 's@0.0.0.0/0:9000@127.0.0.1:9000@' ./api/conf/conf.yaml

sed -i 's/enabled: false/enabled: true/' ./api/conf/conf.yaml

- name: download file Dockerfile-apisix
working-directory: ./api/test/docker
Expand Down
1 change: 1 addition & 0 deletions api/conf/conf.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ authentication:
password: user

oidc:
enabled: false
expire_time: 3600
client_id: dashboard
client_secret: dashboard
Expand Down
5 changes: 4 additions & 1 deletion api/internal/conf/conf.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ const (
WebDir = "html/"

DefaultCSP = "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:"
State = "123456"
State = "123456"
)

var (
Expand All @@ -69,6 +69,7 @@ var (
Plugins = map[string]bool{}
SecurityConf Security
CookieStore = sessions.NewCookieStore([]byte("oidc"))
OidcEnabled = false
OidcId string
OidcConfig oauth2.Config
OidcExpireTime int
Expand Down Expand Up @@ -137,6 +138,7 @@ type Authentication struct {
}

type Oidc struct {
Enabled bool `mapstructure:"enabled"`
ExpireTime int `mapstructure:"expire_time" yaml:"expire_time"`
ClientID string `mapstructure:"client_id"`
ClientSecret string `mapstructure:"client_secret"`
Expand Down Expand Up @@ -309,6 +311,7 @@ func initAuthentication(conf Authentication) {
}

func initOidc(conf Oidc) {
OidcEnabled = conf.Enabled
OidcExpireTime = conf.ExpireTime
OidcConfig.ClientID = conf.ClientID
OidcConfig.ClientSecret = conf.ClientSecret
Expand Down
8 changes: 7 additions & 1 deletion api/internal/route.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,13 @@ func SetUpRouter() *gin.Engine {
r := gin.New()
logger := log.GetLogger(log.AccessLog)
// security
r.Use(filter.RequestLogHandler(logger), filter.IPFilter(), filter.InvalidRequest(), filter.Oidc(), filter.Authentication())
r.Use(filter.RequestLogHandler(logger), filter.IPFilter(), filter.InvalidRequest())

// authenticate
if conf.OidcEnabled {
r.Use(filter.Oidc())
}
r.Use(filter.Authentication())

// misc
r.Use(gzip.Gzip(gzip.DefaultCompression), filter.CORS(), filter.RequestId(), filter.SchemaCheck(), filter.RecoverHandler())
Expand Down