Skip to content

Commit

Permalink
auth: Add client_secret setting
Browse files Browse the repository at this point in the history
  • Loading branch information
@Sergey-Kitov
Sergey-Kitov committed Mar 7, 2019
1 parent 7be8af8 commit 06c4d34
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
5 changes: 5 additions & 0 deletions src/auth/db-oauth2.c
View file
Expand Up @@ -43,6 +43,8 @@ struct passdb_oauth2_settings {
const char *active_value;
/* client identificator for oauth2 server */
const char *client_id;
/* not really used, but have to present by oauth2 specs */
const char *client_secret;
/* template to expand into passdb */
const char *pass_attrs;

Expand Down Expand Up @@ -110,6 +112,7 @@ static struct setting_def setting_defs[] = {
DEF_STR(active_attribute),
DEF_STR(active_value),
DEF_STR(client_id),
DEF_STR(client_secret),
DEF_INT(timeout_msecs),
DEF_INT(max_idle_time_msecs),
DEF_INT(max_parallel_connections),
Expand Down Expand Up @@ -143,6 +146,7 @@ static struct passdb_oauth2_settings default_oauth2_settings = {
.active_attribute = "",
.active_value = "",
.client_id = "",
.client_secret = "",
.pass_attrs = "",
.rawlog_dir = "",
.timeout_msecs = 0,
Expand Down Expand Up @@ -235,6 +239,7 @@ struct db_oauth2 *db_oauth2_init(const char *config_path)
db->oauth2_set.grant_url = db->set.grant_url,
db->oauth2_set.introspection_url = db->set.introspection_url;
db->oauth2_set.client_id = db->set.client_id;
db->oauth2_set.client_secret = db->set.client_secret;
db->oauth2_set.timeout_msecs = db->set.timeout_msecs;
db->oauth2_set.send_auth_headers = db->set.send_auth_headers;
db->oauth2_set.use_grant_password = db->set.use_grant_password;
Expand Down
4 changes: 4 additions & 0 deletions src/lib-oauth2/oauth2-passwd-grant.c
View file
Expand Up @@ -118,6 +118,10 @@ oauth2_passwd_grant_start(const struct oauth2_settings *set,
http_url_escape_param(payload, password);
str_append(payload, "&client_id=");
http_url_escape_param(payload, req->set->client_id);
if (*req->set->client_secret != '\0') {
str_append(payload, "&client_secret=");
http_url_escape_param(payload, req->set->client_secret);
}
http_client_request_add_header(req->req, "Content-Type",
"application/x-www-form-urlencoded");
http_client_request_set_payload_data(req->req, payload->data, payload->used);
Expand Down

0 comments on commit 06c4d34

Please sign in to comment.