Move Oauth configs to the database
This commit is contained in:
marcos
@@ -7,8 +7,6 @@ import (
|
||||
"github.com/gorilla/securecookie"
|
||||
|
||||
"golang.org/x/oauth2"
|
||||
oauth2FB "golang.org/x/oauth2/facebook"
|
||||
oauth2Github "golang.org/x/oauth2/github"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -29,18 +27,16 @@ var UseLetsEncrypt, ExternalDindVolume, NoWindows bool
|
||||
var LetsEncryptCertsDir string
|
||||
var MaxLoadAvg float64
|
||||
var ForceTLS bool
|
||||
var Providers map[string]*oauth2.Config
|
||||
var SecureCookie *securecookie.SecureCookie
|
||||
var AdminToken string
|
||||
|
||||
var GithubClientID, GithubClientSecret string
|
||||
var FacebookClientID, FacebookClientSecret string
|
||||
var DockerClientID, DockerClientSecret string
|
||||
|
||||
var PlaygroundDomain string
|
||||
|
||||
var SegmentId string
|
||||
|
||||
// TODO move this to a sync map so it can be updated on demand when the configuration for a playground changes
|
||||
var Providers = map[string]map[string]*oauth2.Config{}
|
||||
|
||||
func ParseFlags() {
|
||||
flag.StringVar(&LetsEncryptCertsDir, "letsencrypt-certs-dir", "/certs", "Path where let's encrypt certs will be stored")
|
||||
flag.BoolVar(&UseLetsEncrypt, "letsencrypt-enable", false, "Enabled let's encrypt tls certificates")
|
||||
@@ -64,15 +60,6 @@ func ParseFlags() {
|
||||
flag.StringVar(&DefaultDinDImage, "default-dind-image", "franela/dind", "Default DinD image to use if not specified otherwise")
|
||||
flag.StringVar(&DefaultSessionDuration, "default-session-duration", "4h", "Default session duration if not specified otherwise")
|
||||
|
||||
flag.StringVar(&GithubClientID, "oauth-github-client-id", "", "Github OAuth Client ID")
|
||||
flag.StringVar(&GithubClientSecret, "oauth-github-client-secret", "", "Github OAuth Client Secret")
|
||||
|
||||
flag.StringVar(&FacebookClientID, "oauth-facebook-client-id", "", "Facebook OAuth Client ID")
|
||||
flag.StringVar(&FacebookClientSecret, "oauth-facebook-client-secret", "", "Facebook OAuth Client Secret")
|
||||
|
||||
flag.StringVar(&DockerClientID, "oauth-docker-client-id", "", "Docker OAuth Client ID")
|
||||
flag.StringVar(&DockerClientSecret, "oauth-docker-client-secret", "", "Docker OAuth Client Secret")
|
||||
|
||||
flag.StringVar(&PlaygroundDomain, "playground-domain", "localhost", "Domain to use for the playground")
|
||||
flag.StringVar(&AdminToken, "admin-token", "", "Token to validate admin user for admin endpoints")
|
||||
|
||||
@@ -82,43 +69,4 @@ func ParseFlags() {
|
||||
|
||||
SecureCookie = securecookie.New([]byte(CookieHashKey), []byte(CookieBlockKey))
|
||||
|
||||
registerOAuthProviders()
|
||||
}
|
||||
|
||||
func registerOAuthProviders() {
|
||||
Providers = map[string]*oauth2.Config{}
|
||||
if GithubClientID != "" && GithubClientSecret != "" {
|
||||
conf := &oauth2.Config{
|
||||
ClientID: GithubClientID,
|
||||
ClientSecret: GithubClientSecret,
|
||||
Scopes: []string{"user:email"},
|
||||
Endpoint: oauth2Github.Endpoint,
|
||||
}
|
||||
|
||||
Providers["github"] = conf
|
||||
}
|
||||
if FacebookClientID != "" && FacebookClientSecret != "" {
|
||||
conf := &oauth2.Config{
|
||||
ClientID: FacebookClientID,
|
||||
ClientSecret: FacebookClientSecret,
|
||||
Scopes: []string{"email", "public_profile"},
|
||||
Endpoint: oauth2FB.Endpoint,
|
||||
}
|
||||
|
||||
Providers["facebook"] = conf
|
||||
}
|
||||
if DockerClientID != "" && DockerClientSecret != "" {
|
||||
oauth2.RegisterBrokenAuthHeaderProvider(".id.docker.com")
|
||||
conf := &oauth2.Config{
|
||||
ClientID: DockerClientID,
|
||||
ClientSecret: DockerClientSecret,
|
||||
Scopes: []string{"openid"},
|
||||
Endpoint: oauth2.Endpoint{
|
||||
AuthURL: "https://id.docker.com/id/oauth/authorize/",
|
||||
TokenURL: "https://id.docker.com/id/oauth/token",
|
||||
},
|
||||
}
|
||||
|
||||
Providers["docker"] = conf
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user