Ajout paramètre pour définir l'acr_value #3
|
@ -6,6 +6,7 @@ import (
|
||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"forge.cadoles.com/wpetit/goweb-oidc/internal/config"
|
||||||
"github.com/coreos/go-oidc"
|
"github.com/coreos/go-oidc"
|
||||||
"github.com/dchest/uniuri"
|
"github.com/dchest/uniuri"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
@ -30,6 +31,7 @@ func (c *Client) Provider() *oidc.Provider {
|
||||||
|
|
||||||
func (c *Client) Login(w http.ResponseWriter, r *http.Request) {
|
func (c *Client) Login(w http.ResponseWriter, r *http.Request) {
|
||||||
ctn := container.Must(r.Context())
|
ctn := container.Must(r.Context())
|
||||||
|
conf := config.Must(ctn)
|
||||||
|
|
||||||
sess, err := session.Must(ctn).Get(w, r)
|
sess, err := session.Must(ctn).Get(w, r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -48,6 +50,10 @@ func (c *Client) Login(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
authCodeOptions := []oauth2.AuthCodeOption{}
|
authCodeOptions := []oauth2.AuthCodeOption{}
|
||||||
authCodeOptions = append(authCodeOptions, oidc.Nonce(nonce))
|
authCodeOptions = append(authCodeOptions, oidc.Nonce(nonce))
|
||||||
|
if conf.OIDC.AcrValues != "" {
|
||||||
|
authCodeOptions = append(authCodeOptions, oauth2.SetAuthURLParam("acr_values", conf.OIDC.AcrValues))
|
||||||
|
}
|
||||||
|
|
||||||
authCodeURL := c.oauth2.AuthCodeURL(
|
authCodeURL := c.oauth2.AuthCodeURL(
|
||||||
state,
|
state,
|
||||||
authCodeOptions...,
|
authCodeOptions...,
|
||||||
|
|
|
@ -14,9 +14,10 @@ services:
|
||||||
- HTTP_ADDRESS=0.0.0.0:3002
|
- HTTP_ADDRESS=0.0.0.0:3002
|
||||||
- OIDC_CLIENT_ID=local-test
|
- OIDC_CLIENT_ID=local-test
|
||||||
- OIDC_CLIENT_SECRET=local-test
|
- OIDC_CLIENT_SECRET=local-test
|
||||||
- OIDC_ISSUER_URL=
|
- OIDC_ISSUER_URL=https://msedev.crous-toulouse.fr/auth/
|
||||||
- OIDC_REDIRECT_URL=http://localhost:3002
|
- OIDC_REDIRECT_URL=http://localhost:3002
|
||||||
- OIDC_POST_LOGOUT_REDIRECT_URL=http://localhost:3002
|
- OIDC_POST_LOGOUT_REDIRECT_URL=http://localhost:3002
|
||||||
|
- OIDC_ACR_VALUES=
|
||||||
ports:
|
ports:
|
||||||
- 3002:3002
|
- 3002:3002
|
||||||
network_mode: host
|
network_mode: host
|
||||||
|
|
|
@ -53,7 +53,8 @@ type OIDCConfig struct {
|
||||||
IssuerURL string `yaml:"issuerUrl" env:"OIDC_ISSUER_URL"`
|
IssuerURL string `yaml:"issuerUrl" env:"OIDC_ISSUER_URL"`
|
||||||
RedirectURL string `yaml:"redirectUrl" env:"OIDC_REDIRECT_URL"`
|
RedirectURL string `yaml:"redirectUrl" env:"OIDC_REDIRECT_URL"`
|
||||||
PostLogoutRedirectURL string `yaml:"postLogoutRedirectURL" env:"OIDC_POST_LOGOUT_REDIRECT_URL"`
|
PostLogoutRedirectURL string `yaml:"postLogoutRedirectURL" env:"OIDC_POST_LOGOUT_REDIRECT_URL"`
|
||||||
InsecureSkipVerify bool `ymal:"insecureSkipVerify" env:"OIDC_INSECURE_SKIP_VERIFY"`
|
InsecureSkipVerify bool `yaml:"insecureSkipVerify" env:"OIDC_INSECURE_SKIP_VERIFY"`
|
||||||
|
AcrValues string `yaml:"acrValues" env:"OIDC_ACR_VALUES"`
|
||||||
wpetit marked this conversation as resolved
Outdated
|
|||||||
}
|
}
|
||||||
|
|
||||||
type LogConfig struct {
|
type LogConfig struct {
|
||||||
|
@ -88,6 +89,7 @@ func NewDefault() *Config {
|
||||||
RedirectURL: "http://localhost:3002/oauth2/callback",
|
RedirectURL: "http://localhost:3002/oauth2/callback",
|
||||||
PostLogoutRedirectURL: "http://localhost:3002",
|
PostLogoutRedirectURL: "http://localhost:3002",
|
||||||
InsecureSkipVerify: false,
|
InsecureSkipVerify: false,
|
||||||
|
AcrValues: "",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Il y a une typo sur le tag
ymal
->yaml
. Sur la ligne précédente aussi d'ailleurs.