Skip to content

Commit

Permalink
Add configuration to allow override the IssuerUrl (#197)
Browse files Browse the repository at this point in the history
  • Loading branch information
jrpedrianes authored Aug 4, 2022
1 parent d68742d commit 68ebbb7
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 0 deletions.
1 change: 1 addition & 0 deletions config/development.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ auth:
- label: Auth0 oidc # for internal use; in future may expose as button text
type: oidc # for futureproofing; only oidc is supported today
providerUrl: https://myorg.us.auth0.com/
issuerUrl: "" # needed if the Issuer Url and the Provider Url are different
clientId: xxxxxxxxxxxxxxxxxxxx
clientSecret: xxxxxxxxxxxxxxxxxxxx
scopes:
Expand Down
1 change: 1 addition & 0 deletions docker/config_template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ auth:
- label: {{ default .Env.TEMPORAL_AUTH_LABEL "sso" }}
type: {{ default .Env.TEMPORAL_AUTH_TYPE "oidc" }}
providerUrl: {{ .Env.TEMPORAL_AUTH_PROVIDER_URL }}
issuerUrl: {{ default .Env.TEMPORAL_AUTH_ISSUER_URL "" }}
clientId: {{ .Env.TEMPORAL_AUTH_CLIENT_ID }}
clientSecret: {{ .Env.TEMPORAL_AUTH_CLIENT_SECRET }}
callbackUrl: {{ .Env.TEMPORAL_AUTH_CALLBACK_URL }}
Expand Down
1 change: 1 addition & 0 deletions server/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,7 @@ type (
Label string `yaml:"label"`
Type string `yaml:"type"`
ProviderUrl string `yaml:"providerUrl"`
IssuerUrl string `yaml:"issuerUrl"`
ClientID string `yaml:"clientId"`
ClientSecret string `yaml:"clientSecret"`
Scopes []string `yaml:"scopes"`
Expand Down
3 changes: 3 additions & 0 deletions server/routes/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,9 @@ func SetAuthRoutes(e *echo.Echo, cfgProvider *config.ConfigProviderWithRefresh)

providerCfg := serverCfg.Auth.Providers[0] // only single provider is currently supported

if len(providerCfg.IssuerUrl) > 0 {
ctx = oidc.InsecureIssuerURLContext(ctx, providerCfg.IssuerUrl)
}
provider, err := oidc.NewProvider(ctx, providerCfg.ProviderUrl)
if err != nil {
log.Fatal(err)
Expand Down

0 comments on commit 68ebbb7

Please sign in to comment.