|
|
|
@ -4,6 +4,7 @@ import (
|
|
|
|
|
"context"
|
|
|
|
|
"crypto/x509"
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"net"
|
|
|
|
|
"net/http"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
@ -55,6 +56,7 @@ type OIDC struct {
|
|
|
|
|
Admins []string `json:"admins,omitempty"`
|
|
|
|
|
Domains []string `json:"domains,omitempty"`
|
|
|
|
|
Groups []string `json:"groups,omitempty"`
|
|
|
|
|
ListenAddress string `json:"listenAddress,omitempty"`
|
|
|
|
|
Claims *Claims `json:"claims,omitempty"`
|
|
|
|
|
configuration openIDConfiguration
|
|
|
|
|
keyStore *keyStore
|
|
|
|
@ -133,6 +135,13 @@ func (o *OIDC) Init(config Config) (err error) {
|
|
|
|
|
return errors.New("configurationEndpoint cannot be empty")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Validate listenAddress if given
|
|
|
|
|
if o.ListenAddress != "" {
|
|
|
|
|
if _, _, err := net.SplitHostPort(o.ListenAddress); err != nil {
|
|
|
|
|
return errors.Wrap(err, "error parsing listenAddress")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Update claims with global ones
|
|
|
|
|
if o.claimer, err = NewClaimer(o.Claims, config.Claims); err != nil {
|
|
|
|
|
return err
|
|
|
|
|