deblan/PowerDNS-Admin
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

oidc custom claims

Browse source
This commit is contained in:
root 2020-05-04 07:12:48 +00:00
parent 483c767d26
commit 2044ce4737
4 changed files with 51 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
powerdnsadmin/models/setting.py
View file

@ -88,6 +88,10 @@ class Setting(db.Model):
'oidc_oauth_api_url': '', 'oidc_oauth_api_url': '',
'oidc_oauth_token_url': '', 'oidc_oauth_token_url': '',
'oidc_oauth_authorize_url': '', 'oidc_oauth_authorize_url': '',
'oidc_oauth_username': 'preferred_username',
'oidc_oauth_firstname': 'given_name',
'oidc_oauth_last_name': 'family_name ',
'oidc_oauth_email': 'email',
'forward_records_allow_edit': { 'forward_records_allow_edit': {
'A': True, 'A': True,
'AAAA': True, 'AAAA': True,

8
powerdnsadmin/routes/admin.py
View file

@ -811,6 +811,14 @@ def setting_authentication():
request.form.get('oidc_oauth_token_url')) request.form.get('oidc_oauth_token_url'))
Setting().set('oidc_oauth_authorize_url', Setting().set('oidc_oauth_authorize_url',
request.form.get('oidc_oauth_authorize_url')) request.form.get('oidc_oauth_authorize_url'))
Setting().set('oidc_oauth_username',
request.form.get('oidc_oauth_username'))
Setting().set('oidc_oauth_firstname',
request.form.get('oidc_oauth_firstname'))
Setting().set('oidc_oauth_last_name',
request.form.get('oidc_oauth_last_name'))
Setting().set('oidc_oauth_email',
request.form.get('oidc_oauth_email'))
result = { result = {
'status': True, 'status': True,
'msg': 'msg':

8
powerdnsadmin/routes/index.py
View file

@ -285,10 +285,10 @@ def login():
if 'oidc_token' in session: if 'oidc_token' in session:
me = json.loads(oidc.get('userinfo').text) me = json.loads(oidc.get('userinfo').text)
oidc_username = me["preferred_username"] oidc_username = me[Setting().get('oidc_oauth_username')]
oidc_givenname = me["name"] oidc_givenname = me[Setting().get('oidc_oauth_firstname')]
oidc_familyname = "" oidc_familyname = me[Setting().get('oidc_oauth_last_name')]
oidc_email = me["email"] oidc_email = me[Setting().get('oidc_oauth_email')]
user = User.query.filter_by(username=oidc_username).first() user = User.query.filter_by(username=oidc_username).first()
if not user: if not user:

35
powerdnsadmin/templates/admin_setting_authentication.html
View file

@ -526,6 +526,29 @@
<span class="help-block with-errors"></span> <span class="help-block with-errors"></span>
</div> </div>
</fieldset> </fieldset>
<fieldset>
<legend>CLAIMS</legend>
<div class="form-group">
<label for="oidc_oauth_username">Username</label>
<input type="text" class="form-control" name="oidc_oauth_username" id="oidc_oauth_username" placeholder="e.g. preferred_username" data-error="Please input Username claim" value="{{ SETTING.get('oidc_oauth_username') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_firstname">First Name</label>
<input type="text" class="form-control" name="oidc_oauth_firstname" id="oidc_oauth_firstname" placeholder="e.g. given_name" data-error="Please input First Name claim" value="{{ SETTING.get('oidc_oauth_firstname') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_last_name">Last Name</label>
<input type="text" class="form-control" name="oidc_oauth_last_name" id="oidc_oauth_last_name" placeholder="e.g. family_name" data-error="Please input Last Name claim" value="{{ SETTING.get('oidc_oauth_last_name') }}">
<span class="help-block with-errors"></span>
</div>
<div class="form-group">
<label for="oidc_oauth_email">Email</label>
<input type="text" class="form-control" name="oidc_oauth_email" id="oidc_oauth_email" placeholder="e.g. email" data-error="Plesae input Email claim" value="{{ SETTING.get('oidc_oauth_email') }}">
<span class="help-block with-errors"></span>
</div>
</fieldset>
<div class="form-group"> <div class="form-group">
<button type="submit" class="btn btn-flat btn-primary">Save</button> <button type="submit" class="btn btn-flat btn-primary">Save</button>
</div> </div>
@ -792,6 +815,10 @@
$('#oidc_oauth_api_url').prop('required', true); $('#oidc_oauth_api_url').prop('required', true);
$('#oidc_oauth_token_url').prop('required', true); $('#oidc_oauth_token_url').prop('required', true);
$('#oidc_oauth_authorize_url').prop('required', true); $('#oidc_oauth_authorize_url').prop('required', true);
$('#oidc_oauth_username').prop('required', true);
$('#oidc_oauth_firstname').prop('required', true);
$('#oidc_oauth_last_name').prop('required', true);
$('#oidc_oauth_email').prop('required', true);
} else { } else {
$('#oidc_oauth_key').prop('required', false); $('#oidc_oauth_key').prop('required', false);
$('#oidc_oauth_secret').prop('required', false); $('#oidc_oauth_secret').prop('required', false);
@ -799,6 +826,10 @@
$('#oidc_oauth_api_url').prop('required', false); $('#oidc_oauth_api_url').prop('required', false);
$('#oidc_oauth_token_url').prop('required', false); $('#oidc_oauth_token_url').prop('required', false);
$('#oidc_oauth_authorize_url').prop('required', false); $('#oidc_oauth_authorize_url').prop('required', false);
$('#oidc_oauth_username').prop('required', false);
$('#oidc_oauth_firstname').prop('required', false);
$('#oidc_oauth_last_name').prop('required', false);
$('#oidc_oauth_email').prop('required', false);
} }
}); });
// init validation requirement at first time page load // init validation requirement at first time page load
@ -809,6 +840,10 @@
$('#oidc_oauth_api_url').prop('required', true); $('#oidc_oauth_api_url').prop('required', true);
$('#oidc_oauth_token_url').prop('required', true); $('#oidc_oauth_token_url').prop('required', true);
$('#oidc_oauth_authorize_url').prop('required', true); $('#oidc_oauth_authorize_url').prop('required', true);
$('#oidc_oauth_username').prop('required', true);
$('#oidc_oauth_firstname').prop('required', true);
$('#oidc_oauth_last_name').prop('required', true);
$('#oidc_oauth_email').prop('required', true);
{% endif %} {% endif %}
//END: OIDC Tab JS //END: OIDC Tab JS