francescoalbano/tripweb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐛 Generic OIDC authentication

Browse Source
This commit is contained in:
itskovacs 2025-07-24 18:55:18 +02:00
parent 9ab27e78b9
commit aaf4a2cc6b
3 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backend/trip/config.py
View File

@ -19,10 +19,8 @@ class Settings(BaseSettings):
REGISTER_ENABLE: bool = True REGISTER_ENABLE: bool = True
OIDC_DISCOVERY_URL: str = "" OIDC_DISCOVERY_URL: str = ""
OIDC_PROTOCOL: str = "https"
OIDC_CLIENT_ID: str = "" OIDC_CLIENT_ID: str = ""
OIDC_CLIENT_SECRET: str = "" OIDC_CLIENT_SECRET: str = ""
OIDC_HOST: str = ""
OIDC_REDIRECT_URI: str = "" OIDC_REDIRECT_URI: str = ""
class Config: class Config:

4
backend/trip/routers/auth.py
View File

@ -16,7 +16,7 @@ router = APIRouter(prefix="/api/auth", tags=["auth"])
async def auth_params() -> AuthParams: async def auth_params() -> AuthParams:
data = {"oidc": None, "register_enabled": settings.REGISTER_ENABLE} data = {"oidc": None, "register_enabled": settings.REGISTER_ENABLE}
if settings.OIDC_HOST and settings.OIDC_CLIENT_ID and settings.OIDC_CLIENT_SECRET: if settings.OIDC_CLIENT_ID and settings.OIDC_CLIENT_SECRET:
oidc_config = await get_oidc_config() oidc_config = await get_oidc_config()
auth_endpoint = oidc_config.get("authorization_endpoint") auth_endpoint = oidc_config.get("authorization_endpoint")
data["oidc"] = ( data["oidc"] = (
@ -28,7 +28,7 @@ async def auth_params() -> AuthParams:
@router.post("/oidc/login", response_model=Token) @router.post("/oidc/login", response_model=Token)
async def oidc_login(session: SessionDep, code: str = Body(..., embed=True)) -> Token: async def oidc_login(session: SessionDep, code: str = Body(..., embed=True)) -> Token:
if not (settings.OIDC_HOST or settings.OIDC_CLIENT_ID or settings.OIDC_CLIENT_SECRET): if not (settings.OIDC_CLIENT_ID or settings.OIDC_CLIENT_SECRET):
raise HTTPException(status_code=400, detail="Partial OIDC config") raise HTTPException(status_code=400, detail="Partial OIDC config")
oidc_config = await get_oidc_config() oidc_config = await get_oidc_config()

6
backend/trip/security.py
View File

@ -71,9 +71,9 @@ async def get_oidc_config():
if OIDC_CONFIG: if OIDC_CONFIG:
return OIDC_CONFIG return OIDC_CONFIG
discovery_url = f"{settings.OIDC_PROTOCOL}://{settings.OIDC_HOST}/.well-known/openid-configuration" discovery_url = settings.OIDC_DISCOVERY_URL
if settings.OIDC_DISCOVERY_URL: if not discovery_url:
discovery_url = settings.OIDC_DISCOVERY_URL raise HTTPException(status_code=500, detail="OIDC_DISCOVERY_URL not configured")
OIDC_CONFIG = await httpx_get(discovery_url) OIDC_CONFIG = await httpx_get(discovery_url)
return OIDC_CONFIG return OIDC_CONFIG