alexvanin/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Add support for listenAddress parameter if OIDC provisioners.

Browse source 
Fixes smallstep/cli#150
This commit is contained in:
Mariano Cano 2019-09-18 15:24:50 -07:00
parent bcb30f93d1
commit 3527ee6940
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
authority/provisioner/oidc.go
View file

@ -4,6 +4,7 @@ import (
"context" "context"
"crypto/x509" "crypto/x509"
"encoding/json" "encoding/json"
"net"
"net/http" "net/http"
"strings" "strings"
"time" "time"
@ -55,6 +56,7 @@ type OIDC struct {
Admins []string `json:"admins,omitempty"` Admins []string `json:"admins,omitempty"`
Domains []string `json:"domains,omitempty"` Domains []string `json:"domains,omitempty"`
Groups []string `json:"groups,omitempty"` Groups []string `json:"groups,omitempty"`
ListenAddress string `json:"listenAddress,omitempty"`
Claims *Claims `json:"claims,omitempty"` Claims *Claims `json:"claims,omitempty"`
configuration openIDConfiguration configuration openIDConfiguration
keyStore *keyStore keyStore *keyStore
@ -133,6 +135,13 @@ func (o *OIDC) Init(config Config) (err error) {
return errors.New("configurationEndpoint cannot be empty") return errors.New("configurationEndpoint cannot be empty")
} }
// Validate listenAddress if given
if o.ListenAddress != "" {
if _, _, err := net.SplitHostPort(o.ListenAddress); err != nil {
return errors.Wrap(err, "error parsing listenAddress")
}
}
// Update claims with global ones // Update claims with global ones
if o.claimer, err = NewClaimer(o.Claims, config.Claims); err != nil { if o.claimer, err = NewClaimer(o.Claims, config.Claims); err != nil {
return err return err