Skip to content
Snippets Groups Projects
Unverified Commit 63304f86 authored by Ahmad Farhat's avatar Ahmad Farhat Committed by GitHub
Browse files

Attempt to fix issue with external accounts (#5247)

parent 3dbec0ae
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
config/initializers/omniauth.rb
+ 9
3
View file @ 63304f86
...@@ -23,18 +23,24 @@ Rails.application.config.middleware.use OmniAuth::Builder do ...@@ -23,18 +23,24 @@ Rails.application.config.middleware.use OmniAuth::Builder do
if lb.present? if lb.present?
provider :openid_connect, setup: lambda { |env| provider :openid_connect, setup: lambda { |env|
request = Rack::Request.new(env) request = Rack::Request.new(env)
current_provider = request.params['current_provider'] current_provider = request.params['current_provider'] || request.url&.split('.')&.first
secret = Tenant.find_by(name: current_provider)&.client_secret secret = Tenant.find_by(name: current_provider)&.client_secret
issuer_url = File.join issuer.to_s, "/#{current_provider}"
env['omniauth.strategy'].options[:issuer] = File.join issuer.to_s, "/#{current_provider}" env['omniauth.strategy'].options[:issuer] = issuer_url
env['omniauth.strategy'].options[:scope] = %i[openid email profile] env['omniauth.strategy'].options[:scope] = %i[openid email profile]
env['omniauth.strategy'].options[:uid_field] = ENV.fetch('OPENID_CONNECT_UID_FIELD', 'preferred_username') env['omniauth.strategy'].options[:uid_field] = ENV.fetch('OPENID_CONNECT_UID_FIELD', 'preferred_username')
env['omniauth.strategy'].options[:discovery] = true env['omniauth.strategy'].options[:discovery] = true
env['omniauth.strategy'].options[:client_options].identifier = ENV.fetch('OPENID_CONNECT_CLIENT_ID') env['omniauth.strategy'].options[:client_options].identifier = ENV.fetch('OPENID_CONNECT_CLIENT_ID')
env['omniauth.strategy'].options[:client_options].secret = secret env['omniauth.strategy'].options[:client_options].secret = secret
env['omniauth.strategy'].options[:client_options].redirect_uri = File.join( env['omniauth.strategy'].options[:client_options].redirect_uri = File.join(
ENV.fetch('OPENID_CONNECT_REDIRECT', ''), 'auth', 'openid_connect', 'callback' File.join('https://', "#{current_provider}.#{ENV.fetch('OPENID_CONNECT_REDIRECT', '')}", 'auth', 'openid_connect', 'callback')
) )
env['omniauth.strategy'].options[:client_options].authorization_endpoint = File.join(issuer_url, 'protocol', 'openid-connect', 'auth')
env['omniauth.strategy'].options[:client_options].token_endpoint = File.join(issuer_url, 'protocol', 'openid-connect', 'token')
env['omniauth.strategy'].options[:client_options].userinfo_endpoint = File.join(issuer_url, 'protocol', 'openid-connect', 'userinfo')
env['omniauth.strategy'].options[:client_options].jwks_uri = File.join(issuer_url, 'protocol', 'openid-connect', 'certs')
env['omniauth.strategy'].options[:client_options].end_session_endpoint = File.join(issuer_url, 'protocol', 'openid-connect', 'logout')
} }
elsif issuer.present? elsif issuer.present?
provider :openid_connect, provider :openid_connect,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum Datenschutzerklärung