habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

providers/app_gw: fix Issuer URL being incorrect, fix incorrect length cookie secret

Browse Source
This commit is contained in:
Jens Langhammer
2020-07-25 21:34:14 +02:00
parent 738ced3327
commit 9c1a824dc4
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
passbook/providers/app_gw/models.py
View File

@ -6,6 +6,7 @@ from typing import Optional, Type
from django.db import models from django.db import models
from django.forms import ModelForm from django.forms import ModelForm
from django.http import HttpRequest from django.http import HttpRequest
from django.shortcuts import reverse
from django.utils.translation import gettext as _ from django.utils.translation import gettext as _
from oidc_provider.models import Client from oidc_provider.models import Client
@ -35,9 +36,17 @@ class ApplicationGatewayProvider(Provider):
SystemRandom().choice(string.ascii_uppercase + string.digits) SystemRandom().choice(string.ascii_uppercase + string.digits)
for _ in range(50) for _ in range(50)
) )
full_issuer_user = request.build_absolute_uri(
reverse("passbook_providers_oidc:authorize")
)
return render_to_string( return render_to_string(
"app_gw/setup_modal.html", "app_gw/setup_modal.html",
{"provider": self, "cookie_secret": cookie_secret, "version": __version__}, {
"provider": self,
"cookie_secret": cookie_secret,
"version": __version__,
"full_issuer_user": full_issuer_user,
},
) )
def __str__(self): def __str__(self):

2
passbook/providers/app_gw/templates/app_gw/docker-compose.yml
View File

@ -9,6 +9,6 @@ services:
OAUTH2_PROXY_CLIENT_ID: {{ provider.client.client_id }} OAUTH2_PROXY_CLIENT_ID: {{ provider.client.client_id }}
OAUTH2_PROXY_CLIENT_SECRET: {{ provider.client.client_secret }} OAUTH2_PROXY_CLIENT_SECRET: {{ provider.client.client_secret }}
OAUTH2_PROXY_REDIRECT_URL: https://{{ provider.external_host }}/oauth2/callback OAUTH2_PROXY_REDIRECT_URL: https://{{ provider.external_host }}/oauth2/callback
OAUTH2_PROXY_OIDC_ISSUER_URL: https://{{ request.META.HTTP_HOST }}/application/oidc OAUTH2_PROXY_OIDC_ISSUER_URL: {{ full_issuer_user }}
OAUTH2_PROXY_COOKIE_SECRET: {{ cookie_secret }} OAUTH2_PROXY_COOKIE_SECRET: {{ cookie_secret }}
OAUTH2_PROXY_UPSTREAMS: http://{{ provider.internal_host }} OAUTH2_PROXY_UPSTREAMS: http://{{ provider.internal_host }}

2
passbook/providers/app_gw/views.py
View File

@ -18,7 +18,7 @@ LOGGER = get_logger()
def get_cookie_secret(): def get_cookie_secret():
"""Generate random 50-character string for cookie-secret""" """Generate random 50-character string for cookie-secret"""
return "".join( return "".join(
SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(50) SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(32)
) )