Possibility to configure an OpenID Connect provider on the instance level WIP (#128).

This commit is contained in:
John Livingston
2024-04-15 18:29:09 +02:00
parent c1e877cb44
commit 514cc1d159
14 changed files with 388 additions and 12 deletions

View File

@ -3,6 +3,7 @@ import type { ConverseJSTheme } from '../../shared/lib/types'
import { ensureProsodyRunning } from './prosody/ctl'
import { RoomChannel } from './room-channel'
import { BotsCtl } from './bots/ctl'
import { ExternalAuthOIDC } from './external-auth/oidc'
import { loc } from './loc'
type AvatarSet = 'sepia' | 'cat' | 'bird' | 'fenec' | 'abstract' | 'legacy'
@ -13,11 +14,14 @@ async function initSettings (options: RegisterServerOptions): Promise<void> {
initImportantNotesSettings(options)
initChatSettings(options)
initFederationSettings(options)
initExternalAuth(options)
initAdvancedChannelCustomizationSettings(options)
initChatBehaviourSettings(options)
initThemingSettings(options)
initChatServerAdvancedSettings(options)
await ExternalAuthOIDC.initSingleton(options)
let currentProsodyRoomtype = (await settingsManager.getSettings(['prosody-room-type']))['prosody-room-type']
// ********** settings changes management
@ -27,6 +31,8 @@ async function initSettings (options: RegisterServerOptions): Promise<void> {
await BotsCtl.destroySingleton()
await BotsCtl.initSingleton(options)
await ExternalAuthOIDC.initSingleton(options)
peertubeHelpers.logger.info('Saving settings, ensuring prosody is running')
await ensureProsodyRunning(options)
@ -135,6 +141,77 @@ function initFederationSettings ({ registerSetting }: RegisterServerOptions): vo
})
}
/**
* Registers settings related to the "External Authentication" section.
* @param param0 server options
*/
function initExternalAuth ({ registerSetting }: RegisterServerOptions): void {
registerSetting({
type: 'html',
private: true,
descriptionHTML: loc('external_auth_description')
})
registerSetting({
name: 'external-auth-custom-oidc',
label: loc('external_auth_custom_oidc_label'),
descriptionHTML: loc('external_auth_custom_oidc_description'),
type: 'input-checkbox',
default: false,
private: true
})
registerSetting({
name: 'external-auth-custom-oidc-button-label',
label: loc('external_auth_custom_oidc_button_label_label'),
descriptionHTML: loc('external_auth_custom_oidc_button_label_description'),
type: 'input',
default: '',
private: true
})
registerSetting({
name: 'external-auth-custom-oidc-discovery-url',
label: loc('external_auth_custom_oidc_discovery_url_label'),
// descriptionHTML: loc('external_auth_custom_oidc_discovery_url_description'),
type: 'input',
private: true
})
registerSetting({
name: 'external-auth-custom-oidc-client-id',
label: loc('external_auth_custom_oidc_client_id_label'),
// descriptionHTML: loc('external_auth_custom_oidc_client_id_description'),
type: 'input',
private: true
})
registerSetting({
name: 'external-auth-custom-oidc-client-secret',
label: loc('external_auth_custom_oidc_client_secret_label'),
// descriptionHTML: loc('external_auth_custom_oidc_client_secret_description'),
type: 'input-password',
private: true
})
// registerSetting({
// name: 'external-auth-custom-oidc-scope',
// label: loc('external_auth_custom_oidc_scope_label'),
// descriptionHTML: loc('external_auth_custom_oidc_scope_description'),
// type: 'input',
// private: true,
// default: 'openid profile'
// })
// registerSetting({
// name: 'username-property',
// label: 'Username property',
// type: 'input',
// private: true,
// default: 'preferred_username'
// })
// registerSetting({
// name: 'display-name-property',
// label: 'Display name property',
// type: 'input',
// private: true
// })
}
/**
* Registers settings related to the "Advanced channel customization" section.
* @param param0 server options