mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-05-05 06:37:10 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Updated security schemes.

Browse source
This commit is contained in:
SamTV12345 2024-03-25 23:03:20 +01:00
parent 85bb520355
commit 91b60e9e71
7 changed files with 31 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

13
settings.json.docker
View file

@ -652,20 +652,21 @@
*/ */
"lowerCasePadIds": "${LOWER_CASE_PAD_IDS:false}", "lowerCasePadIds": "${LOWER_CASE_PAD_IDS:false}",
"sso": { "sso": {
"issuer": "${SSO_ISSUER:http://localhost:9001}",
"clients": [ "clients": [
{ {
"client_id": "admin_client", "client_id": "${ADMIN_CLIENT:admin_client}",
"client_secret": "admin", "client_secret": "${ADMIN_SECRET:admin}",
"grant_types": ["authorization_code"], "grant_types": ["authorization_code"],
"response_types": ["code"], "response_types": ["code"],
"redirect_uris": ["http://localhost:9001/admin/*"] "redirect_uris": ["${ADMIN_REDIRECT:http://localhost:9001/admin/}"]
}, },
{ {
"client_id": "user_client", "client_id": "${USER_CLIENT:user_client}",
"client_secret": "user", "client_secret": "${USER_SECRET:user}",
"grant_types": ["authorization_code"], "grant_types": ["authorization_code"],
"response_types": ["code"], "response_types": ["code"],
"redirect_uris": ["http://localhost:9001/*"] "redirect_uris": ["${USER_REDIRECT:http://localhost:9001/}"]
} }
] ]
} }

13
settings.json.template
View file

@ -653,20 +653,21 @@
"lowerCasePadIds": false, "lowerCasePadIds": false,
"sso": { "sso": {
"issuer": "${SSO_ISSUER:http://localhost:9001}",
"clients": [ "clients": [
{ {
"client_id": "admin_client", "client_id": "${ADMIN_CLIENT:admin_client}",
"client_secret": "admin", "client_secret": "${ADMIN_SECRET:admin}",
"grant_types": ["authorization_code"], "grant_types": ["authorization_code"],
"response_types": ["code"], "response_types": ["code"],
"redirect_uris": ["http://localhost:9001/admin/*"] "redirect_uris": ["${ADMIN_REDIRECT:http://localhost:9001/admin/}"]
}, },
{ {
"client_id": "user_client", "client_id": "${USER_CLIENT:user_client}",
"client_secret": "user", "client_secret": "${USER_SECRET:user}",
"grant_types": ["authorization_code"], "grant_types": ["authorization_code"],
"response_types": ["code"], "response_types": ["code"],
"redirect_uris": ["http://localhost:9001/*"] "redirect_uris": ["${USER_REDIRECT:http://localhost:9001/}"]
} }
] ]
} }

1
src/node/handler/APIHandler.ts
View file

@ -149,7 +149,6 @@ exports.version = version;
type APIFields = { type APIFields = {
apikey: string;
api_key: string; api_key: string;
padID: string; padID: string;
padName: string; padName: string;

21
src/node/hooks/express/openapi.ts
View file

@ -483,14 +483,24 @@ const generateDefinitionForVersion = (version:string, style = APIPathStyle.FLAT)
...defaultResponses, ...defaultResponses,
}, },
securitySchemes: { securitySchemes: {
ApiKey: { openid: {
type: 'apiKey', type: "oauth2",
in: 'query', flows: {
name: 'apikey', authorizationCode: {
authorizationUrl: settings.sso.issuer+"/oidc/auth",
tokenUrl: settings.sso.issuer+"/oidc/token",
scopes: {
openid: "openid",
profile: "profile",
email: "email",
admin: "admin"
}
}
},
}, },
}, },
}, },
security: [{ApiKey: []}], security: [{openid: []}],
}; };
// build operations // build operations
@ -622,6 +632,7 @@ exports.expressPreSession = async (hookName:string, {app}:any) => {
let data; let data;
try { try {
data = await apiHandler.handle(version, funcName, fields, req, res); data = await apiHandler.handle(version, funcName, fields, req, res);
console.log(app._router.stack)
} catch (err) { } catch (err) {
const errCaused = err as ErrorCaused const errCaused = err as ErrorCaused
// convert all errors to http errors // convert all errors to http errors

3
src/node/security/OAuth2Provider.ts
View file

@ -82,7 +82,7 @@ export const expressCreateServer = async (hookName: string, args: ArgsExpressTyp
publicKeyExported = publicKey publicKeyExported = publicKey
privateKeyExported = privateKey privateKeyExported = privateKey
const oidc = new Provider('http://localhost:9001', { const oidc = new Provider(settings.sso.issuer, {
...configuration, jwks: { ...configuration, jwks: {
keys: [ keys: [
privateKeyJWK privateKeyJWK
@ -98,7 +98,6 @@ export const expressCreateServer = async (hookName: string, args: ArgsExpressTyp
}, },
features:{ features:{
userinfo: {enabled: true}, userinfo: {enabled: true},
claimsParameter: {enabled: true}, claimsParameter: {enabled: true},
devInteractions: {enabled: false}, devInteractions: {enabled: false},
resourceIndicators: {enabled: true, defaultResource(ctx) { resourceIndicators: {enabled: true, defaultResource(ctx) {

1
src/tests/backend/specs/api/fuzzImportTest.ts
View file

@ -9,7 +9,6 @@ const settings = require('../../../container/loadSettings.js').loadSettings();
const host = "http://" + settings.ip + ":" + settings.port; const host = "http://" + settings.ip + ":" + settings.port;
const apiKey = common.apiKey;
var apiVersion = 1; var apiVersion = 1;
var testPadId = "TEST_fuzz" + makeid(); var testPadId = "TEST_fuzz" + makeid();

1
src/tests/backend/specs/api/pad.ts
View file

@ -12,7 +12,6 @@ const common = require('../../common');
const padManager = require('../../../../node/db/PadManager'); const padManager = require('../../../../node/db/PadManager');
let agent:any; let agent:any;
const apiKey = common.apiKey;
let apiVersion = 1; let apiVersion = 1;
const testPadId = makeid(); const testPadId = makeid();
const newPadId = makeid(); const newPadId = makeid();