Support multiple redirect uris in recipe oidc (#82)

* Support multiple redirect uris in recipe oidc * Fix multiple redirect URIs Signed-off-by: DavidSpek <[email protected]> Co-authored-by: DavidSpek <[email protected]>
pluralsh · May 16, 2022 · 30ace1d · 30ace1d
1 parent ce93276
commit 30ace1d
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 18 deletions.
diff --git a/pkg/api/models.go b/pkg/api/models.go
@@ -189,10 +189,11 @@ type TestArgument struct {
 }
 
 type OIDCSettings struct {
-	DomainKey  string `yaml:"domainKey"`
-	UriFormat  string `yaml:"uriFormat"`
-	AuthMethod string `yaml:"authMethod"`
-	Subdomain  bool   `yaml:"subdomain"`
+	DomainKey  string   `yaml:"domainKey"`
+	UriFormat  string   `yaml:"uriFormat"`
+	UriFormats []string `yaml:"uriFormats"`
+	AuthMethod string   `yaml:"authMethod"`
+	Subdomain  bool     `yaml:"subdomain"`
 }
 
 type RecipeSection struct {
@@ -495,6 +496,7 @@ const RecipeFragment = `
 		repository { id name }
 		oidcSettings {
 			uriFormat
+			uriFormats
 			authMethod
 			domainKey
 			subdomain

diff --git a/pkg/bundle/oidc.go b/pkg/bundle/oidc.go
@@ -24,7 +24,7 @@ func configureOidc(repo string, client *api.Client, recipe *api.Recipe, ctx map[
 	}
 
 	settings := recipe.OidcSettings
-	redirectUri, err := formatRedirectUri(settings, ctx)
+	redirectUris, err := formatRedirectUris(settings, ctx)
 	if err != nil {
 		return err
 	}
@@ -40,7 +40,7 @@ func configureOidc(repo string, client *api.Client, recipe *api.Recipe, ctx map[
 	}
 
 	oidcSettings := &api.OidcProviderAttributes{
-		RedirectUris: []string{redirectUri},
+		RedirectUris: redirectUris,
 		AuthMethod:   settings.AuthMethod,
 		Bindings: []api.Binding{
 			{UserId: me.Id},
@@ -70,27 +70,45 @@ func mergeOidcAttributes(inst *api.Installation, attributes *api.OidcProviderAtt
 	attributes.Bindings = bindings
 }
 
-func formatRedirectUri(settings *api.OIDCSettings, ctx map[string]interface{}) (string, error) {
-	uri := settings.UriFormat
+func formatRedirectUris(settings *api.OIDCSettings, ctx map[string]interface{}) ([]string, error) {
+	res := make([]string, 0)
+	domain := ""
+
 	if settings.DomainKey != "" {
-		domain, ok := ctx[settings.DomainKey]
+		d, ok := ctx[settings.DomainKey]
 		if !ok {
-			return "", fmt.Errorf("No domain setting for %s in context", settings.DomainKey)
+			return res, fmt.Errorf("No domain setting for %s in context", settings.DomainKey)
 		}
 
-		uri = strings.ReplaceAll(uri, "{domain}", domain.(string))
+		domain = d.(string)
 	}
 
-	if settings.Subdomain {
-		proj, err := manifest.FetchProject()
-		if err != nil {
-			return "", err
+	proj, err := manifest.FetchProject()
+	if err != nil {
+		return res, err
+	}
+
+	fmtUri := func(uri string) string {
+		if domain != "" {
+			uri = strings.ReplaceAll(uri, "{domain}", domain)
+		}
+
+		if settings.Subdomain {
+			uri = strings.ReplaceAll(uri, "{subdomain}", proj.Network.Subdomain)
 		}
 
-		uri = strings.ReplaceAll(uri, "{subdomain}", proj.Network.Subdomain)
+		return uri
+	}
+
+	if settings.UriFormat != "" {
+		return []string{fmtUri(settings.UriFormat)}, err
+	}
+
+	for _, uri := range settings.UriFormats {
+		res = append(res, fmtUri(uri))
 	}
 
-	return uri, nil
+	return res, nil
 }
 
 func confirmOidc(confirm *bool) {

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -21,7 +21,7 @@ type Config struct {
 	NamespacePrefix string    `yaml:"namespacePrefix"`
 	Endpoint        string    `yaml:"endpoint"`
 	LockProfile     string    `yaml:"lockProfile"`
-	metadata        *Metadata ``
+	metadata        *Metadata
 	ReportErrors    bool      `yaml:"reportErrors"`
 }