diff --git a/pkg/api/models.go b/pkg/api/models.go index 3a838fd4..db561aa1 100644 --- a/pkg/api/models.go +++ b/pkg/api/models.go @@ -189,10 +189,11 @@ type TestArgument struct { } type OIDCSettings struct { - DomainKey string `yaml:"domainKey"` - UriFormat string `yaml:"uriFormat"` - AuthMethod string `yaml:"authMethod"` - Subdomain bool `yaml:"subdomain"` + DomainKey string `yaml:"domainKey"` + UriFormat string `yaml:"uriFormat"` + UriFormats []string `yaml:"uriFormats"` + AuthMethod string `yaml:"authMethod"` + Subdomain bool `yaml:"subdomain"` } type RecipeSection struct { @@ -495,6 +496,7 @@ const RecipeFragment = ` repository { id name } oidcSettings { uriFormat + uriFormats authMethod domainKey subdomain diff --git a/pkg/bundle/oidc.go b/pkg/bundle/oidc.go index 55f5e447..3c7df04b 100644 --- a/pkg/bundle/oidc.go +++ b/pkg/bundle/oidc.go @@ -24,7 +24,7 @@ func configureOidc(repo string, client *api.Client, recipe *api.Recipe, ctx map[ } settings := recipe.OidcSettings - redirectUri, err := formatRedirectUri(settings, ctx) + redirectUris, err := formatRedirectUris(settings, ctx) if err != nil { return err } @@ -40,7 +40,7 @@ func configureOidc(repo string, client *api.Client, recipe *api.Recipe, ctx map[ } oidcSettings := &api.OidcProviderAttributes{ - RedirectUris: []string{redirectUri}, + RedirectUris: redirectUris, AuthMethod: settings.AuthMethod, Bindings: []api.Binding{ {UserId: me.Id}, @@ -70,27 +70,45 @@ func mergeOidcAttributes(inst *api.Installation, attributes *api.OidcProviderAtt attributes.Bindings = bindings } -func formatRedirectUri(settings *api.OIDCSettings, ctx map[string]interface{}) (string, error) { - uri := settings.UriFormat +func formatRedirectUris(settings *api.OIDCSettings, ctx map[string]interface{}) ([]string, error) { + res := make([]string, 0) + domain := "" + if settings.DomainKey != "" { - domain, ok := ctx[settings.DomainKey] + d, ok := ctx[settings.DomainKey] if !ok { - return "", fmt.Errorf("No domain setting for %s in context", settings.DomainKey) + return res, fmt.Errorf("No domain setting for %s in context", settings.DomainKey) } - uri = strings.ReplaceAll(uri, "{domain}", domain.(string)) + domain = d.(string) } - if settings.Subdomain { - proj, err := manifest.FetchProject() - if err != nil { - return "", err + proj, err := manifest.FetchProject() + if err != nil { + return res, err + } + + fmtUri := func(uri string) string { + if domain != "" { + uri = strings.ReplaceAll(uri, "{domain}", domain) + } + + if settings.Subdomain { + uri = strings.ReplaceAll(uri, "{subdomain}", proj.Network.Subdomain) } - uri = strings.ReplaceAll(uri, "{subdomain}", proj.Network.Subdomain) + return uri + } + + if settings.UriFormat != "" { + return []string{fmtUri(settings.UriFormat)}, err + } + + for _, uri := range settings.UriFormats { + res = append(res, fmtUri(uri)) } - return uri, nil + return res, nil } func confirmOidc(confirm *bool) { diff --git a/pkg/config/config.go b/pkg/config/config.go index 54118490..a1251655 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -21,7 +21,7 @@ type Config struct { NamespacePrefix string `yaml:"namespacePrefix"` Endpoint string `yaml:"endpoint"` LockProfile string `yaml:"lockProfile"` - metadata *Metadata `` + metadata *Metadata ReportErrors bool `yaml:"reportErrors"` }