mirror of https://github.com/MISP/misp-docker
Check for required env variables on OIDC
parent
526c47a6e8
commit
2039141369
|
@ -1,20 +1,12 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
source /rest_client.sh
|
source /rest_client.sh
|
||||||
|
source /utilities.sh
|
||||||
|
|
||||||
[ -z "$ADMIN_EMAIL" ] && ADMIN_EMAIL="admin@admin.test"
|
[ -z "$ADMIN_EMAIL" ] && ADMIN_EMAIL="admin@admin.test"
|
||||||
[ -z "$GPG_PASSPHRASE" ] && GPG_PASSPHRASE="passphrase"
|
[ -z "$GPG_PASSPHRASE" ] && GPG_PASSPHRASE="passphrase"
|
||||||
[ -z "$REDIS_FQDN" ] && REDIS_FQDN="redis"
|
[ -z "$REDIS_FQDN" ] && REDIS_FQDN="redis"
|
||||||
[ -z "$MISP_MODULES_FQDN" ] && MISP_MODULES_FQDN="http://misp-modules"
|
[ -z "$MISP_MODULES_FQDN" ] && MISP_MODULES_FQDN="http://misp-modules"
|
||||||
[ -z "$OIDC_PROVIDER_URL" ] && OIDC_PROVIDER_URL="test_provider"
|
|
||||||
[ -z "$OIDC_CLIENT_ID" ] && OIDC_CLIENT_ID="test_client_id"
|
|
||||||
[ -z "$OIDC_CLIENT_SECRET" ] && OIDC_CLIENT_SECRET="test_client_secret"
|
|
||||||
[ -z "$OIDC_ROLES_PROPERTY" ] && OIDC_ROLES_PROPERTY="roles"
|
|
||||||
[ -z "$OIDC_ROLES_MAPPING" ] && OIDC_ROLES_MAPPING="{
|
|
||||||
\"admin\": \"1\",
|
|
||||||
\"sync-user\": \"5\"
|
|
||||||
}"
|
|
||||||
[ -z "$OIDC_DEFAULT_ORG" ] && OIDC_DEFAULT_ORG="$ADMIN_ORG"
|
|
||||||
|
|
||||||
# Switches to selectively disable configuration logic
|
# Switches to selectively disable configuration logic
|
||||||
[ -z "$AUTOCONF_GPG" ] && AUTOCONF_GPG="true"
|
[ -z "$AUTOCONF_GPG" ] && AUTOCONF_GPG="true"
|
||||||
|
@ -109,6 +101,9 @@ set_up_oidc() {
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Check required variables
|
||||||
|
check_env_vars OIDC_PROVIDER_URL OIDC_CLIENT_ID OIDC_CLIENT_SECRET OIDC_ROLES_PROPERTY OIDC_ROLES_MAPPING OIDC_DEFAULT_ORG
|
||||||
|
|
||||||
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
|
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
|
||||||
\"Security\": {
|
\"Security\": {
|
||||||
\"auth\": [\"OidcAuth.Oidc\"]
|
\"auth\": [\"OidcAuth.Oidc\"]
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Check whether passed env variables are defined
|
||||||
|
check_env_vars() {
|
||||||
|
local required_vars=("$@")
|
||||||
|
|
||||||
|
missing_vars=()
|
||||||
|
for i in "${required_vars[@]}"
|
||||||
|
do
|
||||||
|
test -n "${!i:+y}" || missing_vars+=("$i")
|
||||||
|
done
|
||||||
|
if [ ${#missing_vars[@]} -ne 0 ]
|
||||||
|
then
|
||||||
|
echo "The following env variables are not set:"
|
||||||
|
printf ' %q\n' "${missing_vars[@]}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
}
|
|
@ -75,6 +75,7 @@ services:
|
||||||
- "OIDC_CLIENT_ID=${OIDC_CLIENT_ID}"
|
- "OIDC_CLIENT_ID=${OIDC_CLIENT_ID}"
|
||||||
- "OIDC_CLIENT_SECRET=${OIDC_CLIENT_SECRET}"
|
- "OIDC_CLIENT_SECRET=${OIDC_CLIENT_SECRET}"
|
||||||
- "OIDC_ROLES_PROPERTY=${OIDC_ROLES_PROPERTY}"
|
- "OIDC_ROLES_PROPERTY=${OIDC_ROLES_PROPERTY}"
|
||||||
|
- "OIDC_ROLES_MAPPING=${OIDC_ROLES_MAPPING}"
|
||||||
- "OIDC_DEFAULT_ORG=${OIDC_DEFAULT_ORG}"
|
- "OIDC_DEFAULT_ORG=${OIDC_DEFAULT_ORG}"
|
||||||
# sync server settings (see https://www.misp-project.org/openapi/#tag/Servers for more options)
|
# sync server settings (see https://www.misp-project.org/openapi/#tag/Servers for more options)
|
||||||
- "SYNCSERVERS=${SYNCSERVERS}"
|
- "SYNCSERVERS=${SYNCSERVERS}"
|
||||||
|
|
|
@ -93,6 +93,6 @@ SYNCSERVERS_1_KEY=
|
||||||
# OIDC_PROVIDER_URL=
|
# OIDC_PROVIDER_URL=
|
||||||
# OIDC_CLIENT_ID=
|
# OIDC_CLIENT_ID=
|
||||||
# OIDC_CLIENT_SECRET=
|
# OIDC_CLIENT_SECRET=
|
||||||
# OIDC_ROLES_PROPERTY=
|
# OIDC_ROLES_PROPERTY="roles"
|
||||||
# OIDC_ROLES_MAPPING=
|
# OIDC_ROLES_MAPPING={"admin": "1","sync-user": "5"}
|
||||||
# OIDC_DEFAULT_ORG=""
|
# OIDC_DEFAULT_ORG=
|
||||||
|
|
Loading…
Reference in New Issue