Add OIDC Custom Logout URL (#148)

* Add oidc logout url to env and docker image

* Set the custom logout URL if OIDC_LOGOUT_URL is defined

---------

Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
pull/146/head
DiegolAmaral 2024-10-02 11:24:12 +00:00 committed by GitHub
parent beb62e4dcc
commit 26ae2bff7c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 9 additions and 0 deletions

View File

@ -103,6 +103,13 @@ set_up_oidc() {
} }
}" > /dev/null }" > /dev/null
# Set the custom logout URL for the OIDC plugin only if OIDC_LOGOUT_URL is defined
if [[ -n "${OIDC_LOGOUT_URL}" ]]; then
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Plugin.CustomAuth_custom_logout" "${OIDC_LOGOUT_URL}&post_logout_redirect_uri=${BASE_URL}/users/login"
else
echo "OIDC_LOGOUT_URL is not set"
fi
# Disable password confirmation as stated at https://github.com/MISP/MISP/issues/8116 # Disable password confirmation as stated at https://github.com/MISP/MISP/issues/8116
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Security.require_password_confirmation" false sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Security.require_password_confirmation" false
} }

View File

@ -117,6 +117,7 @@ services:
- "OIDC_ROLES_PROPERTY=${OIDC_ROLES_PROPERTY}" - "OIDC_ROLES_PROPERTY=${OIDC_ROLES_PROPERTY}"
- "OIDC_ROLES_MAPPING=${OIDC_ROLES_MAPPING}" - "OIDC_ROLES_MAPPING=${OIDC_ROLES_MAPPING}"
- "OIDC_DEFAULT_ORG=${OIDC_DEFAULT_ORG}" - "OIDC_DEFAULT_ORG=${OIDC_DEFAULT_ORG}"
- "OIDC_LOGOUT_URL=${OIDC_LOGOUT_URL}"
# LDAP authentication settings # LDAP authentication settings
- "LDAP_ENABLE=${LDAP_ENABLE}" - "LDAP_ENABLE=${LDAP_ENABLE}"
- "LDAP_APACHE_ENV=${LDAP_APACHE_ENV}" - "LDAP_APACHE_ENV=${LDAP_APACHE_ENV}"

View File

@ -121,6 +121,7 @@ SYNCSERVERS_1_PULL_RULES=
# OIDC_ROLES_PROPERTY="roles" # OIDC_ROLES_PROPERTY="roles"
# OIDC_ROLES_MAPPING="{\"admin\": \"1\"}" # OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
# OIDC_DEFAULT_ORG= # OIDC_DEFAULT_ORG=
# OIDC_LOGOUT_URL=
# Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189 # Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
# NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, # NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component,