Allow explicit configuration of OIDC dynamic registration metadata (#12514)
* Fix `element-desktop-ssoid being` included in OIDC Authorization call Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Split out oidc callback url into its own method Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Allow explicit configuration of OIDC dynamic registration metadata Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Fix test Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Fix unexpected hash on oidc callback url Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * undefined > [] Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> --------- Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>pull/28217/head
parent
357f882ff5
commit
d0b30d1631
|
@ -430,6 +430,13 @@ export default abstract class BasePlatform {
|
|||
return window.location.origin + window.location.pathname;
|
||||
}
|
||||
|
||||
/**
|
||||
* Fallback Client URI to use for OIDC client registration for if one is not specified in config.json
|
||||
*/
|
||||
public get defaultOidcClientUri(): string {
|
||||
return window.location.origin;
|
||||
}
|
||||
|
||||
/**
|
||||
* Metadata to use for dynamic OIDC client registrations
|
||||
*/
|
||||
|
@ -437,16 +444,17 @@ export default abstract class BasePlatform {
|
|||
const config = SdkConfig.get();
|
||||
return {
|
||||
clientName: config.brand,
|
||||
clientUri: this.baseUrl,
|
||||
clientUri: config.oidc_metadata?.client_uri ?? this.defaultOidcClientUri,
|
||||
redirectUris: [this.getOidcCallbackUrl().href],
|
||||
logoUri: new URL("vector-icons/1024.png", this.baseUrl).href,
|
||||
logoUri: config.oidc_metadata?.logo_uri ?? new URL("vector-icons/1024.png", this.baseUrl).href,
|
||||
applicationType: "web",
|
||||
// XXX: We break the spec by not consistently supplying these required fields
|
||||
// contacts: [],
|
||||
// @ts-ignore
|
||||
tosUri: config.terms_and_conditions_links?.[0]?.url,
|
||||
contacts: config.oidc_metadata?.contacts,
|
||||
// @ts-ignore
|
||||
policyUri: config.privacy_policy_url,
|
||||
tosUri: config.oidc_metadata?.tos_uri ?? config.terms_and_conditions_links?.[0]?.url,
|
||||
// @ts-ignore
|
||||
policyUri: config.oidc_metadata?.policy_uri ?? config.privacy_policy_url,
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -200,12 +200,20 @@ export interface IConfigOptions {
|
|||
* The issuer URL must have a trailing `/`.
|
||||
* OPTIONAL
|
||||
*/
|
||||
oidc_static_clients?: Record<
|
||||
string,
|
||||
{
|
||||
client_id: string;
|
||||
}
|
||||
>;
|
||||
oidc_static_clients?: {
|
||||
[issuer: string]: { client_id: string };
|
||||
};
|
||||
|
||||
/**
|
||||
* Configuration for OIDC dynamic registration where a static OIDC client is not configured.
|
||||
*/
|
||||
oidc_metadata?: {
|
||||
client_uri?: string;
|
||||
logo_uri?: string;
|
||||
tos_uri?: string;
|
||||
policy_uri?: string;
|
||||
contacts?: string[];
|
||||
};
|
||||
}
|
||||
|
||||
export interface ISsoRedirectOptions {
|
||||
|
|
|
@ -44,6 +44,11 @@ describe("getOidcClientId()", () => {
|
|||
return baseUrl;
|
||||
},
|
||||
});
|
||||
Object.defineProperty(PlatformPeg.get(), "defaultOidcClientUri", {
|
||||
get(): string {
|
||||
return baseUrl;
|
||||
},
|
||||
});
|
||||
Object.defineProperty(PlatformPeg.get(), "getOidcCallbackUrl", {
|
||||
value: () => ({
|
||||
href: baseUrl,
|
||||
|
|
Loading…
Reference in New Issue