mirror of
https://github.com/casdoor/casdoor.git
synced 2025-07-03 12:30:19 +08:00
Use app.conf value in getOriginFromHost()
This commit is contained in:
Gucheng Wang
@ -43,6 +43,11 @@ type OidcDiscovery struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func getOriginFromHost(host string) (string, string) {
|
func getOriginFromHost(host string) (string, string) {
|
||||||
|
origin := conf.GetConfigString("origin")
|
||||||
|
if origin != "" {
|
||||||
|
return origin, origin
|
||||||
|
}
|
||||||
|
|
||||||
protocol := "https://"
|
protocol := "https://"
|
||||||
if strings.HasPrefix(host, "localhost") {
|
if strings.HasPrefix(host, "localhost") {
|
||||||
protocol = "http://"
|
protocol = "http://"
|
||||||
@ -58,12 +63,6 @@ func getOriginFromHost(host string) (string, string) {
|
|||||||
func GetOidcDiscovery(host string) OidcDiscovery {
|
func GetOidcDiscovery(host string) OidcDiscovery {
|
||||||
originFrontend, originBackend := getOriginFromHost(host)
|
originFrontend, originBackend := getOriginFromHost(host)
|
||||||
|
|
||||||
origin := conf.GetConfigString("origin")
|
|
||||||
if origin != "" {
|
|
||||||
originFrontend = origin
|
|
||||||
originBackend = origin
|
|
||||||
}
|
|
||||||
|
|
||||||
// Examples:
|
// Examples:
|
||||||
// https://login.okta.com/.well-known/openid-configuration
|
// https://login.okta.com/.well-known/openid-configuration
|
||||||
// https://auth0.auth0.com/.well-known/openid-configuration
|
// https://auth0.auth0.com/.well-known/openid-configuration
|
||||||
|
|||||||
@ -29,7 +29,6 @@ import (
|
|||||||
|
|
||||||
"github.com/RobotsAndPencils/go-saml"
|
"github.com/RobotsAndPencils/go-saml"
|
||||||
"github.com/beevik/etree"
|
"github.com/beevik/etree"
|
||||||
"github.com/casdoor/casdoor/conf"
|
|
||||||
"github.com/golang-jwt/jwt/v4"
|
"github.com/golang-jwt/jwt/v4"
|
||||||
dsig "github.com/russellhaering/goxmldsig"
|
dsig "github.com/russellhaering/goxmldsig"
|
||||||
uuid "github.com/satori/go.uuid"
|
uuid "github.com/satori/go.uuid"
|
||||||
@ -176,16 +175,12 @@ type Attribute struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func GetSamlMeta(application *Application, host string) (*IdpEntityDescriptor, error) {
|
func GetSamlMeta(application *Application, host string) (*IdpEntityDescriptor, error) {
|
||||||
//_, originBackend := getOriginFromHost(host)
|
|
||||||
cert := getCertByApplication(application)
|
cert := getCertByApplication(application)
|
||||||
block, _ := pem.Decode([]byte(cert.Certificate))
|
block, _ := pem.Decode([]byte(cert.Certificate))
|
||||||
certificate := base64.StdEncoding.EncodeToString(block.Bytes)
|
certificate := base64.StdEncoding.EncodeToString(block.Bytes)
|
||||||
|
|
||||||
origin := conf.GetConfigString("origin")
|
|
||||||
originFrontend, originBackend := getOriginFromHost(host)
|
originFrontend, originBackend := getOriginFromHost(host)
|
||||||
if origin != "" {
|
|
||||||
originBackend = origin
|
|
||||||
}
|
|
||||||
d := IdpEntityDescriptor{
|
d := IdpEntityDescriptor{
|
||||||
XMLName: xml.Name{
|
XMLName: xml.Name{
|
||||||
Local: "md:EntityDescriptor",
|
Local: "md:EntityDescriptor",
|
||||||
|
|||||||
@ -70,10 +70,12 @@ func GenerateSamlLoginUrl(id, relayState string) (string, string, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func buildSp(provider *Provider, samlResponse string) (*saml2.SAMLServiceProvider, error) {
|
func buildSp(provider *Provider, samlResponse string) (*saml2.SAMLServiceProvider, error) {
|
||||||
|
origin := conf.GetConfigString("origin")
|
||||||
|
|
||||||
certStore := dsig.MemoryX509CertificateStore{
|
certStore := dsig.MemoryX509CertificateStore{
|
||||||
Roots: []*x509.Certificate{},
|
Roots: []*x509.Certificate{},
|
||||||
}
|
}
|
||||||
origin := conf.GetConfigString("origin")
|
|
||||||
certEncodedData := ""
|
certEncodedData := ""
|
||||||
if samlResponse != "" {
|
if samlResponse != "" {
|
||||||
certEncodedData = parseSamlResponse(samlResponse, provider.Type)
|
certEncodedData = parseSamlResponse(samlResponse, provider.Type)
|
||||||
|
|||||||
@ -18,7 +18,6 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/casdoor/casdoor/conf"
|
|
||||||
"github.com/casdoor/casdoor/util"
|
"github.com/casdoor/casdoor/util"
|
||||||
"github.com/golang-jwt/jwt/v4"
|
"github.com/golang-jwt/jwt/v4"
|
||||||
)
|
)
|
||||||
@ -67,11 +66,7 @@ func generateJwtToken(application *Application, user *User, nonce string, scope
|
|||||||
refreshExpireTime := nowTime.Add(time.Duration(application.RefreshExpireInHours) * time.Hour)
|
refreshExpireTime := nowTime.Add(time.Duration(application.RefreshExpireInHours) * time.Hour)
|
||||||
|
|
||||||
user.Password = ""
|
user.Password = ""
|
||||||
origin := conf.GetConfigString("origin")
|
|
||||||
_, originBackend := getOriginFromHost(host)
|
_, originBackend := getOriginFromHost(host)
|
||||||
if origin != "" {
|
|
||||||
originBackend = origin
|
|
||||||
}
|
|
||||||
|
|
||||||
name := util.GenerateId()
|
name := util.GenerateId()
|
||||||
jti := fmt.Sprintf("%s/%s", application.Owner, name)
|
jti := fmt.Sprintf("%s/%s", application.Owner, name)
|
||||||
|
|||||||
@ -18,7 +18,6 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/casdoor/casdoor/conf"
|
|
||||||
"github.com/casdoor/casdoor/util"
|
"github.com/casdoor/casdoor/util"
|
||||||
"github.com/duo-labs/webauthn/webauthn"
|
"github.com/duo-labs/webauthn/webauthn"
|
||||||
"xorm.io/core"
|
"xorm.io/core"
|
||||||
@ -527,11 +526,8 @@ func GetUserInfo(userId string, scope string, aud string, host string) (*Userinf
|
|||||||
if user == nil {
|
if user == nil {
|
||||||
return nil, fmt.Errorf("the user: %s doesn't exist", userId)
|
return nil, fmt.Errorf("the user: %s doesn't exist", userId)
|
||||||
}
|
}
|
||||||
origin := conf.GetConfigString("origin")
|
|
||||||
_, originBackend := getOriginFromHost(host)
|
_, originBackend := getOriginFromHost(host)
|
||||||
if origin != "" {
|
|
||||||
originBackend = origin
|
|
||||||
}
|
|
||||||
|
|
||||||
resp := Userinfo{
|
resp := Userinfo{
|
||||||
Sub: user.Id,
|
Sub: user.Id,
|
||||||
|
|||||||
@ -27,12 +27,9 @@ import (
|
|||||||
func GetWebAuthnObject(host string) *webauthn.WebAuthn {
|
func GetWebAuthnObject(host string) *webauthn.WebAuthn {
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
origin := conf.GetConfigString("origin")
|
_, originBackend := getOriginFromHost(host)
|
||||||
if origin == "" {
|
|
||||||
_, origin = getOriginFromHost(host)
|
|
||||||
}
|
|
||||||
|
|
||||||
localUrl, err := url.Parse(origin)
|
localUrl, err := url.Parse(originBackend)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic("error when parsing origin:" + err.Error())
|
panic("error when parsing origin:" + err.Error())
|
||||||
}
|
}
|
||||||
@ -40,7 +37,7 @@ func GetWebAuthnObject(host string) *webauthn.WebAuthn {
|
|||||||
webAuthn, err := webauthn.New(&webauthn.Config{
|
webAuthn, err := webauthn.New(&webauthn.Config{
|
||||||
RPDisplayName: conf.GetConfigString("appname"), // Display Name for your site
|
RPDisplayName: conf.GetConfigString("appname"), // Display Name for your site
|
||||||
RPID: strings.Split(localUrl.Host, ":")[0], // Generally the domain name for your site, it's ok because splits cannot return empty array
|
RPID: strings.Split(localUrl.Host, ":")[0], // Generally the domain name for your site, it's ok because splits cannot return empty array
|
||||||
RPOrigin: origin, // The origin URL for WebAuthn requests
|
RPOrigin: originBackend, // The origin URL for WebAuthn requests
|
||||||
// RPIcon: "https://duo.com/logo.png", // Optional icon URL for your site
|
// RPIcon: "https://duo.com/logo.png", // Optional icon URL for your site
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
Reference in New Issue
Block a user