Merge into one origin config.

2025-05-23 10:45:47 +08:00 · 2021-12-12 19:26:06 +08:00 · 2021-12-12 19:26:06 +08:00 · 96e2f286ee
commit 96e2f286ee
parent 29807b82e1
4 changed files with 12 additions and 14 deletions
--- a/conf/app.conf
+++ b/conf/app.conf
@ -14,5 +14,4 @@ httpProxy = "127.0.0.1:10808"
 verificationCodeTimeout = 10
 initScore = 2000
 logPostOnly = true
-oidcOrigin = "https://door.casbin.com"
-samlOrigin = "http://localhost:8000"
+origin = "https://door.casbin.com"
--- a/object/oidc_discovery.go
+++ b/object/oidc_discovery.go
@ -19,9 +19,8 @@ import (
 	"encoding/pem"
 	"fmt"

-	jose "gopkg.in/square/go-jose.v2"
-
 	"github.com/astaxie/beego"
+	"gopkg.in/square/go-jose.v2"
 )

 type OidcDiscovery struct {
@ -44,7 +43,7 @@ type OidcDiscovery struct {
 var oidcDiscovery OidcDiscovery

 func init() {
-	oidcOrigin := beego.AppConfig.String("oidcOrigin")
+	origin := beego.AppConfig.String("origin")

 	// Examples:
 	// https://login.okta.com/.well-known/openid-configuration
@ -52,11 +51,11 @@ func init() {
 	// https://accounts.google.com/.well-known/openid-configuration
 	// https://access.line.me/.well-known/openid-configuration
 	oidcDiscovery = OidcDiscovery{
-		Issuer:                                 oidcOrigin,
-		AuthorizationEndpoint:                  fmt.Sprintf("%s/login/oauth/authorize", oidcOrigin),
-		TokenEndpoint:                          fmt.Sprintf("%s/api/login/oauth/access_token", oidcOrigin),
-		UserinfoEndpoint:                       fmt.Sprintf("%s/api/get-account", oidcOrigin),
-		JwksUri:                                fmt.Sprintf("%s/api/certs", oidcOrigin),
+		Issuer:                                 origin,
+		AuthorizationEndpoint:                  fmt.Sprintf("%s/login/oauth/authorize", origin),
+		TokenEndpoint:                          fmt.Sprintf("%s/api/login/oauth/access_token", origin),
+		UserinfoEndpoint:                       fmt.Sprintf("%s/api/get-account", origin),
+		JwksUri:                                fmt.Sprintf("%s/api/certs", origin),
 		ResponseTypesSupported:                 []string{"id_token"},
 		ResponseModesSupported:                 []string{"login", "code", "link"},
 		GrantTypesSupported:                    []string{"password", "authorization_code"},
--- a/object/saml.go
+++ b/object/saml.go
@ -60,7 +60,7 @@ func buildSp(provider *Provider, samlResponse string) (*saml2.SAMLServiceProvide
 	certStore := dsig.MemoryX509CertificateStore{
 		Roots: []*x509.Certificate{},
 	}
-	samlOrigin := beego.AppConfig.String("samlOrigin")
+	origin := beego.AppConfig.String("origin")
 	certEncodedData := ""
 	if samlResponse != "" {
 		de, err := base64.StdEncoding.DecodeString(samlResponse)
@ -84,8 +84,8 @@ func buildSp(provider *Provider, samlResponse string) (*saml2.SAMLServiceProvide
 	}
 	certStore.Roots = append(certStore.Roots, idpCert)
 	sp := &saml2.SAMLServiceProvider{
-		ServiceProviderIssuer:       fmt.Sprintf("%s/api/acs", samlOrigin),
-		AssertionConsumerServiceURL: fmt.Sprintf("%s/api/acs", samlOrigin),
+		ServiceProviderIssuer:       fmt.Sprintf("%s/api/acs", origin),
+		AssertionConsumerServiceURL: fmt.Sprintf("%s/api/acs", origin),
 		IDPCertificateStore:         &certStore,
 	}
 	if provider != nil {
--- a/object/token_jwt.go
+++ b/object/token_jwt.go
@ -43,7 +43,7 @@ func generateJwtToken(application *Application, user *User) (string, error) {
 	claims := Claims{
 		User: *user,
 		RegisteredClaims: jwt.RegisteredClaims{
-			Issuer:    beego.AppConfig.String("oidcOrigin"),
+			Issuer:    beego.AppConfig.String("origin"),
 			Subject:   user.Id,
 			Audience:  []string{application.ClientId},
 			ExpiresAt: jwt.NewNumericDate(expireTime),