Allow multiple IDPs config to be passed via struct (#2167)

* Allow multiple IDPs config to be passed via struct * This removes support for ENV based IDP configuration for console * Ensure default scopes are used if none are given * Add display name field for provider config
2022-07-14 07:27:45 -07:00
parent abb668633b
commit 118cf97e1d
9 changed files with 119 additions and 20 deletions
--- a/restapi/operations/console_api.go
+++ b/restapi/operations/console_api.go
@@ -38,6 +38,7 @@ import (
 	"github.com/go-openapi/swag"

 	"github.com/minio/console/models"
+	"github.com/minio/console/pkg/auth/idp/oauth2"
 	"github.com/minio/console/restapi/operations/account"
 	"github.com/minio/console/restapi/operations/auth"
 	"github.com/minio/console/restapi/operations/bucket"
@@ -58,7 +59,7 @@ import (
 )

 // NewConsoleAPI creates a new Console instance
-func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
+func NewConsoleAPI(spec *loads.Document, openIDProviders oauth2.OpenIDPCfg) *ConsoleAPI {
 	return &ConsoleAPI{
 		handlers:            make(map[string]map[string]http.Handler),
 		formats:             strfmt.Default,
@@ -75,6 +76,8 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
 		APIKeyAuthenticator: security.APIKeyAuth,
 		BearerAuthenticator: security.BearerAuth,

+		OpenIDProviders: openIDProviders,
+
 		JSONConsumer:          runtime.JSONConsumer(),
 		MultipartformConsumer: runtime.DiscardConsumer,

@@ -478,6 +481,9 @@ type ConsoleAPI struct {
 	Middleware      func(middleware.Builder) http.Handler
 	useSwaggerUI    bool

+	// Configuration passed in from MinIO for MinIO console.
+	OpenIDProviders oauth2.OpenIDPCfg
+
 	// BasicAuthenticator generates a runtime.Authenticator from the supplied basic auth function.
 	// It has a default implementation in the security package, however you can replace it for your particular usage.
 	BasicAuthenticator func(security.UserPassAuthentication) runtime.Authenticator