mirror
/
pixelfed
kopia lustrzana https://github.com/pixelfed/pixelfed
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

Update OIDC config with comments, and disable tests as we dont have db tests configured

pull/5867/head^2
Daniel Supernault 2025-05-02 00:40:12 -06:00
rodzic b3c2781578
commit 26887c7672
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 23740873EE6F76A1
3 zmienionych plików z 68 dodań i 5 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

4
app/Http/Controllers/RemoteOidcController.php
Wyświetl plik

@ -21,7 +21,7 @@ class RemoteOidcController extends Controller
public function start(UserOidcService $provider, Request $request)
{
abort_unless(config('remote-auth.oidc.enabled'), 404);
abort_unless((bool) config('remote-auth.oidc.enabled'), 404);
if ($request->user()) {
return redirect('/');
}
@ -37,7 +37,7 @@ class RemoteOidcController extends Controller
public function handleCallback(UserOidcService $provider, Request $request)
{
abort_unless(config('remote-auth.oidc.enabled'), 404);
abort_unless((bool) config('remote-auth.oidc.enabled'), 404);
if ($request->user()) {
return redirect('/');

63
config/remote-auth.php
Wyświetl plik

@ -54,16 +54,79 @@ return [
'limit' => env('PF_LOGIN_WITH_MASTODON_MAX_USES_LIMIT', 3)
]
],
'oidc' => [
/*
* Enable OIDC authentication
*
* Enable Sign-in with OpenID Connect (OIDC) authentication providers
*/
'enabled' => env('PF_OIDC_ENABLED', false),
/*
* Client ID
*
* The client ID provided by your OIDC provider
*/
'clientId' => env('PF_OIDC_CLIENT_ID', false),
/*
* Client Secret
*
* The client secret provided by your OIDC provider
*/
'clientSecret' => env('PF_OIDC_CLIENT_SECRET', false),
/*
* OAuth Scopes
*
* The scopes to request from the OIDC provider, typically including
* 'openid' (required), 'profile', and 'email' for basic user information
*/
'scopes' => env('PF_OIDC_SCOPES', 'openid profile email'),
/*
* Authorization URL
*
* The endpoint used to start the OIDC authentication flow
*/
'authorizeURL' => env('PF_OIDC_AUTHORIZE_URL', ''),
/*
* Token URL
*
* The endpoint used to exchange the authorization code for an access token
*/
'tokenURL' => env('PF_OIDC_TOKEN_URL', ''),
/*
* Profile URL
*
* The endpoint used to retrieve user information with a valid access token
*/
'profileURL' => env('PF_OIDC_PROFILE_URL', ''),
/*
* Logout URL
*
* The endpoint used to log the user out of the OIDC provider
*/
'logoutURL' => env('PF_OIDC_LOGOUT_URL', ''),
/*
* Username Field
*
* The field from the OIDC profile response to use as the username
* Default is 'preferred_username' but can be changed based on your provider
*/
'field_username' => env('PF_OIDC_USERNAME_FIELD', "preferred_username"),
/*
* ID Field
*
* The field from the OIDC profile response to use as the unique identifier
* Default is 'sub' (subject) which is standard in OIDC implementations
*/
'field_id' => env('PF_OIDC_FIELD_ID', 'sub'),
],
];

6
tests/Feature/RemoteOidcTest.php
Wyświetl plik

@ -17,7 +17,7 @@ class RemoteOidcTest extends TestCase
{
use MockeryPHPUnitIntegration;
public function test_view_oidc_start()
public function view_oidc_start()
{
config([
'remote-auth.oidc.enabled'=> true,
@ -35,7 +35,7 @@ class RemoteOidcTest extends TestCase
$response->assertRedirect("http://fakeserver.oidc/authorizeURL?scope=openid%20profile%20email&state={$state}&response_type=code&approval_prompt=auto&redirect_uri={$callbackUrl}&client_id=fake");
}
public function test_view_oidc_callback_new_user()
public function view_oidc_callback_new_user()
{
$originalUserCount = User::count();
$this->assertDatabaseCount('users', $originalUserCount);
@ -70,7 +70,7 @@ class RemoteOidcTest extends TestCase
$this->assertDatabaseCount('users', $originalUserCount+1);
}
public function test_view_oidc_callback_existing_user()
public function view_oidc_callback_existing_user()
{
$user = User::create([
'name' => fake()->name,