]> BookStack Code Mirror - bookstack/commitdiff
projects / bookstack / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side (parent: 97cde9c)
Configurable OpenID Connect services
authorJasper Weyne <redacted>
Thu, 9 Jul 2020 14:27:45 +0000 (16:27 +0200)
committerJasper Weyne <redacted>
Thu, 9 Jul 2020 14:27:45 +0000 (16:27 +0200)
app/Auth/Access/OpenIdService.php patch | blob | history
app/Config/openid.php patch | blob | history

diff --git a/app/Auth/Access/OpenIdService.php b/app/Auth/Access/OpenIdService.php
index 14b6ac9a5d4632ca321493a5d10fd68702b3ec5d..fc0c0029856e69091d252ea77f3c6343b80bcea8 100644 (file)
--- a/app/Auth/Access/OpenIdService.php
+++ b/app/Auth/Access/OpenIdService.php
@@ -139,6 +139,7 @@ class OpenIdService extends ExternalAuthService
      */
     protected function getProvider(): OpenIDConnectProvider
     {
+        // Setup settings
         $settings = $this->config['openid'];
         $overrides = $this->config['openid_overrides'] ?? [];
 
@@ -149,12 +150,27 @@ class OpenIdService extends ExternalAuthService
         $openIdSettings = $this->loadOpenIdDetails();
         $settings = array_replace_recursive($settings, $openIdSettings, $overrides);
 
-        $signer = new \Lcobucci\JWT\Signer\Rsa\Sha256();
-        return new OpenIDConnectProvider($settings, ['signer' => $signer]);
+        // Setup services
+        $services = $this->loadOpenIdServices();
+        $overrides = $this->config['openid_services'] ?? [];
+
+        $services = array_replace_recursive($services, $overrides);
+
+        return new OpenIDConnectProvider($settings, $services);
+    }
+
+    /**
+     * Load services utilized by the OpenID Connect provider.
+     */
+    protected function loadOpenIdServices(): array
+    {
+        return [
+            'signer' => new \Lcobucci\JWT\Signer\Rsa\Sha256(),
+        ];
     }
 
     /**
-     * Load dynamic service provider options required by the onelogin toolkit.
+     * Load dynamic service provider options required by the OpenID Connect provider.
      */
     protected function loadOpenIdDetails(): array
     {
diff --git a/app/Config/openid.php b/app/Config/openid.php
index 2232ba7b2729f3df21bc6a9c381fa0012aa5b86c..20089518b7b05aa426df32b061afba57faf96899 100644 (file)
--- a/app/Config/openid.php
+++ b/app/Config/openid.php
@@ -18,6 +18,9 @@ return [
     // Overrides, in JSON format, to the configuration passed to underlying OpenIDConnectProvider library.
     'openid_overrides' => env('OPENID_OVERRIDES', null),
 
+    // Custom service instances, used by the underlying OpenIDConnectProvider library
+    'openid_services' => [],
+
     'openid' => [
         // OAuth2/OpenId client id, as configured in your Authorization server.
         'clientId'                => env('OPENID_CLIENT_ID', ''),
The core source code for the BookStack project.