From 4512045cbfccbf872dfa8ab322aa62a86ccf5ca0 Mon Sep 17 00:00:00 2001 From: kolaente Date: Wed, 11 Dec 2024 16:25:41 +0100 Subject: [PATCH] fix: check if all required keys are available when parsing openid configuration Related to https://github.com/go-vikunja/vikunja/issues/371 --- pkg/modules/auth/openid/providers.go | 39 +++++++++++++++++++++------- 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/pkg/modules/auth/openid/providers.go b/pkg/modules/auth/openid/providers.go index bf496fdb3..0a1155883 100644 --- a/pkg/modules/auth/openid/providers.go +++ b/pkg/modules/auth/openid/providers.go @@ -17,6 +17,7 @@ package openid import ( + "fmt" "strconv" "code.vikunja.io/api/pkg/config" @@ -111,36 +112,54 @@ func GetProvider(key string) (provider *Provider, err error) { func getProviderFromMap(pi map[string]interface{}, key string) (provider *Provider, err error) { - for _, configKey := range []string{ - // Values from environment variables are evaluated at runtime, hence we need to check them explicitly - // through viper to make sure we catch all of them. + requiredKeys := []string{ "name", - "logouturl", - "scope", "authurl", "clientsecret", "clientid", - } { + } + + allKeys := append( + requiredKeys, + "logouturl", + "scope", + ) + + for _, configKey := range allKeys { valueFromFile := config.GetConfigValueFromFile("auth.openid.providers." + key + "." + configKey) if valueFromFile != "" { pi[configKey] = valueFromFile } } + for _, key := range requiredKeys { + if _, exists := pi[key]; !exists { + return nil, fmt.Errorf("required key '%s' is missing in the provider configuration", key) + } + } + name, is := pi["name"].(string) if !is { return nil, nil } - logoutURL, ok := pi["logouturl"].(string) - if !ok { - logoutURL = "" + var logoutURL string + logoutValue, exists := pi["logouturl"] + if exists { + url, ok := logoutValue.(string) + if ok { + logoutURL = url + } } - scope, _ := pi["scope"].(string) + var scope string + if scopeValue, exists := pi["scope"]; exists { + scope = scopeValue.(string) + } if scope == "" { scope = "openid profile email" } + provider = &Provider{ Name: name, Key: key,