[server][auth][openid] Change config structure

2026-01-03 18:20:53 -06:00 · 2025-06-29 01:07:21 +05:30
parent 1f618e4add
commit b128f5ec38
5 changed files with 17 additions and 12 deletions
--- a/server/internal/auth/auth.go
+++ b/server/internal/auth/auth.go
@@ -54,7 +54,7 @@ func Init(cfg Config, log zerolog.Logger) error {
 		return errors.New("password backend not recognized: " + cfg.Password.Backend)
 	}

-	return openid.Init(cfg.OpenIDProviders, log)
+	return openid.Init(cfg.OpenID, log)
 }

 func generateRandomString(n int) string {
--- a/server/internal/auth/conifg.go
+++ b/server/internal/auth/conifg.go
@@ -7,9 +7,9 @@ import (
 )

 type Config struct {
-	AutoCreateDomains []string              `koanf:"auto_create_domains"`
-	Password          PasswordConfig        `koanf:"password"`
-	OpenIDProviders   []openid.ClientConfig `koanf:"openid_providers"`
+	AutoCreateDomains []string       `koanf:"auto_create_domains"`
+	Password          PasswordConfig `koanf:"password"`
+	OpenID            openid.Config  `koanf:"openid"`
 }

 type PasswordConfig struct {
--- a/server/internal/auth/openid/config.go
+++ b/server/internal/auth/openid/config.go
@@ -1,5 +1,9 @@
 package openid

+type Config struct {
+	Clients []ClientConfig `koanf:"clients"`
+}
+
 type ClientConfig struct {
 	ID           string `koanf:"id"`
 	Name         string `koanf:"name"`
--- a/server/internal/auth/openid/openid.go
+++ b/server/internal/auth/openid/openid.go
@@ -23,9 +23,9 @@ type Provider struct {

 var log zerolog.Logger

-func Init(cfg []ClientConfig, l zerolog.Logger) error {
+func Init(cfg Config, l zerolog.Logger) error {
 	log = l.With().Str("c", "auth.openid").Logger()
-	for _, c := range cfg {
+	for _, c := range cfg.Clients {
 		clients[c.ID] = c
 		if _, err := getProviderConfig(c.IssuerURL); err != nil {
 			log.Warn().Err(err).Str("id", c.ID).Str("issuer_url", c.IssuerURL).Msg("Unable to get OpenID config")
--- a/server/internal/command/config.defaults.yml
+++ b/server/internal/command/config.defaults.yml
@@ -47,12 +47,13 @@ auth:
        bind_password: 
        base_dn:
        filter_template:
-  # openid_providers:
-  #   - id: google
-  #     name: Google
-  #     issuer_url: https://accounts.google.com
-  #     client_id:
-  #     client_secret:
+  # openid:
+  #   clients:
+  #     - id: google
+  #       name: Google
+  #       issuer_url: https://accounts.google.com
+  #       client_id:
+  #       client_secret:

      
 jobs: