Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat: Allow hiding password auth, changing OpenID Connect text and OpenID Connect icon#5101

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
Merged
Show file tree
Hide file tree
Changes fromall commits
Commits
Show all changes
24 commits
Select commitHold shift + click to select a range
3addcaf
Allow hiding password entry, changing OpenID Connect text and OpenID …
normana10Nov 16, 2022
40bc156
Docs
normana10Nov 16, 2022
0f4a40e
Cleaning
normana10Nov 16, 2022
90d900c
Fix Prettier and Go test and TS compile error
normana10Nov 16, 2022
97b5019
Fix LoginPage test
normana10Nov 16, 2022
8019ec7
Prettier
normana10Nov 16, 2022
97d9d46
Fix storybook
normana10Nov 16, 2022
0858ad0
Add query param to un-hide password auth
normana10Nov 24, 2022
f13df97
Merge branch 'main' into configurable-openid-connect-text
normana10Dec 6, 2022
6afca64
Cleaning
normana10Dec 6, 2022
410fc98
Merge branch 'main' into configurable-openid-connect-text
normana10Dec 14, 2022
e9a91cb
Merge branch 'main' into configurable-openid-connect-text
normana10Jan 16, 2023
fc12496
Hide password by default when OIDC enabled
normana10Jan 17, 2023
9480f8e
Ran prettier, updated goldenfiles and ran "make gen"
normana10Jan 17, 2023
475b2bf
Fixed and added LoginPage test
normana10Jan 17, 2023
77b230c
Ran prettier
normana10Jan 17, 2023
77f0fb2
PR Feedback and split up SignInForm.tsx
normana10Jan 20, 2023
1ed7911
Updated golden files
normana10Jan 20, 2023
e31a37e
Fix auto-genned-files
normana10Jan 23, 2023
9207175
make gen -B
normana10Jan 26, 2023
201d424
Revert provisioner files?
normana10Jan 26, 2023
8333256
Merge branch 'main' into configurable-openid-connect-text
normana10Jan 30, 2023
7ce525e
Fix lint error
normana10Jan 30, 2023
3d5ec00
Merge branch 'main' into configurable-openid-connect-text
kylecarbsJan 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletionscli/deployment/config.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -254,6 +254,17 @@ func newConfig() *codersdk.DeploymentConfig {
Flag: "oidc-username-field",
Default: "preferred_username",
},
SignInText: &codersdk.DeploymentConfigField[string]{
Name: "OpenID Connect sign in text",
Usage: "The text to show on the OpenID Connect sign in button",
Flag: "oidc-sign-in-text",
Default: "OpenID Connect",
},
IconURL: &codersdk.DeploymentConfigField[string]{
Name: "OpenID connect icon URL",
Usage: "URL pointing to the icon to use on the OepnID Connect login button",
Flag: "oidc-icon-url",
},
},

Telemetry: &codersdk.TelemetryConfig{
Expand Down
2 changes: 2 additions & 0 deletionscli/server.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -552,6 +552,8 @@ func Server(vip *viper.Viper, newAPI func(context.Context, *coderd.Options) (*co
EmailDomain: cfg.OIDC.EmailDomain.Value,
AllowSignups: cfg.OIDC.AllowSignups.Value,
UsernameField: cfg.OIDC.UsernameField.Value,
SignInText: cfg.OIDC.SignInText.Value,
IconURL: cfg.OIDC.IconURL.Value,
}
}

Expand Down
7 changes: 7 additions & 0 deletionscli/testdata/coder_server_--help.golden
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -148,6 +148,9 @@ Flags:
--oidc-email-domain strings Email domains that clients logging in
with OIDC must match.
Consumes $CODER_OIDC_EMAIL_DOMAIN
--oidc-icon-url string URL pointing to the icon to use on the
OepnID Connect login button
Consumes $CODER_OIDC_ICON_URL
--oidc-ignore-email-verified Ignore the email_verified claim from the
upstream provider.
Consumes $CODER_OIDC_IGNORE_EMAIL_VERIFIED
Expand All@@ -157,6 +160,10 @@ Flags:
OIDC.
Consumes $CODER_OIDC_SCOPES (default
[openid,profile,email])
--oidc-sign-in-text string The text to show on the OpenID Connect
sign in button
Consumes $CODER_OIDC_SIGN_IN_TEXT
(default "OpenID Connect")
--oidc-username-field string OIDC claim field to use as the username.
Consumes $CODER_OIDC_USERNAME_FIELD
(default "preferred_username")
Expand Down
34 changes: 31 additions & 3 deletionscoderd/apidoc/docs.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.

34 changes: 31 additions & 3 deletionscoderd/apidoc/swagger.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.

24 changes: 21 additions & 3 deletionscoderd/userauth.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -51,10 +51,24 @@ type GithubOAuth2Config struct {
// @Success 200 {object} codersdk.AuthMethods
// @Router /users/authmethods [get]
func (api *API) userAuthMethods(rw http.ResponseWriter, r *http.Request) {
var signInText string
var iconURL string

if api.OIDCConfig != nil {
signInText = api.OIDCConfig.SignInText
}
if api.OIDCConfig != nil {
iconURL = api.OIDCConfig.IconURL
}

httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.AuthMethods{
Password: true,
Github: api.GithubOAuth2Config != nil,
OIDC: api.OIDCConfig != nil,
Password: codersdk.AuthMethod{Enabled: true},
Github: codersdk.AuthMethod{Enabled: api.GithubOAuth2Config != nil},
OIDC: codersdk.OIDCAuthMethod{
AuthMethod: codersdk.AuthMethod{Enabled: api.OIDCConfig != nil},
SignInText: signInText,
IconURL: iconURL,
},
})
}

Expand DownExpand Up@@ -215,6 +229,10 @@ type OIDCConfig struct {
// UsernameField selects the claim field to be used as the created user's
// username.
UsernameField string
// SignInText is the text to display on the OIDC login button
SignInText string
// IconURL points to the URL of an icon to display on the OIDC login button
IconURL string
}

// @Summary OpenID Connect Callback
Expand Down
8 changes: 4 additions & 4 deletionscoderd/userauth_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -77,8 +77,8 @@ func TestUserAuthMethods(t *testing.T) {

methods, err := client.AuthMethods(ctx)
require.NoError(t, err)
require.True(t, methods.Password)
require.False(t, methods.Github)
require.True(t, methods.Password.Enabled)
require.False(t, methods.Github.Enabled)
})
t.Run("Github", func(t *testing.T) {
t.Parallel()
Expand All@@ -91,8 +91,8 @@ func TestUserAuthMethods(t *testing.T) {

methods, err := client.AuthMethods(ctx)
require.NoError(t, err)
require.True(t, methods.Password)
require.True(t, methods.Github)
require.True(t, methods.Password.Enabled)
require.True(t, methods.Github.Enabled)
})
}

Expand Down
2 changes: 2 additions & 0 deletionscodersdk/deployment.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -200,6 +200,8 @@ type OIDCConfig struct {
Scopes *DeploymentConfigField[[]string] `json:"scopes" typescript:",notnull"`
IgnoreEmailVerified *DeploymentConfigField[bool] `json:"ignore_email_verified" typescript:",notnull"`
UsernameField *DeploymentConfigField[string] `json:"username_field" typescript:",notnull"`
SignInText *DeploymentConfigField[string] `json:"sign_in_text" typescript:",notnull"`
IconURL *DeploymentConfigField[string] `json:"icon_url" typescript:",notnull"`
}

type TelemetryConfig struct {
Expand Down
18 changes: 14 additions & 4 deletionscodersdk/users.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -105,11 +105,21 @@ type CreateOrganizationRequest struct {
Name string `json:"name" validate:"required,username"`
}

// AuthMethods containswhetherauthenticationtypesare enabled or not.
// AuthMethods contains authenticationmethod information like whether theyare enabled or not or custom text, etc.
type AuthMethods struct {
Password bool `json:"password"`
Github bool `json:"github"`
OIDC bool `json:"oidc"`
Password AuthMethod `json:"password"`
Github AuthMethod `json:"github"`
OIDC OIDCAuthMethod `json:"oidc"`
}

type AuthMethod struct {
Enabled bool `json:"enabled"`
}

type OIDCAuthMethod struct {
AuthMethod
SignInText string `json:"signInText"`
IconURL string `json:"iconUrl"`
}

// HasFirstUser returns whether the first user has been created.
Expand Down
7 changes: 7 additions & 0 deletionsdocs/admin/auth.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -131,6 +131,13 @@ CODER_OIDC_IGNORE_EMAIL_VERIFIED=true

When a new user is created, the `preferred_username` claim becomes the username. If this claim is empty, the email address will be stripped of the domain, and become the username (e.g. `example@coder.com` becomes `example`).

If you'd like to change the OpenID Connect button text and/or icon, you can configure them like so:

```console
CODER_OIDC_SIGN_IN_TEXT="Sign in with Gitea"
CODER_OIDC_ICON_URL=https://gitea.io/images/gitea.png
```

## SCIM (enterprise)

Coder supports user provisioning and deprovisioning via SCIM 2.0 with header
Expand Down
22 changes: 22 additions & 0 deletionsdocs/api/general.md
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -562,6 +562,17 @@ curl -X GET http://coder-server:8080/api/v2/config/deployment \
"usage": "string",
"value": ["string"]
},
"icon_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"ignore_email_verified": {
"default": true,
"enterprise": true,
Expand DownExpand Up@@ -595,6 +606,17 @@ curl -X GET http://coder-server:8080/api/v2/config/deployment \
"usage": "string",
"value": ["string"]
},
"sign_in_text": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"username_field": {
"default": "string",
"enterprise": true,
Expand Down
Loading
[8]ページ先頭
©2009-2025 Movatter.jp