feat(sso): add custom extra scope support (#7577)
This commit is contained in:
@ -4,13 +4,14 @@ import (
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/Xhofe/go-cache"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"path"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Xhofe/go-cache"
|
||||
|
||||
"github.com/alist-org/alist/v3/internal/conf"
|
||||
"github.com/alist-org/alist/v3/internal/db"
|
||||
"github.com/alist-org/alist/v3/internal/model"
|
||||
@ -123,6 +124,10 @@ func GetOIDCClient(c *gin.Context, useCompatibility bool, redirectUri, method st
|
||||
}
|
||||
clientId := setting.GetStr(conf.SSOClientId)
|
||||
clientSecret := setting.GetStr(conf.SSOClientSecret)
|
||||
extraScopes := []string{}
|
||||
if setting.GetStr(conf.SSOExtraScopes) != "" {
|
||||
extraScopes = strings.Split(setting.GetStr(conf.SSOExtraScopes), " ")
|
||||
}
|
||||
return &oauth2.Config{
|
||||
ClientID: clientId,
|
||||
ClientSecret: clientSecret,
|
||||
@ -132,7 +137,7 @@ func GetOIDCClient(c *gin.Context, useCompatibility bool, redirectUri, method st
|
||||
Endpoint: provider.Endpoint(),
|
||||
|
||||
// "openid" is a required scope for OpenID Connect flows.
|
||||
Scopes: []string{oidc.ScopeOpenID, "profile"},
|
||||
Scopes: append([]string{oidc.ScopeOpenID, "profile"}, extraScopes...),
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user