feat(sso): add custom extra scope support (#7577)

This commit is contained in:
Joseph Chris
2024-12-09 07:33:46 -08:00
committed by GitHub
parent aa45a82914
commit 088120df82
3 changed files with 9 additions and 2 deletions

View File

@ -4,13 +4,14 @@ import (
"encoding/base64"
"errors"
"fmt"
"github.com/Xhofe/go-cache"
"net/http"
"net/url"
"path"
"strings"
"time"
"github.com/Xhofe/go-cache"
"github.com/alist-org/alist/v3/internal/conf"
"github.com/alist-org/alist/v3/internal/db"
"github.com/alist-org/alist/v3/internal/model"
@ -123,6 +124,10 @@ func GetOIDCClient(c *gin.Context, useCompatibility bool, redirectUri, method st
}
clientId := setting.GetStr(conf.SSOClientId)
clientSecret := setting.GetStr(conf.SSOClientSecret)
extraScopes := []string{}
if setting.GetStr(conf.SSOExtraScopes) != "" {
extraScopes = strings.Split(setting.GetStr(conf.SSOExtraScopes), " ")
}
return &oauth2.Config{
ClientID: clientId,
ClientSecret: clientSecret,
@ -132,7 +137,7 @@ func GetOIDCClient(c *gin.Context, useCompatibility bool, redirectUri, method st
Endpoint: provider.Endpoint(),
// "openid" is a required scope for OpenID Connect flows.
Scopes: []string{oidc.ScopeOpenID, "profile"},
Scopes: append([]string{oidc.ScopeOpenID, "profile"}, extraScopes...),
}, nil
}