|
|
@@ -63,23 +63,23 @@ func NewOAuthService() {
|
|
|
for _, name := range allOauthes {
|
|
|
sec := setting.Raw.Section("auth." + name)
|
|
|
info := &setting.OAuthInfo{
|
|
|
- ClientId: sec.Key("client_id").String(),
|
|
|
- ClientSecret: sec.Key("client_secret").String(),
|
|
|
- Scopes: util.SplitString(sec.Key("scopes").String()),
|
|
|
- AuthUrl: sec.Key("auth_url").String(),
|
|
|
- TokenUrl: sec.Key("token_url").String(),
|
|
|
- ApiUrl: sec.Key("api_url").String(),
|
|
|
- Enabled: sec.Key("enabled").MustBool(),
|
|
|
- EmailAttributeName: sec.Key("email_attribute_name").String(),
|
|
|
- AllowedDomains: util.SplitString(sec.Key("allowed_domains").String()),
|
|
|
- HostedDomain: sec.Key("hosted_domain").String(),
|
|
|
- AllowSignup: sec.Key("allow_sign_up").MustBool(),
|
|
|
- Name: sec.Key("name").MustString(name),
|
|
|
- TlsClientCert: sec.Key("tls_client_cert").String(),
|
|
|
- TlsClientKey: sec.Key("tls_client_key").String(),
|
|
|
- TlsClientCa: sec.Key("tls_client_ca").String(),
|
|
|
- TlsSkipVerify: sec.Key("tls_skip_verify_insecure").MustBool(),
|
|
|
- BrokenAuthHeaderProvider: sec.Key("send_client_credentials_via_post").MustBool(),
|
|
|
+ ClientId: sec.Key("client_id").String(),
|
|
|
+ ClientSecret: sec.Key("client_secret").String(),
|
|
|
+ Scopes: util.SplitString(sec.Key("scopes").String()),
|
|
|
+ AuthUrl: sec.Key("auth_url").String(),
|
|
|
+ TokenUrl: sec.Key("token_url").String(),
|
|
|
+ ApiUrl: sec.Key("api_url").String(),
|
|
|
+ Enabled: sec.Key("enabled").MustBool(),
|
|
|
+ EmailAttributeName: sec.Key("email_attribute_name").String(),
|
|
|
+ AllowedDomains: util.SplitString(sec.Key("allowed_domains").String()),
|
|
|
+ HostedDomain: sec.Key("hosted_domain").String(),
|
|
|
+ AllowSignup: sec.Key("allow_sign_up").MustBool(),
|
|
|
+ Name: sec.Key("name").MustString(name),
|
|
|
+ TlsClientCert: sec.Key("tls_client_cert").String(),
|
|
|
+ TlsClientKey: sec.Key("tls_client_key").String(),
|
|
|
+ TlsClientCa: sec.Key("tls_client_ca").String(),
|
|
|
+ TlsSkipVerify: sec.Key("tls_skip_verify_insecure").MustBool(),
|
|
|
+ SendClientCredentialsViaPost: sec.Key("send_client_credentials_via_post").MustBool(),
|
|
|
}
|
|
|
|
|
|
if !info.Enabled {
|
|
|
@@ -87,7 +87,7 @@ func NewOAuthService() {
|
|
|
}
|
|
|
|
|
|
// handle the clients that do not properly support Basic auth headers and require passing client_id/client_secret via POST payload
|
|
|
- if info.BrokenAuthHeaderProvider {
|
|
|
+ if info.SendClientCredentialsViaPost {
|
|
|
oauth2.RegisterBrokenAuthHeaderProvider(info.TokenUrl)
|
|
|
}
|
|
|
|
Tomas Dabasinskas