mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 11:27:33 +00:00
feat: add github provider template (#5334)
Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
This commit is contained in:
Livio Spring
@@ -18,6 +18,7 @@ import (
|
||||
"github.com/zitadel/zitadel/internal/errors"
|
||||
"github.com/zitadel/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/zitadel/zitadel/internal/idp"
|
||||
"github.com/zitadel/zitadel/internal/idp/providers/github"
|
||||
"github.com/zitadel/zitadel/internal/idp/providers/google"
|
||||
"github.com/zitadel/zitadel/internal/idp/providers/jwt"
|
||||
"github.com/zitadel/zitadel/internal/idp/providers/oauth"
|
||||
@@ -141,12 +142,14 @@ func (l *Login) handleIDP(w http.ResponseWriter, r *http.Request, authReq *domai
|
||||
provider, err = l.oidcProvider(r.Context(), identityProvider)
|
||||
case domain.IDPTypeJWT:
|
||||
provider, err = l.jwtProvider(identityProvider)
|
||||
case domain.IDPTypeGitHub:
|
||||
provider, err = l.githubProvider(r.Context(), identityProvider)
|
||||
case domain.IDPTypeGitHubEnterprise:
|
||||
provider, err = l.githubEnterpriseProvider(r.Context(), identityProvider)
|
||||
case domain.IDPTypeGoogle:
|
||||
provider, err = l.googleProvider(r.Context(), identityProvider)
|
||||
case domain.IDPTypeLDAP,
|
||||
domain.IDPTypeAzureAD,
|
||||
domain.IDPTypeGitHub,
|
||||
domain.IDPTypeGitHubEE,
|
||||
domain.IDPTypeGitLab,
|
||||
domain.IDPTypeGitLabSelfHosted,
|
||||
domain.IDPTypeUnspecified:
|
||||
@@ -204,6 +207,20 @@ func (l *Login) handleExternalLoginCallback(w http.ResponseWriter, r *http.Reque
|
||||
return
|
||||
}
|
||||
session = &openid.Session{Provider: provider.(*openid.Provider), Code: data.Code}
|
||||
case domain.IDPTypeGitHub:
|
||||
provider, err = l.githubProvider(r.Context(), identityProvider)
|
||||
if err != nil {
|
||||
l.externalAuthFailed(w, r, authReq, nil, nil, err)
|
||||
return
|
||||
}
|
||||
session = &oauth.Session{Provider: provider.(*github.Provider).Provider, Code: data.Code}
|
||||
case domain.IDPTypeGitHubEnterprise:
|
||||
provider, err = l.githubEnterpriseProvider(r.Context(), identityProvider)
|
||||
if err != nil {
|
||||
l.externalAuthFailed(w, r, authReq, nil, nil, err)
|
||||
return
|
||||
}
|
||||
session = &oauth.Session{Provider: provider.(*github.Provider).Provider, Code: data.Code}
|
||||
case domain.IDPTypeGoogle:
|
||||
provider, err = l.googleProvider(r.Context(), identityProvider)
|
||||
if err != nil {
|
||||
@@ -214,8 +231,6 @@ func (l *Login) handleExternalLoginCallback(w http.ResponseWriter, r *http.Reque
|
||||
case domain.IDPTypeJWT,
|
||||
domain.IDPTypeLDAP,
|
||||
domain.IDPTypeAzureAD,
|
||||
domain.IDPTypeGitHub,
|
||||
domain.IDPTypeGitHubEE,
|
||||
domain.IDPTypeGitLab,
|
||||
domain.IDPTypeGitLabSelfHosted,
|
||||
domain.IDPTypeUnspecified:
|
||||
@@ -633,6 +648,36 @@ func (l *Login) oauthProvider(ctx context.Context, identityProvider *query.IDPTe
|
||||
)
|
||||
}
|
||||
|
||||
func (l *Login) githubProvider(ctx context.Context, identityProvider *query.IDPTemplate) (*github.Provider, error) {
|
||||
secret, err := crypto.DecryptString(identityProvider.GitHubIDPTemplate.ClientSecret, l.idpConfigAlg)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return github.New(
|
||||
identityProvider.GitHubIDPTemplate.ClientID,
|
||||
secret,
|
||||
l.baseURL(ctx)+EndpointExternalLoginCallback,
|
||||
identityProvider.GitHubIDPTemplate.Scopes,
|
||||
)
|
||||
}
|
||||
|
||||
func (l *Login) githubEnterpriseProvider(ctx context.Context, identityProvider *query.IDPTemplate) (*github.Provider, error) {
|
||||
secret, err := crypto.DecryptString(identityProvider.GitHubIDPTemplate.ClientSecret, l.idpConfigAlg)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return github.NewCustomURL(
|
||||
identityProvider.Name,
|
||||
identityProvider.GitHubIDPTemplate.ClientID,
|
||||
secret,
|
||||
l.baseURL(ctx)+EndpointExternalLoginCallback,
|
||||
identityProvider.GitHubEnterpriseIDPTemplate.AuthorizationEndpoint,
|
||||
identityProvider.GitHubEnterpriseIDPTemplate.TokenEndpoint,
|
||||
identityProvider.GitHubEnterpriseIDPTemplate.UserEndpoint,
|
||||
identityProvider.GitHubIDPTemplate.Scopes,
|
||||
)
|
||||
}
|
||||
|
||||
func (l *Login) appendUserGrants(ctx context.Context, userGrants []*domain.UserGrant, resourceOwner string) error {
|
||||
if len(userGrants) == 0 {
|
||||
return nil
|
||||
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 4.7 KiB |
BIN
internal/api/ui/login/static/resources/images/idp/github.png
Normal file
BIN
internal/api/ui/login/static/resources/images/idp/github.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 6.2 KiB |
@@ -3,6 +3,7 @@ $lgn-idp-padding: 0 1px;
|
||||
$lgn-idp-provider-name-line-height: 36px;
|
||||
$lgn-idp-border-radius: .5rem;
|
||||
$googlelogosource: '../../../images/idp/google';
|
||||
$githublogosource: '../../../images/idp/github';
|
||||
|
||||
@mixin lgn-idp-base {
|
||||
display: block;
|
||||
@@ -39,4 +40,16 @@ $googlelogosource: '../../../images/idp/google';
|
||||
border-radius: 5px;
|
||||
}
|
||||
}
|
||||
|
||||
&.github {
|
||||
span.logo {
|
||||
height: 46px;
|
||||
width: 46px;
|
||||
background-image: url($githublogosource + '.png');
|
||||
background-size: 25px;
|
||||
background-position: center;
|
||||
background-repeat: no-repeat;
|
||||
border-radius: 5px;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,6 +21,11 @@
|
||||
color: var(--zitadel-color-google-text);
|
||||
background-color: var(--zitadel-color-google-background);
|
||||
}
|
||||
|
||||
&.github {
|
||||
color: var(--zitadel-color-github-text);
|
||||
background-color: var(--zitadel-color-github-background);
|
||||
}
|
||||
}
|
||||
|
||||
.lgn-idp-providers {
|
||||
|
||||
@@ -113,6 +113,8 @@
|
||||
|
||||
--zitadel-color-google-text: #8b8d8d;
|
||||
--zitadel-color-google-background: #ffffff;
|
||||
--zitadel-color-github-text: #8b8d8d;
|
||||
--zitadel-color-github-background: #ffffff;
|
||||
|
||||
--zitadel-color-qr: var(--zitadel-color-black);
|
||||
--zitadel-color-qr-background: var(--zitadel-color-white);
|
||||
@@ -214,4 +216,6 @@
|
||||
|
||||
--zitadel-color-google-text: #8b8d8d;
|
||||
--zitadel-color-google-background: #ffffff;
|
||||
--zitadel-color-github-text: #8b8d8d;
|
||||
--zitadel-color-github-background: #ffffff;
|
||||
}
|
||||
|
||||
@@ -98,6 +98,8 @@
|
||||
--zitadel-logo-powered-by: url("../logo-dark.svg");
|
||||
--zitadel-color-google-text: #8b8d8d;
|
||||
--zitadel-color-google-background: #ffffff;
|
||||
--zitadel-color-github-text: #8b8d8d;
|
||||
--zitadel-color-github-background: #ffffff;
|
||||
--zitadel-color-qr: var(--zitadel-color-black);
|
||||
--zitadel-color-qr-background: var(--zitadel-color-white);
|
||||
}
|
||||
@@ -184,6 +186,8 @@
|
||||
--zitadel-logo-powered-by: url("../logo-light.svg");
|
||||
--zitadel-color-google-text: #8b8d8d;
|
||||
--zitadel-color-google-background: #ffffff;
|
||||
--zitadel-color-github-text: #8b8d8d;
|
||||
--zitadel-color-github-background: #ffffff;
|
||||
}
|
||||
|
||||
body {
|
||||
@@ -210,7 +214,7 @@ body.waiting * {
|
||||
footer {
|
||||
width: 100%;
|
||||
box-sizing: border-box;
|
||||
background: #00000020;
|
||||
background: rgba(0, 0, 0, 0.1254901961);
|
||||
min-height: 50px;
|
||||
display: flex;
|
||||
align-items: center;
|
||||
@@ -559,6 +563,15 @@ a.sub-formfield-link {
|
||||
background-repeat: no-repeat;
|
||||
border-radius: 5px;
|
||||
}
|
||||
.lgn-idp.github span.logo {
|
||||
height: 46px;
|
||||
width: 46px;
|
||||
background-image: url("../../../images/idp/github.png");
|
||||
background-size: 25px;
|
||||
background-position: center;
|
||||
background-repeat: no-repeat;
|
||||
border-radius: 5px;
|
||||
}
|
||||
|
||||
.lgn-error {
|
||||
display: flex;
|
||||
@@ -733,7 +746,7 @@ i {
|
||||
letter-spacing: 0.05em;
|
||||
font-size: 12px;
|
||||
white-space: nowrap;
|
||||
box-shadow: 0 0 3px #0000001a;
|
||||
box-shadow: 0 0 3px rgba(0, 0, 0, 0.1019607843);
|
||||
width: fit-content;
|
||||
line-height: 1rem;
|
||||
}
|
||||
@@ -1185,7 +1198,7 @@ i {
|
||||
footer {
|
||||
width: 100%;
|
||||
box-sizing: border-box;
|
||||
background: #00000020;
|
||||
background: rgba(0, 0, 0, 0.1254901961);
|
||||
min-height: 50px;
|
||||
display: flex;
|
||||
align-items: center;
|
||||
@@ -1534,6 +1547,15 @@ a.sub-formfield-link {
|
||||
background-repeat: no-repeat;
|
||||
border-radius: 5px;
|
||||
}
|
||||
.lgn-idp.github span.logo {
|
||||
height: 46px;
|
||||
width: 46px;
|
||||
background-image: url("../../../images/idp/github.png");
|
||||
background-size: 25px;
|
||||
background-position: center;
|
||||
background-repeat: no-repeat;
|
||||
border-radius: 5px;
|
||||
}
|
||||
|
||||
.lgn-error {
|
||||
display: flex;
|
||||
@@ -1708,7 +1730,7 @@ i {
|
||||
letter-spacing: 0.05em;
|
||||
font-size: 12px;
|
||||
white-space: nowrap;
|
||||
box-shadow: 0 0 3px #0000001a;
|
||||
box-shadow: 0 0 3px rgba(0, 0, 0, 0.1019607843);
|
||||
width: fit-content;
|
||||
line-height: 1rem;
|
||||
}
|
||||
@@ -3047,6 +3069,10 @@ ul li i.lgn-valid {
|
||||
color: var(--zitadel-color-google-text);
|
||||
background-color: var(--zitadel-color-google-background);
|
||||
}
|
||||
.lgn-idp.github {
|
||||
color: var(--zitadel-color-github-text);
|
||||
background-color: var(--zitadel-color-github-background);
|
||||
}
|
||||
|
||||
.lgn-idp-providers .lgn-idp-desc {
|
||||
color: var(--zitadel-color-label);
|
||||
|
||||
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user