Add field for custom authorization server ID
This commit is contained in:
parent
1bca3b3ca8
commit
56c184eff3
|
@ -8,5 +8,7 @@ $provider = $this->getParam('provider', '');
|
|||
<input name="clientSecret" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>ClientSecret" type="password" autocomplete="off" placeholder="Client Secret" />
|
||||
<label for="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Domain">Okta Domain<span class="tooltip" data-tooltip="Your Okta Domain (without 'https://')"><i class="icon-info-circled"></i></span></label>
|
||||
<input name="oktaDomain" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Domain" type="text" autocomplete="off" placeholder="dev-1337.okta.com" />
|
||||
<label for="oauth2<?php echo $this->escape(ucfirst($provider)); ?>AuthorizationServerId">Authorization Server ID<span class="tooltip" data-tooltip="Authorization Server ID for custom authorization servers"><i class="icon-info-circled"></i></span></label>
|
||||
<input name="authorizationServerId" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>AuthorizationServerId" type="text" autocomplete="off" placeholder="default" />
|
||||
<?php /*Hidden input for the final secret. Gets filled with a JSON via JS. */ ?>
|
||||
<input name="secret" data-forms-oauth-custom="<?php echo $this->escape(ucfirst($provider)); ?>" id="oauth2<?php echo $this->escape(ucfirst($provider)); ?>Secret" type="hidden" autocomplete="off" data-ls-bind="{{console-project.provider<?php echo $this->escape(ucfirst($provider)); ?>Secret}}" />
|
|
@ -19,7 +19,8 @@
|
|||
},
|
||||
"Okta": {
|
||||
"clientSecret": "oauth2OktaClientSecret",
|
||||
"oktaDomain": "oauth2OktaDomain"
|
||||
"oktaDomain": "oauth2OktaDomain",
|
||||
"authorizationServerId": "oauth2OktaAuthorizationServerId"
|
||||
}
|
||||
}
|
||||
let provider = element.getAttribute("data-forms-oauth-custom");
|
||||
|
|
|
@ -42,7 +42,7 @@ class Okta extends OAuth2
|
|||
*/
|
||||
public function getLoginURL(): string
|
||||
{
|
||||
return 'https://'.$this->getOktaDomain().'/oauth2/default/v1/authorize?'.\http_build_query([
|
||||
return 'https://'.$this->getOktaDomain().'/oauth2/'.$this->getAuthorizationServerId().'/v1/authorize?'.\http_build_query([
|
||||
'client_id' => $this->appID,
|
||||
'redirect_uri' => $this->callback,
|
||||
'state'=> \json_encode($this->state),
|
||||
|
@ -62,7 +62,7 @@ class Okta extends OAuth2
|
|||
$headers = ['Content-Type: application/x-www-form-urlencoded'];
|
||||
$this->tokens = \json_decode($this->request(
|
||||
'POST',
|
||||
'https://'.$this->getOktaDomain().'/oauth2/default/v1/token',
|
||||
'https://'.$this->getOktaDomain().'/oauth2/'.$this->getAuthorizationServerId().'/v1/token',
|
||||
$headers,
|
||||
\http_build_query([
|
||||
'code' => $code,
|
||||
|
@ -89,7 +89,7 @@ class Okta extends OAuth2
|
|||
$headers = ['Content-Type: application/x-www-form-urlencoded'];
|
||||
$this->tokens = \json_decode($this->request(
|
||||
'POST',
|
||||
'https://'.$this->getOktaDomain().'/oauth2/default/v1/token',
|
||||
'https://'.$this->getOktaDomain().'/oauth2/'.$this->getAuthorizationServerId().'/v1/token',
|
||||
$headers,
|
||||
\http_build_query([
|
||||
'refresh_token' => $refreshToken,
|
||||
|
@ -163,7 +163,7 @@ class Okta extends OAuth2
|
|||
{
|
||||
if (empty($this->user)) {
|
||||
$headers = ['Authorization: Bearer '. \urlencode($accessToken)];
|
||||
$user = $this->request('GET', 'https://'.$this->getOktaDomain().'/oauth2/default/v1/userinfo', $headers);
|
||||
$user = $this->request('GET', 'https://'.$this->getOktaDomain().'/oauth2/'.$this->getAuthorizationServerId().'/v1/userinfo', $headers);
|
||||
$this->user = \json_decode($user, true);
|
||||
}
|
||||
|
||||
|
@ -193,6 +193,17 @@ class Okta extends OAuth2
|
|||
return (isset($secret['oktaDomain'])) ? $secret['oktaDomain'] : '';
|
||||
}
|
||||
|
||||
/**
|
||||
* Extracts the Okta Authorization Server ID from the JSON stored in appSecret
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function getAuthorizationServerId(): string
|
||||
{
|
||||
$secret = $this->getAppSecret();
|
||||
return (isset($secret['authorizationServerId'])) ? $secret['authorizationServerId'] : 'default';
|
||||
}
|
||||
|
||||
/**
|
||||
* Decode the JSON stored in appSecret
|
||||
*
|
||||
|
|
Loading…
Reference in a new issue