eyjhb/headscale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

use go-oidc instead of verifying and extracting tokens ourselves, rename oidc_endpoint to oidc_issuer to be more inline with spec

Browse source
This commit is contained in:
Raal Goff 2021-10-06 17:19:15 +08:00
parent 0393ab524c
commit c487591437
7 changed files with 69 additions and 185 deletions
Download patch file Download diff file Expand all files Collapse all files

4
api.go
View file

@ -134,7 +134,7 @@ func (h *Headscale) RegistrationHandler(c *gin.Context) {
Str("machine", m.Name).
Msg("Not registered and not NodeKey rotation. Sending a authurl to register")
if h.cfg.OIDCEndpoint != "" {
if h.cfg.OIDCIssuer != "" {
resp.AuthURL = fmt.Sprintf("%s/oidc/register/%s", h.cfg.ServerURL, mKey.HexString())
} else {
resp.AuthURL = fmt.Sprintf("%s/register?key=%s",
@ -204,7 +204,7 @@ func (h *Headscale) RegistrationHandler(c *gin.Context) {
Str("handler", "Registration").
Str("machine", m.Name).
Msg("The node is sending us a new NodeKey, sending auth url")
if h.cfg.OIDCEndpoint != "" {
if h.cfg.OIDCIssuer != "" {
resp.AuthURL = fmt.Sprintf("%s/oidc/register/%s", h.cfg.ServerURL, mKey.HexString())
} else {
resp.AuthURL = fmt.Sprintf("%s/register?key=%s",