3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-03 09:58:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add new device_auth_client_type setting to allow attaching the client_secret to device auth requests

Browse source
This commit is contained in:
Joe Kralicky 2024-06-06 15:57:37 -04:00
parent fb7440a607
commit bd5ad2e909
No known key found for this signature in database
GPG key ID: 75C4875F34A9FB79
9 changed files with 1052 additions and 984 deletions
Download patch file Download diff file Expand all files Collapse all files

6
config/options.go
View file

@ -156,6 +156,11 @@ type Options struct {
ProviderURL string `mapstructure:"idp_provider_url" yaml:"idp_provider_url,omitempty"`
Scopes []string `mapstructure:"idp_scopes" yaml:"idp_scopes,omitempty"`
// Either "public" or "confidential". Defaults to "public".
// If set to "confidential", the client_secret will be used when requesting a
// device code for the device authorization grant type.
DeviceAuthClientType string `mapstructure:"device_auth_client_type" yaml:"device_auth_client_type,omitempty"`
// RequestParams are custom request params added to the signin request as
// part of an Oauth2 code flow.
//
@ -1471,6 +1476,7 @@ func (o *Options) ApplySettings(ctx context.Context, certsIndex *cryptutil.Certi
set(&o.ClientSecret, settings.IdpClientSecret)
set(&o.Provider, settings.IdpProvider)
set(&o.ProviderURL, settings.IdpProviderUrl)
set(&o.DeviceAuthClientType, settings.DeviceAuthClientType)
setSlice(&o.Scopes, settings.Scopes)
setMap(&o.RequestParams, settings.RequestParams)
setSlice(&o.AuthorizeURLStrings, settings.AuthorizeServiceUrls)