3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-24 20:18:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

azure: support deriving credentials from client id, client secret and provider url (#1300)

Browse source
This commit is contained in:
Caleb Doxsey 2020-08-18 10:17:28 -06:00 committed by GitHub
parent 882b6b54ee
commit c4c8ef8e53
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 104 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

5
config/options.go
View file

@ -632,8 +632,9 @@ func (o *Options) Validate() error {
}
// if no service account was defined, there should not be any policies that
// assert group membership
if o.ServiceAccount == "" {
// assert group membership (except for azure which can be derived from the client
// id, secret and provider url)
if o.ServiceAccount == "" && o.Provider != "azure" {
for _, p := range o.Policies {
if len(p.AllowedGroups) != 0 {
return fmt.Errorf("config: `allowed_groups` requires `idp_service_account`")