mirror of
https://github.com/fosrl/pangolin.git
synced 2025-12-05 19:17:29 -06:00
Use IDP ID instead of IDP name for auto-login-idp
Co-authored-by: oschwartz10612 <4999704+oschwartz10612@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
@@ -31,7 +31,7 @@ proxy-resources:
|
||||
# - owen@pangolin.net
|
||||
# whitelist-users:
|
||||
# - owen@pangolin.net
|
||||
# auto-login-idp: My IDP Name
|
||||
# auto-login-idp: 1
|
||||
headers:
|
||||
- name: X-Example-Header
|
||||
value: example-value
|
||||
|
||||
@@ -14,9 +14,7 @@ import {
|
||||
Transaction,
|
||||
userOrgs,
|
||||
userResources,
|
||||
users,
|
||||
idp,
|
||||
idpOrg
|
||||
users
|
||||
} from "@server/db";
|
||||
import { resources, targets, sites } from "@server/db";
|
||||
import { eq, and, asc, or, ne, count, isNotNull } from "drizzle-orm";
|
||||
@@ -210,16 +208,6 @@ export async function updateProxyResources(
|
||||
);
|
||||
resource = existingResource;
|
||||
} else {
|
||||
// Lookup IDP ID if auto-login-idp is specified
|
||||
let skipToIdpId: number | null = null;
|
||||
if (resourceData.auth?.["auto-login-idp"]) {
|
||||
skipToIdpId = await getIdpIdByName(
|
||||
orgId,
|
||||
resourceData.auth["auto-login-idp"],
|
||||
trx
|
||||
);
|
||||
}
|
||||
|
||||
// Update existing resource
|
||||
[resource] = await trx
|
||||
.update(resources)
|
||||
@@ -233,7 +221,7 @@ export async function updateProxyResources(
|
||||
domainId: domain ? domain.domainId : null,
|
||||
enabled: resourceEnabled,
|
||||
sso: resourceData.auth?.["sso-enabled"] || false,
|
||||
skipToIdpId: skipToIdpId,
|
||||
skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
|
||||
ssl: resourceSsl,
|
||||
setHostHeader: resourceData["host-header"] || null,
|
||||
tlsServerName: resourceData["tls-server-name"] || null,
|
||||
@@ -608,16 +596,6 @@ export async function updateProxyResources(
|
||||
);
|
||||
}
|
||||
|
||||
// Lookup IDP ID if auto-login-idp is specified
|
||||
let skipToIdpId: number | null = null;
|
||||
if (resourceData.auth?.["auto-login-idp"]) {
|
||||
skipToIdpId = await getIdpIdByName(
|
||||
orgId,
|
||||
resourceData.auth["auto-login-idp"],
|
||||
trx
|
||||
);
|
||||
}
|
||||
|
||||
// Create new resource
|
||||
const [newResource] = await trx
|
||||
.insert(resources)
|
||||
@@ -633,7 +611,7 @@ export async function updateProxyResources(
|
||||
domainId: domain ? domain.domainId : null,
|
||||
enabled: resourceEnabled,
|
||||
sso: resourceData.auth?.["sso-enabled"] || false,
|
||||
skipToIdpId: skipToIdpId,
|
||||
skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
|
||||
setHostHeader: resourceData["host-header"] || null,
|
||||
tlsServerName: resourceData["tls-server-name"] || null,
|
||||
ssl: resourceSsl,
|
||||
@@ -1108,22 +1086,3 @@ async function getDomainId(
|
||||
domainId: domainSelection.domainId
|
||||
};
|
||||
}
|
||||
|
||||
async function getIdpIdByName(
|
||||
orgId: string,
|
||||
idpName: string,
|
||||
trx: Transaction
|
||||
): Promise<number | null> {
|
||||
const [idpResult] = await trx
|
||||
.select({ idpId: idp.idpId })
|
||||
.from(idp)
|
||||
.innerJoin(idpOrg, eq(idp.idpId, idpOrg.idpId))
|
||||
.where(and(eq(idp.name, idpName), eq(idpOrg.orgId, orgId)))
|
||||
.limit(1);
|
||||
|
||||
if (!idpResult) {
|
||||
throw new Error(`IDP not found: ${idpName} in org ${orgId}`);
|
||||
}
|
||||
|
||||
return idpResult.idpId;
|
||||
}
|
||||
|
||||
@@ -59,7 +59,7 @@ export const AuthSchema = z.object({
|
||||
}),
|
||||
"sso-users": z.array(z.string().email()).optional().default([]),
|
||||
"whitelist-users": z.array(z.string().email()).optional().default([]),
|
||||
"auto-login-idp": z.string().min(1).optional(),
|
||||
"auto-login-idp": z.number().int().positive().optional(),
|
||||
});
|
||||
|
||||
export const RuleSchema = z.object({
|
||||
|
||||
Reference in New Issue
Block a user