Skip to content

Commit

Permalink
feat: add oidc-issuer-url-override flag
Browse files Browse the repository at this point in the history
Signed-off-by: kahirokunn <[email protected]>
  • Loading branch information
kahirokunn committed Apr 4, 2024
1 parent c088abb commit 02f6410
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 10 deletions.
13 changes: 8 additions & 5 deletions pkg/cmd/get_token.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
// getTokenOptions represents the options for get-token command.
type getTokenOptions struct {
IssuerURL string
IssuerURLOverride string
ClientID string
ClientSecret string
ExtraScopes []string
Expand All @@ -26,6 +27,7 @@ type getTokenOptions struct {

func (o *getTokenOptions) addFlags(f *pflag.FlagSet) {
f.StringVar(&o.IssuerURL, "oidc-issuer-url", "", "Issuer URL of the provider (mandatory)")
f.StringVar(&o.IssuerURLOverride, "oidc-issuer-url-override", "", "Override Issuer URL")
f.StringVar(&o.ClientID, "oidc-client-id", "", "Client ID of the provider (mandatory)")
f.StringVar(&o.ClientSecret, "oidc-client-secret", "", "Client secret of the provider")
f.StringSliceVar(&o.ExtraScopes, "oidc-extra-scope", nil, "Scopes to request to the provider")
Expand Down Expand Up @@ -75,11 +77,12 @@ func (cmd *GetToken) New() *cobra.Command {
}
in := credentialplugin.Input{
Provider: oidc.Provider{
IssuerURL: o.IssuerURL,
ClientID: o.ClientID,
ClientSecret: o.ClientSecret,
UsePKCE: o.UsePKCE,
ExtraScopes: o.ExtraScopes,
IssuerURL: o.IssuerURL,
IssuerURLOverride: o.IssuerURLOverride,
ClientID: o.ClientID,
ClientSecret: o.ClientSecret,
UsePKCE: o.UsePKCE,
ExtraScopes: o.ExtraScopes,
},
TokenCacheDir: o.TokenCacheDir,
GrantOptionSet: grantOptionSet,
Expand Down
5 changes: 5 additions & 0 deletions pkg/oidc/client/factory.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,11 @@ func (f *Factory) New(ctx context.Context, p oidc.Provider, tlsClientConfig tlsc
}

ctx = context.WithValue(ctx, oauth2.HTTPClient, httpClient)

if p.IssuerURLOverride != "" {
ctx = gooidc.InsecureIssuerURLContext(ctx, p.IssuerURLOverride)
}

provider, err := gooidc.NewProvider(ctx, p.IssuerURL)
if err != nil {
return nil, fmt.Errorf("oidc discovery error: %w", err)
Expand Down
11 changes: 6 additions & 5 deletions pkg/oidc/oidc.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,12 @@ import (

// Provider represents an OIDC provider.
type Provider struct {
IssuerURL string
ClientID string
ClientSecret string // optional
ExtraScopes []string // optional
UsePKCE bool // optional
IssuerURL string
IssuerURLOverride string // optional
ClientID string
ClientSecret string // optional
ExtraScopes []string // optional
UsePKCE bool // optional
}

// TokenSet represents a set of ID token and refresh token.
Expand Down

0 comments on commit 02f6410

Please sign in to comment.