Enable allowed_domains in oauth and oidc providers (#416)

* Enable allowed_domains in oauth and oidc providers Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co> * Domain check code cleanup * Run gofmt on domain validation code --------- Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>
2025-09-15 07:11:15 +00:00 · 2025-05-05 18:26:19 +02:00
parent d8a57edef9
commit 3eb84f0ee9
4 changed files with 41 additions and 0 deletions
--- a/internal/app/auth/auth_oauth.go
+++ b/internal/app/auth/auth_oauth.go
@@ -27,6 +27,7 @@ type PlainOauthAuthenticator struct {
 	userAdminMapping    *config.OauthAdminMapping
 	registrationEnabled bool
 	userInfoLogging     bool
+	allowedDomains      []string
 }

 func newPlainOauthAuthenticator(
@@ -56,6 +57,7 @@ func newPlainOauthAuthenticator(
 	provider.userAdminMapping = &cfg.AdminMapping
 	provider.registrationEnabled = cfg.RegistrationEnabled
 	provider.userInfoLogging = cfg.LogUserInfo
+	provider.allowedDomains = cfg.AllowedDomains

 	return provider, nil
 }
@@ -65,6 +67,10 @@ func (p PlainOauthAuthenticator) GetName() string {
 	return p.name
 }

+func (p PlainOauthAuthenticator) GetAllowedDomains() []string {
+	return p.allowedDomains
+}
+
 // RegistrationEnabled returns whether registration is enabled for the OAuth authenticator.
 func (p PlainOauthAuthenticator) RegistrationEnabled() bool {
 	return p.registrationEnabled