ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-10-29 23:03:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Enforce token auth for odic config PUT call

Browse Source
This commit is contained in:
Samuel Oechsler
2024-10-30 20:35:01 +01:00
parent 7ef52d8ed4
commit 1a030a6ddd
4 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
backend/routes/oidc.js
View File

@@ -1,11 +1,11 @@
const crypto = require('crypto');
const error = require('../../lib/error');
const error = require('../lib/error');
const express = require('express');
const jwtdecode = require('../../lib/express/jwt-decode');
const logger = require('../../logger').oidc;
const jwtdecode = require('../lib/express/jwt-decode');
const logger = require('../logger').oidc;
const oidc = require('openid-client');
const settingModel = require('../../models/setting');
const internalToken = require('../../internal/token');
const settingModel = require('../models/setting');
const internalToken = require('../internal/token');
let router = express.Router({
caseSensitive: true,

5
backend/routes/settings.js
View File

@@ -72,13 +72,14 @@ router
})
.then((row) => {
if (row.id === 'oidc-config') {
// redact oidc configuration via api
// Redact oidc configuration via api (unauthenticated get call)
let m = row.meta;
row.meta = {
name: m.name,
enabled: m.enabled === true && !!(m.clientID && m.clientSecret && m.issuerURL && m.redirectURL && m.name)
};
// remove these temporary cookies used during oidc authentication
// Remove these temporary cookies used during oidc authentication
res.clearCookie('npm_oidc');
res.clearCookie('npm_oidc_error');
}