Configurable OpenID Connect services

This commit is contained in:
Jasper Weyne 2020-07-09 16:27:45 +02:00
parent 97cde9c56a
commit 13d0260cc9
2 changed files with 22 additions and 3 deletions

View File

@ -139,6 +139,7 @@ class OpenIdService extends ExternalAuthService
*/ */
protected function getProvider(): OpenIDConnectProvider protected function getProvider(): OpenIDConnectProvider
{ {
// Setup settings
$settings = $this->config['openid']; $settings = $this->config['openid'];
$overrides = $this->config['openid_overrides'] ?? []; $overrides = $this->config['openid_overrides'] ?? [];
@ -149,12 +150,27 @@ class OpenIdService extends ExternalAuthService
$openIdSettings = $this->loadOpenIdDetails(); $openIdSettings = $this->loadOpenIdDetails();
$settings = array_replace_recursive($settings, $openIdSettings, $overrides); $settings = array_replace_recursive($settings, $openIdSettings, $overrides);
$signer = new \Lcobucci\JWT\Signer\Rsa\Sha256(); // Setup services
return new OpenIDConnectProvider($settings, ['signer' => $signer]); $services = $this->loadOpenIdServices();
$overrides = $this->config['openid_services'] ?? [];
$services = array_replace_recursive($services, $overrides);
return new OpenIDConnectProvider($settings, $services);
} }
/** /**
* Load dynamic service provider options required by the onelogin toolkit. * Load services utilized by the OpenID Connect provider.
*/
protected function loadOpenIdServices(): array
{
return [
'signer' => new \Lcobucci\JWT\Signer\Rsa\Sha256(),
];
}
/**
* Load dynamic service provider options required by the OpenID Connect provider.
*/ */
protected function loadOpenIdDetails(): array protected function loadOpenIdDetails(): array
{ {

View File

@ -18,6 +18,9 @@ return [
// Overrides, in JSON format, to the configuration passed to underlying OpenIDConnectProvider library. // Overrides, in JSON format, to the configuration passed to underlying OpenIDConnectProvider library.
'openid_overrides' => env('OPENID_OVERRIDES', null), 'openid_overrides' => env('OPENID_OVERRIDES', null),
// Custom service instances, used by the underlying OpenIDConnectProvider library
'openid_services' => [],
'openid' => [ 'openid' => [
// OAuth2/OpenId client id, as configured in your Authorization server. // OAuth2/OpenId client id, as configured in your Authorization server.
'clientId' => env('OPENID_CLIENT_ID', ''), 'clientId' => env('OPENID_CLIENT_ID', ''),