Commit 658fc1a6 by Eric Uldall Committed by Torkel Ödegaard

added hosted domain suppport to google oauth login (#6372)

parent 7acdbde8
...@@ -229,6 +229,7 @@ auth_url = https://accounts.google.com/o/oauth2/auth ...@@ -229,6 +229,7 @@ auth_url = https://accounts.google.com/o/oauth2/auth
token_url = https://accounts.google.com/o/oauth2/token token_url = https://accounts.google.com/o/oauth2/token
api_url = https://www.googleapis.com/oauth2/v1/userinfo api_url = https://www.googleapis.com/oauth2/v1/userinfo
allowed_domains = allowed_domains =
hosted_domain =
#################################### Grafana.net Auth #################### #################################### Grafana.net Auth ####################
[auth.grafananet] [auth.grafananet]
......
...@@ -53,7 +53,11 @@ func OAuthLogin(ctx *middleware.Context) { ...@@ -53,7 +53,11 @@ func OAuthLogin(ctx *middleware.Context) {
if code == "" { if code == "" {
state := GenStateString() state := GenStateString()
ctx.Session.Set(middleware.SESS_KEY_OAUTH_STATE, state) ctx.Session.Set(middleware.SESS_KEY_OAUTH_STATE, state)
ctx.Redirect(connect.AuthCodeURL(state, oauth2.AccessTypeOnline)) if setting.OAuthService.OAuthInfos[name].HostedDomain == "" {
ctx.Redirect(connect.AuthCodeURL(state, oauth2.AccessTypeOnline))
}else{
ctx.Redirect(connect.AuthCodeURL(state, oauth2.SetParam("hd", setting.OAuthService.OAuthInfos[name].HostedDomain), oauth2.AccessTypeOnline));
}
return return
} }
......
...@@ -6,6 +6,7 @@ type OAuthInfo struct { ...@@ -6,6 +6,7 @@ type OAuthInfo struct {
AuthUrl, TokenUrl string AuthUrl, TokenUrl string
Enabled bool Enabled bool
AllowedDomains []string AllowedDomains []string
HostedDomain string
ApiUrl string ApiUrl string
AllowSignup bool AllowSignup bool
Name string Name string
......
...@@ -12,6 +12,7 @@ import ( ...@@ -12,6 +12,7 @@ import (
type SocialGoogle struct { type SocialGoogle struct {
*oauth2.Config *oauth2.Config
allowedDomains []string allowedDomains []string
hostedDomain string
apiUrl string apiUrl string
allowSignup bool allowSignup bool
} }
......
...@@ -51,6 +51,7 @@ func NewOAuthService() { ...@@ -51,6 +51,7 @@ func NewOAuthService() {
ApiUrl: sec.Key("api_url").String(), ApiUrl: sec.Key("api_url").String(),
Enabled: sec.Key("enabled").MustBool(), Enabled: sec.Key("enabled").MustBool(),
AllowedDomains: sec.Key("allowed_domains").Strings(" "), AllowedDomains: sec.Key("allowed_domains").Strings(" "),
HostedDomain: sec.Key("hosted_domain").String(),
AllowSignup: sec.Key("allow_sign_up").MustBool(), AllowSignup: sec.Key("allow_sign_up").MustBool(),
Name: sec.Key("name").MustString(name), Name: sec.Key("name").MustString(name),
TlsClientCert: sec.Key("tls_client_cert").String(), TlsClientCert: sec.Key("tls_client_cert").String(),
...@@ -92,6 +93,7 @@ func NewOAuthService() { ...@@ -92,6 +93,7 @@ func NewOAuthService() {
SocialMap["google"] = &SocialGoogle{ SocialMap["google"] = &SocialGoogle{
Config: &config, Config: &config,
allowedDomains: info.AllowedDomains, allowedDomains: info.AllowedDomains,
hostedDomain: info.HostedDomain,
apiUrl: info.ApiUrl, apiUrl: info.ApiUrl,
allowSignup: info.AllowSignup, allowSignup: info.AllowSignup,
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment