Skip to content

Commit 46a2911

Browse files
committed
Add UI tab for specifying OpenID Connect options for proxy hosts.
1 parent fff31b0 commit 46a2911

File tree

3 files changed

+79
-1
lines changed

3 files changed

+79
-1
lines changed

frontend/js/app/nginx/proxy/form.ejs

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
<li role="presentation" class="nav-item"><a href="#locations" aria-controls="tab4" role="tab" data-toggle="tab" class="nav-link"><i class="fe fe-layers"></i> <%- i18n('all-hosts', 'locations') %></a></li>
1111
<li role="presentation" class="nav-item"><a href="#ssl-options" aria-controls="tab2" role="tab" data-toggle="tab" class="nav-link"><i class="fe fe-shield"></i> <%- i18n('str', 'ssl') %></a></li>
1212
<li role="presentation" class="nav-item"><a href="#advanced" aria-controls="tab3" role="tab" data-toggle="tab" class="nav-link"><i class="fe fe-settings"></i> <%- i18n('all-hosts', 'advanced') %></a></li>
13+
<li role="presentation" class="nav-item"><a href="#openidc" aria-controls="tab3" role="tab" data-toggle="tab" class="nav-link"><i class="fe fe-settings"></i>OpenID Connect</a></li>
1314
</ul>
1415
<div class="tab-content">
1516

@@ -177,6 +178,54 @@
177178
</div>
178179
</div>
179180
</div>
181+
182+
<!-- OpenID Connect -->
183+
<div role="tabpanel" class="tab-pane" id="openidc">
184+
<div class="row">
185+
<div class="col-sm-12 col-md-12">
186+
<div class="form-group">
187+
<label class="custom-switch">
188+
<input type="checkbox" class="custom-switch-input" name="openidc_enabled" value="1<%- openidc_enabled ? ' checked' : '' %>">
189+
<span class="custom-switch-indicator"></span>
190+
<span class="custom-switch-description">Use OpenID Connect authentication <span class="form-required">*</span></span>
191+
</label>
192+
</div>
193+
</div>
194+
<div class="col-sm-12 col-md-12 openidc">
195+
<div class="form-group">
196+
<label class="form-label">Redirect URI<span class="form-required">*</span></label>
197+
<input type="text" name="openidc_redirect_uri" class="form-control text-monospace" placeholder="" value="<%- openidc_redirect_uri %>" autocomplete="off" maxlength="255" required>
198+
</div>
199+
</div>
200+
<div class="col-sm-12 col-md-12 openidc">
201+
<div class="form-group">
202+
<label class="form-label">Well-known discovery endpoint<span class="form-required">*</span></label>
203+
<input type="text" name="openidc_discovery" class="form-control text-monospace" placeholder="" value="<%- openidc_discovery %>" autocomplete="off" maxlength="255" required>
204+
</div>
205+
</div>
206+
<div class="col-sm-12 col-md-12 openidc">
207+
<div class="form-group">
208+
<label class="form-label">Token endpoint auth method<span class="form-required">*</span></label>
209+
<select name="openidc_auth_method" class="form-control custom-select" placeholder="client_secret_post">
210+
<option value="client_secret_post" <%- openidc_auth_method === 'client_secret_post' ? 'selected' : '' %>>client_secret_post</option>
211+
<option value="client_secret_basic" <%- openidc_auth_method === 'client_secret_basic' ? 'selected' : '' %>>client_secret_basic</option>
212+
</select>
213+
</div>
214+
</div>
215+
<div class="col-sm-12 col-md-12 openidc">
216+
<div class="form-group">
217+
<label class="form-label">Client ID<span class="form-required">*</span></label>
218+
<input type="text" name="openidc_client_id" class="form-control text-monospace" placeholder="" value="<%- openidc_client_id %>" autocomplete="off" maxlength="255" required>
219+
</div>
220+
</div>
221+
<div class="col-sm-12 col-md-12 openidc">
222+
<div class="form-group">
223+
<label class="form-label">Client secret<span class="form-required">*</span></label>
224+
<input type="text" name="openidc_client_secret" class="form-control text-monospace" placeholder="" value="<%- openidc_client_secret %>" autocomplete="off" maxlength="255" required>
225+
</div>
226+
</div>
227+
</div>
228+
</div>
180229
</div>
181230
</form>
182231
</div>

frontend/js/app/nginx/proxy/form.js

Lines changed: 24 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,9 @@ module.exports = Mn.View.extend({
3434
hsts_subdomains: 'input[name="hsts_subdomains"]',
3535
http2_support: 'input[name="http2_support"]',
3636
forward_scheme: 'select[name="forward_scheme"]',
37-
letsencrypt: '.letsencrypt'
37+
letsencrypt: '.letsencrypt',
38+
openidc_enabled: 'input[name="openidc_enabled"]',
39+
openidc: '.openidc'
3840
},
3941

4042
regions: {
@@ -91,6 +93,17 @@ module.exports = Mn.View.extend({
9193
}
9294
},
9395

96+
'change @ui.openidc_enabled': function () {
97+
console.log('Changing');
98+
let checked = this.ui.openidc_enabled.prop('checked');
99+
100+
if (checked) {
101+
this.ui.openidc.show().find('input').prop('required', true);
102+
} else {
103+
this.ui.openidc.hide().find('input').prop('required', false);
104+
}
105+
},
106+
94107
'click @ui.add_location_btn': function (e) {
95108
e.preventDefault();
96109

@@ -128,6 +141,7 @@ module.exports = Mn.View.extend({
128141
data.hsts_enabled = !!data.hsts_enabled;
129142
data.hsts_subdomains = !!data.hsts_subdomains;
130143
data.ssl_forced = !!data.ssl_forced;
144+
data.openidc_enabled = data.openidc_enabled === '1';
131145

132146
if (typeof data.domain_names === 'string' && data.domain_names) {
133147
data.domain_names = data.domain_names.split(',');
@@ -152,6 +166,12 @@ module.exports = Mn.View.extend({
152166
data.certificate_id = parseInt(data.certificate_id, 10);
153167
}
154168

169+
// OpenID Connect won't work with multiple domain names because the redirect URL has to point to a specific one
170+
if (data.openidc_enabled && data.domain_names.length > 1) {
171+
alert('Cannot use mutliple domain names when OpenID Connect is enabled');
172+
return;
173+
}
174+
155175
let method = App.Api.Nginx.ProxyHosts.create;
156176
let is_new = true;
157177

@@ -266,6 +286,9 @@ module.exports = Mn.View.extend({
266286
view.ui.certificate_select[0].selectize.setValue(view.model.get('certificate_id'));
267287
}
268288
});
289+
290+
// OpenID Connect
291+
this.ui.openidc.hide().find('input').prop('required', false);
269292
},
270293

271294
initialize: function (options) {

frontend/js/models/proxy-host.js

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,12 @@ const model = Backbone.Model.extend({
2222
block_exploits: false,
2323
http2_support: false,
2424
advanced_config: '',
25+
openidc_enabled: false,
26+
openidc_redirect_uri: null,
27+
openidc_discovery: null,
28+
openidc_auth_method: null,
29+
openidc_client_id: null,
30+
openidc_client_secret: null,
2531
enabled: true,
2632
meta: {},
2733
// The following are expansions:

0 commit comments

Comments
 (0)