vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Blacklist any OIDC service ids that may conflict with our own

Browse source
This commit is contained in:
Joseph Schorr 2017-02-09 12:57:09 -08:00
parent 421c5d6012
commit cc4258c015
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
oauth/loginmanager.py
View file

@ -1,12 +1,15 @@
from oauth.services.github import GithubOAuthService from oauth.services.github import GithubOAuthService
from oauth.services.google import GoogleOAuthService from oauth.services.google import GoogleOAuthService
from oauth.oidc import OIDCLoginService from oauth.oidc import OIDCLoginService
from data.users import UserAuthentication
CUSTOM_LOGIN_SERVICES = { CUSTOM_LOGIN_SERVICES = {
'GITHUB_LOGIN_CONFIG': GithubOAuthService, 'GITHUB_LOGIN_CONFIG': GithubOAuthService,
'GOOGLE_LOGIN_CONFIG': GoogleOAuthService, 'GOOGLE_LOGIN_CONFIG': GoogleOAuthService,
} }
PREFIX_BLACKLIST = ['ldap', 'jwt', 'keystone']
class OAuthLoginManager(object): class OAuthLoginManager(object):
""" Helper class which manages all registered OAuth login services. """ """ Helper class which manages all registered OAuth login services. """
def __init__(self, config): def __init__(self, config):
@ -21,6 +24,10 @@ class OAuthLoginManager(object):
if custom_service.login_enabled(config): if custom_service.login_enabled(config):
self.services.append(custom_service) self.services.append(custom_service)
else: else:
prefix = key[0:len(key) - len('_LOGIN_CONFIG')].lower()
if prefix in PREFIX_BLACKLIST:
raise Exception('Cannot use reserved config name %s' % key)
self.services.append(OIDCLoginService(config, key)) self.services.append(OIDCLoginService(config, key))
def get_service(self, service_id): def get_service(self, service_id):