Arkon/NeveTimePanel
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
389b92f68a6bb157558320192ac20a4f126990ef
NeveTimePanel/backend/oidc_config.py
arkonsadter 05b8efd0f2
Some checks failed
continuous-integration/drone/push Build was killed
Details
continuous-integration/drone/pr Build was killed
Details
Prepare hosting deployment and Drone image builds
2026-03-18 15:26:18 +06:00

62 lines
2.4 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
"""
Конфигурация OpenID Connect провайдеров
"""
import os
from typing import Dict, Any
def _is_truthy(value: str) -> bool:
"""Безопасный парсинг bool из переменных окружения."""
return value.strip().lower() in {"1", "true", "yes", "on"}
def _is_config_value_set(value: str) -> bool:
"""Проверка, что значение реально задано, а не заглушка."""
normalized = value.strip().lower()
return normalized not in {"", "none", "null", "undefined"}
def is_sso_enabled() -> bool:
"""Глобальный флаг включения SSO через env."""
# По умолчанию SSO включён, чтобы не ломать существующее поведение.
raw = os.getenv("SSO_ENABLED", "true")
return _is_truthy(raw)
def get_oidc_providers() -> Dict[str, Dict[str, Any]]:
"""Собрать конфигурацию OpenID Connect провайдеров из env."""
issuer = os.getenv("ZITADEL_ISSUER", "")
return {
"zitadel": {
"name": "ZITADEL",
"client_id": os.getenv("ZITADEL_CLIENT_ID", ""),
"client_secret": os.getenv("ZITADEL_CLIENT_SECRET", ""),
"server_metadata_url": issuer.rstrip("/") + "/.well-known/openid-configuration" if issuer else "",
"issuer": issuer,
"scopes": ["openid", "email", "profile"],
"icon": "🔐",
"color": "bg-purple-600 hover:bg-purple-700"
}
}
# Для обратной совместимости с импортами из других модулей
OIDC_PROVIDERS = get_oidc_providers()
def get_enabled_providers() -> Dict[str, Dict[str, Any]]:
"""Получить список включённых провайдеров (с настроенным client_id)."""
if not is_sso_enabled():
return {}
enabled: Dict[str, Dict[str, Any]] = {}
for provider_id, config in get_oidc_providers().items():
if _is_config_value_set(config.get("client_id", "")) and _is_config_value_set(config.get("issuer", "")):
enabled[provider_id] = config
return enabled
def get_redirect_uri(provider_id: str, base_url: str = "http://localhost:8000") -> str:
"""Получить redirect URI для провайдера."""
return f"{base_url}/api/auth/oidc/{provider_id}/callback"
Reference in New Issue View Git Blame Copy Permalink