ExternalVendorCode/chirpstack
1
0
Fork 0
mirror of https://github.com/chirpstack/chirpstack.git synced 2025-04-07 11:26:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add assume_email_verified option for OIDC.

Browse Source 
Fixes #302.
This commit is contained in:
Orne Brocaar 2023-11-23 15:05:27 +00:00
parent 0f9674ec0a
commit 687d0b1c62
3 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
chirpstack/src/api/internal.rs
View File

@ -429,7 +429,11 @@ impl InternalService for Internal {
return Err(Status::invalid_argument("email is missing"));
}
};
let email_verified = oidc_user.email_verified().unwrap_or_default();
let email_verified = oidc_user.email_verified().unwrap_or_default()
|| conf
.user_authentication
.openid_connect
.assume_email_verified;
if !email_verified {
return Err(Status::failed_precondition(

8
chirpstack/src/cmd/configfile.rs
View File

@ -600,6 +600,14 @@ pub fn run() {
# The login label is used in the web-interface login form.
login_label="{{ user_authentication.openid_connect.login_label }}"
# Assume e-mail verified.
#
# If set to true, then ChirpStack will ignore the email_verified received
# from the OpenID Connect provider, assuming it will be true. Some
# providers do not provide this field, in which case setting this value
# is needed.
assume_email_verified={{ user_authentication.openid_connect.assume_email_verified }}
# Join Server configuration.
[join_server]

1
chirpstack/src/config.rs
View File

@ -407,6 +407,7 @@ pub struct OpenIdConnect {
pub redirect_url: String,
pub logout_url: String,
pub login_label: String,
pub assume_email_verified: bool,
}
#[derive(Serialize, Deserialize, Default, Clone)]