From df6f337a258960387ac8dede9819160abb2b5df8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Piku=C5=82a?= Date: Sun, 2 Apr 2023 20:13:49 +0200 Subject: [PATCH] Remove introspection_endpoint from required secrets MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The field is not mandatory and some OIDC providers (such as Nextcloud) don't provide it resulting in a key error. Also, refactored client secrets to use json.dumps() for better code readibility. Signed-off-by: Marek PikuĊ‚a --- server.py | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/server.py b/server.py index 04f3249..5454143 100644 --- a/server.py +++ b/server.py @@ -55,21 +55,19 @@ oidc_info = response.json() app.logger.debug("JSON Dumps for OIDC_INFO: "+json.dumps(oidc_info)) - client_secrets = """{ - "web": { - "issuer": \""""+oidc_info["issuer"]+"""\", - "auth_uri": \""""+oidc_info["authorization_endpoint"]+"""\", - "client_id": \""""+OIDC_CLIENT_ID+"""\", - "client_secret": \""""+OIDC_SECRET+"""\", - "redirect_uris": [ - \""""+DOMAIN_NAME+BASE_PATH+"""/oidc_callback" - ], - "userinfo_uri": \""""+oidc_info["userinfo_endpoint"]+"""\", - "token_uri": \""""+oidc_info["token_endpoint"]+"""\", - "token_introspection_uri": \""""+oidc_info["introspection_endpoint"]+"""\" + client_secrets = json.dumps( + { + "web": { + "issuer": oidc_info["issuer"], + "auth_uri": oidc_info["authorization_endpoint"], + "client_id": OIDC_CLIENT_ID, + "client_secret": OIDC_SECRET, + "redirect_uris": [DOMAIN_NAME + BASE_PATH + "/oidc_callback"], + "userinfo_uri": oidc_info["userinfo_endpoint"], + "token_uri": oidc_info["token_endpoint"], + } } - } - """ + ) with open("/app/instance/secrets.json", "w+") as secrets_json: secrets_json.write(client_secrets)