lee/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-12-16 21:17:44 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Use IDP ID instead of IDP name for auto-login-idp

Browse Source 
Co-authored-by: oschwartz10612 <4999704+oschwartz10612@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-11-19 19:29:52 +00:00
parent 01b5158b73
commit 6da531e99b
3 changed files with 5 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
blueprint.yaml
View File

@@ -31,7 +31,7 @@ proxy-resources:
# - owen@pangolin.net # - owen@pangolin.net
# whitelist-users: # whitelist-users:
# - owen@pangolin.net # - owen@pangolin.net
# auto-login-idp: My IDP Name # auto-login-idp: 1
headers: headers:
- name: X-Example-Header - name: X-Example-Header
value: example-value value: example-value

47
server/lib/blueprints/proxyResources.ts
View File

@@ -14,9 +14,7 @@ import {
Transaction, Transaction,
userOrgs, userOrgs,
userResources, userResources,
users, users
idp,
idpOrg
} from "@server/db"; } from "@server/db";
import { resources, targets, sites } from "@server/db"; import { resources, targets, sites } from "@server/db";
import { eq, and, asc, or, ne, count, isNotNull } from "drizzle-orm"; import { eq, and, asc, or, ne, count, isNotNull } from "drizzle-orm";
@@ -210,16 +208,6 @@ export async function updateProxyResources(
); );
resource = existingResource; resource = existingResource;
} else { } else {
// Lookup IDP ID if auto-login-idp is specified
let skipToIdpId: number | null = null;
if (resourceData.auth?.["auto-login-idp"]) {
skipToIdpId = await getIdpIdByName(
orgId,
resourceData.auth["auto-login-idp"],
trx
);
}
// Update existing resource // Update existing resource
[resource] = await trx [resource] = await trx
.update(resources) .update(resources)
@@ -233,7 +221,7 @@ export async function updateProxyResources(
domainId: domain ? domain.domainId : null, domainId: domain ? domain.domainId : null,
enabled: resourceEnabled, enabled: resourceEnabled,
sso: resourceData.auth?.["sso-enabled"] || false, sso: resourceData.auth?.["sso-enabled"] || false,
skipToIdpId: skipToIdpId, skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
ssl: resourceSsl, ssl: resourceSsl,
setHostHeader: resourceData["host-header"] || null, setHostHeader: resourceData["host-header"] || null,
tlsServerName: resourceData["tls-server-name"] || null, tlsServerName: resourceData["tls-server-name"] || null,
@@ -608,16 +596,6 @@ export async function updateProxyResources(
); );
} }
// Lookup IDP ID if auto-login-idp is specified
let skipToIdpId: number | null = null;
if (resourceData.auth?.["auto-login-idp"]) {
skipToIdpId = await getIdpIdByName(
orgId,
resourceData.auth["auto-login-idp"],
trx
);
}
// Create new resource // Create new resource
const [newResource] = await trx const [newResource] = await trx
.insert(resources) .insert(resources)
@@ -633,7 +611,7 @@ export async function updateProxyResources(
domainId: domain ? domain.domainId : null, domainId: domain ? domain.domainId : null,
enabled: resourceEnabled, enabled: resourceEnabled,
sso: resourceData.auth?.["sso-enabled"] || false, sso: resourceData.auth?.["sso-enabled"] || false,
skipToIdpId: skipToIdpId, skipToIdpId: resourceData.auth?.["auto-login-idp"] || null,
setHostHeader: resourceData["host-header"] || null, setHostHeader: resourceData["host-header"] || null,
tlsServerName: resourceData["tls-server-name"] || null, tlsServerName: resourceData["tls-server-name"] || null,
ssl: resourceSsl, ssl: resourceSsl,
@@ -1108,22 +1086,3 @@ async function getDomainId(
domainId: domainSelection.domainId domainId: domainSelection.domainId
}; };
} }
async function getIdpIdByName(
orgId: string,
idpName: string,
trx: Transaction
): Promise<number | null> {
const [idpResult] = await trx
.select({ idpId: idp.idpId })
.from(idp)
.innerJoin(idpOrg, eq(idp.idpId, idpOrg.idpId))
.where(and(eq(idp.name, idpName), eq(idpOrg.orgId, orgId)))
.limit(1);
if (!idpResult) {
throw new Error(`IDP not found: ${idpName} in org ${orgId}`);
}
return idpResult.idpId;
}

2
server/lib/blueprints/types.ts
View File

@@ -59,7 +59,7 @@ export const AuthSchema = z.object({
}), }),
"sso-users": z.array(z.string().email()).optional().default([]), "sso-users": z.array(z.string().email()).optional().default([]),
"whitelist-users": z.array(z.string().email()).optional().default([]), "whitelist-users": z.array(z.string().email()).optional().default([]),
"auto-login-idp": z.string().min(1).optional(), "auto-login-idp": z.number().int().positive().optional(),
}); });
export const RuleSchema = z.object({ export const RuleSchema = z.object({