From cfe60493113544af06f31ce6aac009523a7efea2 Mon Sep 17 00:00:00 2001 From: souhail hanfi Date: Thu, 15 Sep 2022 18:07:35 +0200 Subject: [PATCH 1/4] move to kong 3 support --- ...0-0.rockspec => kong-oidc-1.1.1-0.rockspec | 8 ++-- kong/plugins/oidc/handler.lua | 8 ++-- kong/plugins/oidc/schema.lua | 47 +++++++++++-------- 3 files changed, 36 insertions(+), 27 deletions(-) rename kong-oidc-1.1.0-0.rockspec => kong-oidc-1.1.1-0.rockspec (91%) diff --git a/kong-oidc-1.1.0-0.rockspec b/kong-oidc-1.1.1-0.rockspec similarity index 91% rename from kong-oidc-1.1.0-0.rockspec rename to kong-oidc-1.1.1-0.rockspec index f363bb32..6057ff27 100644 --- a/kong-oidc-1.1.0-0.rockspec +++ b/kong-oidc-1.1.1-0.rockspec @@ -1,8 +1,8 @@ package = "kong-oidc" -version = "1.1.0-0" +version = "1.1.1-0" source = { - url = "git://github.com/nokia/kong-oidc", - tag = "v1.1.0", + url = "git://github.com/souhail-hanfi/kong-oidc", + tag = "v1.1.1", dir = "kong-oidc" } description = { @@ -18,7 +18,7 @@ description = { It can be used as a reverse proxy terminating OAuth/OpenID Connect in front of an origin server so that the origin server/services can be protected with the relevant standards without implementing those on the server itself. ]], - homepage = "https://github.com/nokia/kong-oidc", + homepage = "https://github.com/souhail-hanfi/kong-oidc", license = "Apache 2.0" } dependencies = { diff --git a/kong/plugins/oidc/handler.lua b/kong/plugins/oidc/handler.lua index 07f05af5..f00606d7 100644 --- a/kong/plugins/oidc/handler.lua +++ b/kong/plugins/oidc/handler.lua @@ -1,11 +1,11 @@ -local BasePlugin = require "kong.plugins.base_plugin" -local OidcHandler = BasePlugin:extend() +local OidcHandler = { + PRIORITY = 1000, + VERSION = "1.1.1", +} local utils = require("kong.plugins.oidc.utils") local filter = require("kong.plugins.oidc.filter") local session = require("kong.plugins.oidc.session") -OidcHandler.PRIORITY = 1000 - function OidcHandler:new() OidcHandler.super.new(self, "oidc") diff --git a/kong/plugins/oidc/schema.lua b/kong/plugins/oidc/schema.lua index ffb55b37..18587144 100644 --- a/kong/plugins/oidc/schema.lua +++ b/kong/plugins/oidc/schema.lua @@ -1,23 +1,32 @@ +local typedefs = require "kong.db.schema.typedefs" + return { - no_consumer = true, + name = "oidc", fields = { - client_id = { type = "string", required = true }, - client_secret = { type = "string", required = true }, - discovery = { type = "string", required = true, default = "https://.well-known/openid-configuration" }, - introspection_endpoint = { type = "string", required = false }, - timeout = { type = "number", required = false }, - introspection_endpoint_auth_method = { type = "string", required = false }, - bearer_only = { type = "string", required = true, default = "no" }, - realm = { type = "string", required = true, default = "kong" }, - redirect_uri_path = { type = "string" }, - scope = { type = "string", required = true, default = "openid" }, - response_type = { type = "string", required = true, default = "code" }, - ssl_verify = { type = "string", required = true, default = "no" }, - token_endpoint_auth_method = { type = "string", required = true, default = "client_secret_post" }, - session_secret = { type = "string", required = false }, - recovery_page_path = { type = "string" }, - logout_path = { type = "string", required = false, default = '/logout' }, - redirect_after_logout_uri = { type = "string", required = false, default = '/' }, - filters = { type = "string" } + { consumer = typedefs.no_consumer}, + { config = { + type = "record", + fields = { + { client_id = { type = "string", required = true }, }, + { client_secret = { type = "string", required = true }, }, + { discovery = { type = "string", required = true, default = "https://.well-known/openid-configuration" }, }, + { introspection_endpoint = { type = "string", required = false }, }, + { timeout = { type = "number", required = false }, }, + { introspection_endpoint_auth_method = { type = "string", required = false }, }, + { bearer_only = { type = "string", required = true, default = "no" }, }, + { realm = { type = "string", required = true, default = "kong" }, }, + { redirect_uri_path = { type = "string" }, }, + { scope = { type = "string", required = true, default = "openid" }, }, + { response_type = { type = "string", required = true, default = "code" }, }, + { ssl_verify = { type = "string", required = true, default = "no" }, }, + { token_endpoint_auth_method = { type = "string", required = true, default = "client_secret_post" }, }, + { session_secret = { type = "string", required = false }, }, + { recovery_page_path = { type = "string" }, }, + { logout_path = { type = "string", required = false, default = '/logout' }, }, + { redirect_after_logout_uri = { type = "string", required = false, default = '/' }, }, + { filters = { type = "string" } }, + } + } + } } } From 8b5490353d36e1593d0998cf9b38d50ae2696105 Mon Sep 17 00:00:00 2001 From: souhail hanfi Date: Fri, 16 Sep 2022 11:14:37 +0200 Subject: [PATCH 2/4] prepare PR --- kong-oidc-1.1.1-0.rockspec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kong-oidc-1.1.1-0.rockspec b/kong-oidc-1.1.1-0.rockspec index 6057ff27..575bf003 100644 --- a/kong-oidc-1.1.1-0.rockspec +++ b/kong-oidc-1.1.1-0.rockspec @@ -1,7 +1,7 @@ package = "kong-oidc" version = "1.1.1-0" source = { - url = "git://github.com/souhail-hanfi/kong-oidc", + url = "git://github.com/nokia/kong-oidc", tag = "v1.1.1", dir = "kong-oidc" } @@ -18,7 +18,7 @@ description = { It can be used as a reverse proxy terminating OAuth/OpenID Connect in front of an origin server so that the origin server/services can be protected with the relevant standards without implementing those on the server itself. ]], - homepage = "https://github.com/souhail-hanfi/kong-oidc", + homepage = "https://github.com/nokia/kong-oidc", license = "Apache 2.0" } dependencies = { From 38718f4d2e41f05bdb507bacd2265e57c0038750 Mon Sep 17 00:00:00 2001 From: souhail hanfi Date: Thu, 27 Oct 2022 13:49:50 +0200 Subject: [PATCH 3/4] remove new and super as the doc said --- kong/plugins/oidc/handler.lua | 6 ------ 1 file changed, 6 deletions(-) diff --git a/kong/plugins/oidc/handler.lua b/kong/plugins/oidc/handler.lua index f00606d7..cdd6b151 100644 --- a/kong/plugins/oidc/handler.lua +++ b/kong/plugins/oidc/handler.lua @@ -6,13 +6,7 @@ local utils = require("kong.plugins.oidc.utils") local filter = require("kong.plugins.oidc.filter") local session = require("kong.plugins.oidc.session") - -function OidcHandler:new() - OidcHandler.super.new(self, "oidc") -end - function OidcHandler:access(config) - OidcHandler.super.access(self) local oidcConfig = utils.get_options(config, ngx) if filter.shouldProcessRequest(oidcConfig) then From 9ac6e31940e724fb72a6ce0065bb733175ce0889 Mon Sep 17 00:00:00 2001 From: souhail hanfi Date: Thu, 27 Oct 2022 13:58:22 +0200 Subject: [PATCH 4/4] change repo in rackspec --- kong-oidc-1.1.1-0.rockspec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kong-oidc-1.1.1-0.rockspec b/kong-oidc-1.1.1-0.rockspec index 575bf003..242f3042 100644 --- a/kong-oidc-1.1.1-0.rockspec +++ b/kong-oidc-1.1.1-0.rockspec @@ -1,7 +1,7 @@ package = "kong-oidc" version = "1.1.1-0" source = { - url = "git://github.com/nokia/kong-oidc", + url = "git://github.com/hanfi/kong-oidc", tag = "v1.1.1", dir = "kong-oidc" } @@ -18,7 +18,7 @@ description = { It can be used as a reverse proxy terminating OAuth/OpenID Connect in front of an origin server so that the origin server/services can be protected with the relevant standards without implementing those on the server itself. ]], - homepage = "https://github.com/nokia/kong-oidc", + homepage = "https://github.com/hanfi/kong-oidc", license = "Apache 2.0" } dependencies = {