Add a field to specify a list of allowed emails when using OpenID Connect auth.

2020-05-22 15:51:34 -05:00
parent 5811345050
commit cdf702e545
7 changed files with 172 additions and 30 deletions
--- a/backend/schema/definitions.json
+++ b/backend/schema/definitions.json
@ -256,6 +256,22 @@
    },
    "openidc_client_secret": {
      "type": "string"
+    },
+    "openidc_restrict_users_enabled": {
+      "description": "Only allow a specific set of OpenID Connect emails to access the resource",
+      "example": true,
+      "type": "boolean"
+    },
+    "openidc_allowed_users": {
+      "type": "array",
+      "minItems": 0,
+      "items": {
+        "type": "string",
+        "description": "Email Address",
+        "example": "john@example.com",
+        "format": "email",
+        "minLength": 1
+      }
    }
  }
 }
--- a/backend/schema/endpoints/proxy-hosts.json
+++ b/backend/schema/endpoints/proxy-hosts.json
@ -82,6 +82,12 @@
    "openidc_client_secret": {
      "$ref": "../definitions.json#/definitions/openidc_client_secret"
    },
+    "openidc_restrict_users_enabled": {
+      "$ref": "../definitions.json#/definitions/openidc_restrict_users_enabled"
+    },
+    "openidc_allowed_users": {
+      "$ref": "../definitions.json#/definitions/openidc_allowed_users"
+    },
    "enabled": {
      "$ref": "../definitions.json#/definitions/enabled"
    },
@ -197,6 +203,12 @@
    "openidc_client_secret": {
      "$ref": "#/definitions/openidc_client_secret"
    },
+    "openidc_restrict_users_enabled": {
+      "$ref": "#/definitions/openidc_restrict_users_enabled"
+    },
+    "openidc_allowed_users": {
+      "$ref": "#/definitions/openidc_allowed_users"
+    },
    "enabled": {
      "$ref": "#/definitions/enabled"
    },
@ -305,6 +317,12 @@
          "openidc_client_secret": {
            "$ref": "#/definitions/openidc_client_secret"
          },
+          "openidc_restrict_users_enabled": {
+            "$ref": "#/definitions/openidc_restrict_users_enabled"
+          },
+          "openidc_allowed_users": {
+            "$ref": "#/definitions/openidc_allowed_users"
+          },
          "enabled": {
            "$ref": "#/definitions/enabled"
          },
@ -396,6 +414,12 @@
          "openidc_client_secret": {
            "$ref": "#/definitions/openidc_client_secret"
          },
+          "openidc_restrict_users_enabled": {
+            "$ref": "#/definitions/openidc_restrict_users_enabled"
+          },
+          "openidc_allowed_users": {
+            "$ref": "#/definitions/openidc_allowed_users"
+          },
          "enabled": {
            "$ref": "#/definitions/enabled"
          },