7x31/uptime-kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2025-08-21 00:26:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add optional audience for http-monitors via the oauth2 client credentials flow (#5950)

Browse Source 
Co-authored-by: Frank Elsinga <frank@elsinga.de>
This commit is contained in:
Ryan Hartje
2025-06-29 19:37:41 -05:00
committed by GitHub
parent 5336b05a7f
commit 9506b3a16b
6 changed files with 32 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
server/util-server.js
View File

@@ -58,7 +58,7 @@ exports.initJWTSecret = async () => {
};
/**
* Decodes a jwt and returns the payload portion without verifying the jqt.
* Decodes a jwt and returns the payload portion without verifying the jwt.
* @param {string} jwt The input jwt as a string
* @returns {object} Decoded jwt payload object
*/
@@ -67,15 +67,16 @@ exports.decodeJwt = (jwt) => {
};
/**
* Gets a Access Token form a oidc/oauth2 provider
* @param {string} tokenEndpoint The token URI form the auth service provider
* Gets an Access Token from an oidc/oauth2 provider
* @param {string} tokenEndpoint The token URI from the auth service provider
* @param {string} clientId The oidc/oauth application client id
* @param {string} clientSecret The oidc/oauth application client secret
* @param {string} scope The scope the for which the token should be issued for
* @param {string} authMethod The method on how to sent the credentials. Default client_secret_basic
* @param {string} scope The scope(s) for which the token should be issued for
* @param {string} audience The audience for which the token should be issued for
* @param {string} authMethod The method used to send the credentials. Default client_secret_basic
* @returns {Promise<oidc.TokenSet>} TokenSet promise if the token request was successful
*/
exports.getOidcTokenClientCredentials = async (tokenEndpoint, clientId, clientSecret, scope, authMethod = "client_secret_basic") => {
exports.getOidcTokenClientCredentials = async (tokenEndpoint, clientId, clientSecret, scope, audience, authMethod = "client_secret_basic") => {
const oauthProvider = new oidc.Issuer({ token_endpoint: tokenEndpoint });
let client = new oauthProvider.Client({
client_id: clientId,
@@ -91,6 +92,10 @@ exports.getOidcTokenClientCredentials = async (tokenEndpoint, clientId, clientSe
if (scope) {
grantParams.scope = scope;
}
if (audience) {
grantParams.audience = audience;
}
return await client.grant(grantParams);
};