Skip to content

Commit

Permalink
fix: added oidc redirect url option for fulcio
Browse files Browse the repository at this point in the history
Signed-off-by: Patrick Kwiatkowski <[email protected]>
  • Loading branch information
pkwiatkowski1 committed Nov 19, 2023
1 parent 40c7ed5 commit ced4d19
Showing 1 changed file with 26 additions and 5 deletions.
31 changes: 26 additions & 5 deletions signer/fulcio/fulcio.go
Original file line number Diff line number Diff line change
Expand Up @@ -105,14 +105,29 @@ func init() {
return fsp, nil
},
),
registry.StringConfigOption(
"oidc-redirect-url",
"OIDC redirect URL (Optional). The default oidc-redirect-url is 'http://localhost:0/auth/callback'.",
"",
func(sp signer.SignerProvider, oidcRedirectUrl string) (signer.SignerProvider, error) {
fsp, ok := sp.(FulcioSignerProvider)
if !ok {
return sp, fmt.Errorf("provided signer provider is not a fulcio signer provider")
}

WithOidcRedirectUrl(oidcRedirectUrl)(&fsp)
return fsp, nil
},
),
)
}

type FulcioSignerProvider struct {
FulcioURL string
OidcIssuer string
OidcClientID string
Token string
FulcioURL string
OidcIssuer string
OidcClientID string
Token string
OidcRedirectUrl string
}

type Option func(*FulcioSignerProvider)
Expand Down Expand Up @@ -141,6 +156,12 @@ func WithToken(tokenOption string) Option {
}
}

func WithOidcRedirectUrl(oidcRedirectUrl string) Option {
return func(fsp *FulcioSignerProvider) {
fsp.OidcRedirectUrl = oidcRedirectUrl
}
}

func New(opts ...Option) FulcioSignerProvider {
fsp := FulcioSignerProvider{}
for _, opt := range opts {
Expand Down Expand Up @@ -214,7 +235,7 @@ func (fsp FulcioSignerProvider) Signer(ctx context.Context) (cryptoutil.Signer,
raw = fsp.Token

case fsp.Token == "" && isatty.IsTerminal(os.Stdin.Fd()):
tok, err := oauthflow.OIDConnect(fsp.OidcIssuer, fsp.OidcClientID, "", "", oauthflow.DefaultIDTokenGetter)
tok, err := oauthflow.OIDConnect(fsp.OidcIssuer, fsp.OidcClientID, "", fsp.OidcRedirectUrl, oauthflow.DefaultIDTokenGetter)
if err != nil {
return nil, err
}
Expand Down

0 comments on commit ced4d19

Please sign in to comment.