Skip to content

Commit eadf1ca

Browse files
ajkiesslajkiessl
authored
Merge pull request #277 from psu-libraries/hotfix-azure
Azure cleanup
2 parents 99a26ce + 10f7f50 commit eadf1ca

File tree

3 files changed

+17
-7
lines changed

3 files changed

+17
-7
lines changed

.envrc.sample

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,7 @@ export ADMIN_USERS_GROUP=
1515
export AUTHORIZED_USERS_GROUP=
1616
export AZURE_CLIENT_ID=
1717
export AZURE_CLIENT_SECRET=
18-
export AZURE_TENANT_ID=
19-
export AZURE_REDIRECT_URI=
18+
export AZURE_AUTH_ENDPOINT
2019

2120
#---------------------------------
2221
# The below configurations are not

config/initializers/omniauth.rb

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,18 +2,30 @@
22

33
OmniAuth.config.allowed_request_methods = [:post]
44

5+
azure_auth_endpoint = ENV.fetch('AZURE_AUTH_ENDPOINT', nil)
6+
7+
issuer =
8+
azure_auth_endpoint&.sub(%r{/oauth2/v2\.0/authorize$}, '/v2.0')
9+
510
Rails.application.config.middleware.use OmniAuth::Builder do
611
provider :openid_connect,
712
name: :azure_oauth,
813
scope: [:openid, :email, :profile],
914
response_type: :code,
10-
issuer: "https://login.microsoftonline.com/#{ENV.fetch('AZURE_TENANT_ID', nil)}/v2.0",
15+
issuer: issuer,
1116
discovery: true,
1217
client_auth_method: :query,
1318
uid_field: 'email',
19+
setup: lambda { |env|
20+
# Set redirect_uri dynamically at runtime to handle different hosts/FQDNs
21+
req = Rack::Request.new(env)
22+
strategy = env['omniauth.strategy']
23+
callback_path = Rails.application.routes.url_helpers.auth_azure_oauth_callback_path
24+
redirect_uri = "#{req.scheme}://#{req.host_with_port}#{callback_path}"
25+
strategy.options[:client_options][:redirect_uri] = redirect_uri
26+
},
1427
client_options: {
1528
identifier: ENV.fetch('AZURE_CLIENT_ID', nil),
16-
secret: ENV.fetch('AZURE_CLIENT_SECRET', nil),
17-
redirect_uri: ENV.fetch('AZURE_REDIRECT_URI', nil)
29+
secret: ENV.fetch('AZURE_CLIENT_SECRET', nil)
1830
}
1931
end

docker-compose.yml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,9 @@ x-web_env: &web_env
1414
LLM_MODEL: "${LLM_MODEL}"
1515
AZURE_CLIENT_ID: ${AZURE_CLIENT_ID}
1616
AZURE_CLIENT_SECRET: ${AZURE_CLIENT_SECRET}
17-
AZURE_TENANT_ID: ${AZURE_TENANT_ID}
17+
AZURE_AUTH_ENDPOINT: ${AZURE_AUTH_ENDPOINT}
1818
AUTHORIZED_USERS_GROUP: ${AUTHORIZED_USERS_GROUP}
1919
ADMIN_USERS_GROUP: ${ADMIN_USERS_GROUP}
20-
AZURE_REDIRECT_URI: ${AZURE_REDIRECT_URI}
2120
services:
2221
web:
2322
user: 3000:3000

0 commit comments

Comments
 (0)