tcjlj/nginx-proxy-manager-zh
1
0
Fork 0
mirror of https://github.com/xiaoxinpro/nginx-proxy-manager-zh.git synced 2025-03-14 17:48:14 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow limiting OpenID Connect auth to a list of users.

Browse Source
This commit is contained in:
Subv 2020-05-22 17:01:22 -05:00 committed by Jamie Curnow
parent cdf702e545
commit daf399163c
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
backend/templates/_openid_connect.conf
View File

@ -18,6 +18,27 @@
ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)
end end
{% if openidc_restrict_users_enabled -%}
local function contains(table, val)
for i=1,#table do
if table[i] == val then
return true
end
end
return false
end
local allowed_users = {
{% for user in openidc_allowed_users %}
"{{ user }}",
{% endfor %}
}
if not contains(allowed_users, res.id_token.email) then
ngx.exit(ngx.HTTP_FORBIDDEN)
end
{% endif -%}
ngx.req.set_header("X-OIDC-SUB", res.id_token.sub) ngx.req.set_header("X-OIDC-SUB", res.id_token.sub)
ngx.req.set_header("X-OIDC-EMAIL", res.id_token.email) ngx.req.set_header("X-OIDC-EMAIL", res.id_token.email)