2021-12-20 12:03:11 +00:00
|
|
|
package env
|
2021-07-28 06:23:37 +00:00
|
|
|
|
|
|
|
|
import (
|
2022-02-26 04:36:26 +00:00
|
|
|
"errors"
|
2022-05-31 02:44:03 +00:00
|
|
|
"fmt"
|
2021-07-28 06:23:37 +00:00
|
|
|
"os"
|
2022-05-31 02:44:03 +00:00
|
|
|
"strconv"
|
2021-07-28 06:23:37 +00:00
|
|
|
"strings"
|
|
|
|
|
|
2022-05-13 01:58:31 +00:00
|
|
|
"github.com/google/uuid"
|
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
|
|
|
|
2021-07-28 06:23:37 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/constants"
|
2022-02-26 04:14:55 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/crypto"
|
2022-05-29 11:52:46 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/memorystore"
|
2021-10-13 16:41:41 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/utils"
|
2021-07-28 06:23:37 +00:00
|
|
|
)
|
|
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
// InitEnv to initialize EnvData and through error if required env are not present
|
2022-02-26 04:36:26 +00:00
|
|
|
func InitAllEnv() error {
|
2022-02-26 04:14:55 +00:00
|
|
|
envData, err := GetEnvData()
|
|
|
|
|
if err != nil {
|
2022-05-13 01:58:31 +00:00
|
|
|
log.Info("No env data found in db, using local clone of env data")
|
2022-02-26 04:14:55 +00:00
|
|
|
// get clone of current store
|
2022-05-29 11:52:46 +00:00
|
|
|
envData, err = memorystore.Provider.GetEnvStore()
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Debug("Error while getting env data from memorystore: ", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
2022-01-17 06:02:13 +00:00
|
|
|
|
2022-02-26 12:44:43 +00:00
|
|
|
// unique client id for each instance
|
2022-05-31 02:44:03 +00:00
|
|
|
cid, ok := envData[constants.EnvKeyClientID]
|
|
|
|
|
clientID := ""
|
|
|
|
|
if !ok || cid == "" {
|
2022-02-26 12:44:43 +00:00
|
|
|
clientID = uuid.New().String()
|
2022-05-29 11:52:46 +00:00
|
|
|
envData[constants.EnvKeyClientID] = clientID
|
2022-05-31 02:44:03 +00:00
|
|
|
} else {
|
|
|
|
|
clientID = cid.(string)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// unique client secret for each instance
|
|
|
|
|
if val, ok := envData[constants.EnvKeyClientSecret]; !ok || val != "" {
|
|
|
|
|
envData[constants.EnvKeyClientSecret] = uuid.New().String()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// os string envs
|
|
|
|
|
osEnv := os.Getenv(constants.EnvKeyEnv)
|
|
|
|
|
osAppURL := os.Getenv(constants.EnvKeyAppURL)
|
|
|
|
|
osAuthorizerURL := os.Getenv(constants.EnvKeyAuthorizerURL)
|
|
|
|
|
osPort := os.Getenv(constants.EnvKeyPort)
|
|
|
|
|
osAccessTokenExpiryTime := os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
|
|
|
|
|
osAdminSecret := os.Getenv(constants.EnvKeyAdminSecret)
|
|
|
|
|
osSmtpHost := os.Getenv(constants.EnvKeySmtpHost)
|
|
|
|
|
osSmtpPort := os.Getenv(constants.EnvKeySmtpPort)
|
|
|
|
|
osSmtpUsername := os.Getenv(constants.EnvKeySmtpUsername)
|
|
|
|
|
osSmtpPassword := os.Getenv(constants.EnvKeySmtpPassword)
|
|
|
|
|
osSenderEmail := os.Getenv(constants.EnvKeySenderEmail)
|
|
|
|
|
osJwtType := os.Getenv(constants.EnvKeyJwtType)
|
|
|
|
|
osJwtSecret := os.Getenv(constants.EnvKeyJwtSecret)
|
|
|
|
|
osJwtPrivateKey := os.Getenv(constants.EnvKeyJwtPrivateKey)
|
|
|
|
|
osJwtPublicKey := os.Getenv(constants.EnvKeyJwtPublicKey)
|
|
|
|
|
osJwtRoleClaim := os.Getenv(constants.EnvKeyJwtRoleClaim)
|
|
|
|
|
osCustomAccessTokenScript := os.Getenv(constants.EnvKeyCustomAccessTokenScript)
|
|
|
|
|
osGoogleClientID := os.Getenv(constants.EnvKeyGoogleClientID)
|
|
|
|
|
osGoogleClientSecret := os.Getenv(constants.EnvKeyGoogleClientSecret)
|
|
|
|
|
osGithubClientID := os.Getenv(constants.EnvKeyGithubClientID)
|
|
|
|
|
osGithubClientSecret := os.Getenv(constants.EnvKeyGithubClientSecret)
|
|
|
|
|
osFacebookClientID := os.Getenv(constants.EnvKeyFacebookClientID)
|
|
|
|
|
osFacebookClientSecret := os.Getenv(constants.EnvKeyFacebookClientSecret)
|
2022-06-06 16:38:32 +00:00
|
|
|
osLinkedInClientID := os.Getenv(constants.EnvKeyLinkedInClientID)
|
|
|
|
|
osLinkedInClientSecret := os.Getenv(constants.EnvKeyLinkedInClientSecret)
|
2022-06-12 09:19:48 +00:00
|
|
|
osAppleClientID := os.Getenv(constants.EnvKeyAppleClientID)
|
|
|
|
|
osAppleClientSecret := os.Getenv(constants.EnvKeyAppleClientSecret)
|
2022-05-31 02:44:03 +00:00
|
|
|
osResetPasswordURL := os.Getenv(constants.EnvKeyResetPasswordURL)
|
|
|
|
|
osOrganizationName := os.Getenv(constants.EnvKeyOrganizationName)
|
|
|
|
|
osOrganizationLogo := os.Getenv(constants.EnvKeyOrganizationLogo)
|
|
|
|
|
|
|
|
|
|
// os bool vars
|
|
|
|
|
osDisableBasicAuthentication := os.Getenv(constants.EnvKeyDisableBasicAuthentication)
|
|
|
|
|
osDisableEmailVerification := os.Getenv(constants.EnvKeyDisableEmailVerification)
|
|
|
|
|
osDisableMagicLinkLogin := os.Getenv(constants.EnvKeyDisableMagicLinkLogin)
|
|
|
|
|
osDisableLoginPage := os.Getenv(constants.EnvKeyDisableLoginPage)
|
|
|
|
|
osDisableSignUp := os.Getenv(constants.EnvKeyDisableSignUp)
|
2022-05-31 07:41:54 +00:00
|
|
|
osDisableRedisForEnv := os.Getenv(constants.EnvKeyDisableRedisForEnv)
|
2022-06-18 10:01:57 +00:00
|
|
|
osDisableStrongPassword := os.Getenv(constants.EnvKeyDisableStrongPassword)
|
2022-05-31 02:44:03 +00:00
|
|
|
|
|
|
|
|
// os slice vars
|
|
|
|
|
osAllowedOrigins := os.Getenv(constants.EnvKeyAllowedOrigins)
|
|
|
|
|
osRoles := os.Getenv(constants.EnvKeyRoles)
|
|
|
|
|
osDefaultRoles := os.Getenv(constants.EnvKeyDefaultRoles)
|
|
|
|
|
osProtectedRoles := os.Getenv(constants.EnvKeyProtectedRoles)
|
|
|
|
|
|
|
|
|
|
ienv, ok := envData[constants.EnvKeyEnv]
|
|
|
|
|
if !ok || ienv == "" {
|
|
|
|
|
envData[constants.EnvKeyEnv] = osEnv
|
2022-05-29 11:52:46 +00:00
|
|
|
if envData[constants.EnvKeyEnv] == "" {
|
|
|
|
|
envData[constants.EnvKeyEnv] = "production"
|
2022-01-17 06:02:13 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-29 11:52:46 +00:00
|
|
|
if envData[constants.EnvKeyEnv] == "production" {
|
|
|
|
|
envData[constants.EnvKeyIsProd] = true
|
2022-01-17 06:02:13 +00:00
|
|
|
} else {
|
2022-05-29 11:52:46 +00:00
|
|
|
envData[constants.EnvKeyIsProd] = false
|
2022-01-17 06:02:13 +00:00
|
|
|
}
|
|
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osEnv != "" && osEnv != envData[constants.EnvKeyEnv] {
|
|
|
|
|
envData[constants.EnvKeyEnv] = osEnv
|
|
|
|
|
if envData[constants.EnvKeyEnv] == "production" {
|
|
|
|
|
envData[constants.EnvKeyIsProd] = true
|
|
|
|
|
} else {
|
|
|
|
|
envData[constants.EnvKeyIsProd] = false
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-01-17 06:02:13 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyAppURL]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyAppURL] = osAppURL
|
|
|
|
|
}
|
|
|
|
|
if osAppURL != "" && envData[constants.EnvKeyAppURL] != osAppURL {
|
|
|
|
|
envData[constants.EnvKeyAppURL] = osAppURL
|
2022-01-17 06:02:13 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyAuthorizerURL]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyAuthorizerURL] = osAuthorizerURL
|
|
|
|
|
}
|
|
|
|
|
if osAuthorizerURL != "" && envData[constants.EnvKeyAuthorizerURL] != osAuthorizerURL {
|
|
|
|
|
envData[constants.EnvKeyAuthorizerURL] = osAuthorizerURL
|
2022-03-30 06:20:22 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyPort]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyPort] = osPort
|
2022-05-29 11:52:46 +00:00
|
|
|
if envData[constants.EnvKeyPort] == "" {
|
|
|
|
|
envData[constants.EnvKeyPort] = "8080"
|
2022-01-17 06:02:13 +00:00
|
|
|
}
|
2021-07-28 06:23:37 +00:00
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osPort != "" && envData[constants.EnvKeyPort] != osPort {
|
|
|
|
|
envData[constants.EnvKeyPort] = osPort
|
|
|
|
|
}
|
2021-07-28 06:23:37 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyAccessTokenExpiryTime]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyAccessTokenExpiryTime] = osAccessTokenExpiryTime
|
2022-05-29 11:52:46 +00:00
|
|
|
if envData[constants.EnvKeyAccessTokenExpiryTime] == "" {
|
|
|
|
|
envData[constants.EnvKeyAccessTokenExpiryTime] = "30m"
|
2022-03-25 14:59:00 +00:00
|
|
|
}
|
2022-03-25 12:21:20 +00:00
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osAccessTokenExpiryTime != "" && envData[constants.EnvKeyAccessTokenExpiryTime] != osAccessTokenExpiryTime {
|
|
|
|
|
envData[constants.EnvKeyAccessTokenExpiryTime] = osAccessTokenExpiryTime
|
|
|
|
|
}
|
2022-03-25 12:21:20 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyAdminSecret]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyAdminSecret] = osAdminSecret
|
|
|
|
|
}
|
|
|
|
|
if osAdminSecret != "" && envData[constants.EnvKeyAdminSecret] != osAdminSecret {
|
|
|
|
|
envData[constants.EnvKeyAdminSecret] = osAdminSecret
|
2022-01-17 06:02:13 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeySmtpHost]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeySmtpHost] = osSmtpHost
|
|
|
|
|
}
|
|
|
|
|
if osSmtpHost != "" && envData[constants.EnvKeySmtpHost] != osSmtpHost {
|
|
|
|
|
envData[constants.EnvKeySmtpHost] = osSmtpHost
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeySmtpPort]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeySmtpPort] = osSmtpPort
|
|
|
|
|
}
|
|
|
|
|
if osSmtpPort != "" && envData[constants.EnvKeySmtpPort] != osSmtpPort {
|
|
|
|
|
envData[constants.EnvKeySmtpPort] = osSmtpPort
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeySmtpUsername]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeySmtpUsername] = osSmtpUsername
|
|
|
|
|
}
|
|
|
|
|
if osSmtpUsername != "" && envData[constants.EnvKeySmtpUsername] != osSmtpUsername {
|
|
|
|
|
envData[constants.EnvKeySmtpUsername] = osSmtpUsername
|
2022-01-07 13:57:31 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeySmtpPassword]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeySmtpPassword] = osSmtpPassword
|
|
|
|
|
}
|
|
|
|
|
if osSmtpPassword != "" && envData[constants.EnvKeySmtpPassword] != osSmtpPassword {
|
|
|
|
|
envData[constants.EnvKeySmtpPassword] = osSmtpPassword
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeySenderEmail]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeySenderEmail] = osSenderEmail
|
|
|
|
|
}
|
|
|
|
|
if osSenderEmail != "" && envData[constants.EnvKeySenderEmail] != osSenderEmail {
|
|
|
|
|
envData[constants.EnvKeySenderEmail] = osSenderEmail
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
algoVal, ok := envData[constants.EnvKeyJwtType]
|
|
|
|
|
algo := ""
|
|
|
|
|
if !ok || algoVal == "" {
|
|
|
|
|
envData[constants.EnvKeyJwtType] = osJwtType
|
2022-05-29 11:52:46 +00:00
|
|
|
if envData[constants.EnvKeyJwtType] == "" {
|
|
|
|
|
envData[constants.EnvKeyJwtType] = "RS256"
|
|
|
|
|
algo = envData[constants.EnvKeyJwtType].(string)
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
} else {
|
|
|
|
|
algo = algoVal.(string)
|
|
|
|
|
if !crypto.IsHMACA(algo) && !crypto.IsRSA(algo) && !crypto.IsECDSA(algo) {
|
|
|
|
|
log.Debug("Invalid JWT Algorithm")
|
|
|
|
|
return errors.New("invalid JWT_TYPE")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if osJwtType != "" && osJwtType != algo {
|
|
|
|
|
if !crypto.IsHMACA(osJwtType) && !crypto.IsRSA(osJwtType) && !crypto.IsECDSA(osJwtType) {
|
|
|
|
|
log.Debug("Invalid JWT Algorithm")
|
|
|
|
|
return errors.New("invalid JWT_TYPE")
|
|
|
|
|
}
|
|
|
|
|
algo = osJwtType
|
|
|
|
|
envData[constants.EnvKeyJwtType] = osJwtType
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-26 15:06:22 +00:00
|
|
|
if crypto.IsHMACA(algo) {
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyJwtSecret]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyJwtSecret] = osJwtSecret
|
2022-05-29 11:52:46 +00:00
|
|
|
if envData[constants.EnvKeyJwtSecret] == "" {
|
|
|
|
|
envData[constants.EnvKeyJwtSecret], _, err = crypto.NewHMACKey(algo, clientID)
|
2022-02-26 15:06:22 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2022-02-26 12:44:43 +00:00
|
|
|
}
|
2021-12-31 08:22:10 +00:00
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osJwtSecret != "" && envData[constants.EnvKeyJwtSecret] != osJwtSecret {
|
|
|
|
|
envData[constants.EnvKeyJwtSecret] = osJwtSecret
|
|
|
|
|
}
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-26 04:14:55 +00:00
|
|
|
if crypto.IsRSA(algo) || crypto.IsECDSA(algo) {
|
2022-02-26 15:06:22 +00:00
|
|
|
privateKey, publicKey := "", ""
|
2022-02-18 11:15:12 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyJwtPrivateKey]; !ok || val == "" {
|
|
|
|
|
privateKey = osJwtPrivateKey
|
|
|
|
|
}
|
|
|
|
|
if osJwtPrivateKey != "" && privateKey != osJwtPrivateKey {
|
|
|
|
|
privateKey = osJwtPrivateKey
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
2022-02-12 10:24:23 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyJwtPublicKey]; !ok || val == "" {
|
|
|
|
|
publicKey = osJwtPublicKey
|
|
|
|
|
}
|
|
|
|
|
if osJwtPublicKey != "" && publicKey != osJwtPublicKey {
|
|
|
|
|
publicKey = osJwtPublicKey
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
2022-02-12 10:24:23 +00:00
|
|
|
|
2022-02-26 04:14:55 +00:00
|
|
|
// if algo is RSA / ECDSA, then we need to have both private and public key
|
|
|
|
|
// if either of them is not present generate new keys
|
|
|
|
|
if privateKey == "" || publicKey == "" {
|
|
|
|
|
if crypto.IsRSA(algo) {
|
2022-02-26 15:06:22 +00:00
|
|
|
_, privateKey, publicKey, _, err = crypto.NewRSAKey(algo, clientID)
|
2022-02-26 04:14:55 +00:00
|
|
|
if err != nil {
|
2022-02-26 04:36:26 +00:00
|
|
|
return err
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
|
|
|
|
} else if crypto.IsECDSA(algo) {
|
2022-02-26 15:06:22 +00:00
|
|
|
_, privateKey, publicKey, _, err = crypto.NewECDSAKey(algo, clientID)
|
2022-02-26 04:14:55 +00:00
|
|
|
if err != nil {
|
2022-02-26 04:36:26 +00:00
|
|
|
return err
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// parse keys to make sure they are valid
|
|
|
|
|
if crypto.IsRSA(algo) {
|
|
|
|
|
_, err = crypto.ParseRsaPrivateKeyFromPemStr(privateKey)
|
|
|
|
|
if err != nil {
|
2022-02-26 04:36:26 +00:00
|
|
|
return err
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-26 15:06:22 +00:00
|
|
|
_, err := crypto.ParseRsaPublicKeyFromPemStr(publicKey)
|
2022-02-26 12:44:43 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-26 04:14:55 +00:00
|
|
|
} else if crypto.IsECDSA(algo) {
|
|
|
|
|
_, err = crypto.ParseEcdsaPrivateKeyFromPemStr(privateKey)
|
|
|
|
|
if err != nil {
|
2022-02-26 04:36:26 +00:00
|
|
|
return err
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
|
|
|
|
|
2022-02-26 15:06:22 +00:00
|
|
|
_, err := crypto.ParseEcdsaPublicKeyFromPemStr(publicKey)
|
2022-02-26 04:14:55 +00:00
|
|
|
if err != nil {
|
2022-02-26 04:36:26 +00:00
|
|
|
return err
|
2022-02-26 04:14:55 +00:00
|
|
|
}
|
|
|
|
|
}
|
2021-12-31 08:22:10 +00:00
|
|
|
}
|
2022-02-26 04:36:26 +00:00
|
|
|
|
2022-05-29 11:52:46 +00:00
|
|
|
envData[constants.EnvKeyJwtPrivateKey] = privateKey
|
|
|
|
|
envData[constants.EnvKeyJwtPublicKey] = publicKey
|
2022-02-26 12:44:43 +00:00
|
|
|
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyJwtRoleClaim]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
|
2021-12-22 05:21:12 +00:00
|
|
|
|
2022-05-29 11:52:46 +00:00
|
|
|
if envData[constants.EnvKeyJwtRoleClaim] == "" {
|
|
|
|
|
envData[constants.EnvKeyJwtRoleClaim] = "role"
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osJwtRoleClaim != "" && envData[constants.EnvKeyJwtRoleClaim] != osJwtRoleClaim {
|
|
|
|
|
envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyCustomAccessTokenScript]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyCustomAccessTokenScript] = osCustomAccessTokenScript
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osCustomAccessTokenScript != "" && envData[constants.EnvKeyCustomAccessTokenScript] != osCustomAccessTokenScript {
|
|
|
|
|
envData[constants.EnvKeyCustomAccessTokenScript] = osCustomAccessTokenScript
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyGoogleClientID]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyGoogleClientID] = osGoogleClientID
|
|
|
|
|
}
|
|
|
|
|
if osGoogleClientID != "" && envData[constants.EnvKeyGoogleClientID] != osGoogleClientID {
|
|
|
|
|
envData[constants.EnvKeyGoogleClientID] = osGoogleClientID
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyGoogleClientSecret]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyGoogleClientSecret] = osGoogleClientSecret
|
|
|
|
|
}
|
|
|
|
|
if osGoogleClientSecret != "" && envData[constants.EnvKeyGoogleClientSecret] != osGoogleClientSecret {
|
|
|
|
|
envData[constants.EnvKeyGoogleClientSecret] = osGoogleClientSecret
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyGithubClientID]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyGithubClientID] = osGithubClientID
|
|
|
|
|
}
|
|
|
|
|
if osGithubClientID != "" && envData[constants.EnvKeyGithubClientID] != osGithubClientID {
|
|
|
|
|
envData[constants.EnvKeyGithubClientID] = osGithubClientID
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyGithubClientSecret]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyGithubClientSecret] = osGithubClientSecret
|
|
|
|
|
}
|
|
|
|
|
if osGithubClientSecret != "" && envData[constants.EnvKeyGithubClientSecret] != osGithubClientSecret {
|
|
|
|
|
envData[constants.EnvKeyGithubClientSecret] = osGithubClientSecret
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyFacebookClientID]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyFacebookClientID] = osFacebookClientID
|
|
|
|
|
}
|
|
|
|
|
if osFacebookClientID != "" && envData[constants.EnvKeyFacebookClientID] != osFacebookClientID {
|
|
|
|
|
envData[constants.EnvKeyFacebookClientID] = osFacebookClientID
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyFacebookClientSecret]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyFacebookClientSecret] = osFacebookClientSecret
|
|
|
|
|
}
|
|
|
|
|
if osFacebookClientSecret != "" && envData[constants.EnvKeyFacebookClientSecret] != osFacebookClientSecret {
|
|
|
|
|
envData[constants.EnvKeyFacebookClientSecret] = osFacebookClientSecret
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-06-06 16:38:32 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyLinkedInClientID]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyLinkedInClientID] = osLinkedInClientID
|
|
|
|
|
}
|
|
|
|
|
if osFacebookClientID != "" && envData[constants.EnvKeyLinkedInClientID] != osFacebookClientID {
|
|
|
|
|
envData[constants.EnvKeyLinkedInClientID] = osLinkedInClientID
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if val, ok := envData[constants.EnvKeyLinkedInClientSecret]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyLinkedInClientSecret] = osLinkedInClientSecret
|
|
|
|
|
}
|
|
|
|
|
if osFacebookClientSecret != "" && envData[constants.EnvKeyLinkedInClientSecret] != osFacebookClientSecret {
|
|
|
|
|
envData[constants.EnvKeyLinkedInClientSecret] = osLinkedInClientSecret
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-12 09:19:48 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyAppleClientID]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyAppleClientID] = osAppleClientID
|
|
|
|
|
}
|
|
|
|
|
if osFacebookClientID != "" && envData[constants.EnvKeyAppleClientID] != osFacebookClientID {
|
|
|
|
|
envData[constants.EnvKeyAppleClientID] = osAppleClientID
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if val, ok := envData[constants.EnvKeyAppleClientSecret]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyAppleClientSecret] = osAppleClientSecret
|
|
|
|
|
}
|
|
|
|
|
if osFacebookClientSecret != "" && envData[constants.EnvKeyAppleClientSecret] != osFacebookClientSecret {
|
|
|
|
|
envData[constants.EnvKeyAppleClientSecret] = osAppleClientSecret
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyResetPasswordURL]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyResetPasswordURL] = strings.TrimPrefix(osResetPasswordURL, "/")
|
|
|
|
|
}
|
|
|
|
|
if osResetPasswordURL != "" && envData[constants.EnvKeyResetPasswordURL] != osResetPasswordURL {
|
|
|
|
|
envData[constants.EnvKeyResetPasswordURL] = osResetPasswordURL
|
|
|
|
|
}
|
2021-12-22 05:21:12 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyOrganizationName]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyOrganizationName] = osOrganizationName
|
|
|
|
|
}
|
|
|
|
|
if osOrganizationName != "" && envData[constants.EnvKeyOrganizationName] != osOrganizationName {
|
|
|
|
|
envData[constants.EnvKeyOrganizationName] = osOrganizationName
|
2021-12-22 05:21:12 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyOrganizationLogo]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyOrganizationLogo] = osOrganizationLogo
|
|
|
|
|
}
|
|
|
|
|
if osOrganizationLogo != "" && envData[constants.EnvKeyOrganizationLogo] != osOrganizationLogo {
|
|
|
|
|
envData[constants.EnvKeyOrganizationLogo] = osOrganizationLogo
|
2021-07-28 06:23:37 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if _, ok := envData[constants.EnvKeyDisableBasicAuthentication]; !ok {
|
|
|
|
|
envData[constants.EnvKeyDisableBasicAuthentication] = osDisableBasicAuthentication == "true"
|
|
|
|
|
}
|
|
|
|
|
if osDisableBasicAuthentication != "" {
|
|
|
|
|
boolValue, err := strconv.ParseBool(osDisableBasicAuthentication)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if boolValue != envData[constants.EnvKeyDisableBasicAuthentication].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableBasicAuthentication] = boolValue
|
2021-08-04 06:48:57 +00:00
|
|
|
}
|
|
|
|
|
}
|
2021-12-21 13:16:54 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if _, ok := envData[constants.EnvKeyDisableEmailVerification]; !ok {
|
|
|
|
|
envData[constants.EnvKeyDisableEmailVerification] = osDisableEmailVerification == "true"
|
2021-12-21 13:16:54 +00:00
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osDisableEmailVerification != "" {
|
|
|
|
|
boolValue, err := strconv.ParseBool(osDisableEmailVerification)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if boolValue != envData[constants.EnvKeyDisableEmailVerification].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableEmailVerification] = boolValue
|
|
|
|
|
}
|
2021-08-04 06:48:57 +00:00
|
|
|
}
|
2021-12-21 13:16:54 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if _, ok := envData[constants.EnvKeyDisableMagicLinkLogin]; !ok {
|
|
|
|
|
envData[constants.EnvKeyDisableMagicLinkLogin] = osDisableMagicLinkLogin == "true"
|
|
|
|
|
}
|
|
|
|
|
if osDisableMagicLinkLogin != "" {
|
|
|
|
|
boolValue, err := strconv.ParseBool(osDisableMagicLinkLogin)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if boolValue != envData[constants.EnvKeyDisableMagicLinkLogin].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableMagicLinkLogin] = boolValue
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-11-14 22:42:28 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if _, ok := envData[constants.EnvKeyDisableLoginPage]; !ok {
|
|
|
|
|
envData[constants.EnvKeyDisableLoginPage] = osDisableLoginPage == "true"
|
|
|
|
|
}
|
|
|
|
|
if osDisableLoginPage != "" {
|
|
|
|
|
boolValue, err := strconv.ParseBool(osDisableLoginPage)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if boolValue != envData[constants.EnvKeyDisableLoginPage].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableLoginPage] = boolValue
|
|
|
|
|
}
|
2021-10-13 16:41:41 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if _, ok := envData[constants.EnvKeyDisableSignUp]; !ok {
|
|
|
|
|
envData[constants.EnvKeyDisableSignUp] = osDisableSignUp == "true"
|
|
|
|
|
}
|
|
|
|
|
if osDisableSignUp != "" {
|
|
|
|
|
boolValue, err := strconv.ParseBool(osDisableSignUp)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if boolValue != envData[constants.EnvKeyDisableSignUp].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableSignUp] = boolValue
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-10-13 16:41:41 +00:00
|
|
|
|
2022-05-31 07:41:54 +00:00
|
|
|
if _, ok := envData[constants.EnvKeyDisableRedisForEnv]; !ok {
|
|
|
|
|
envData[constants.EnvKeyDisableRedisForEnv] = osDisableRedisForEnv == "true"
|
|
|
|
|
}
|
|
|
|
|
if osDisableRedisForEnv != "" {
|
|
|
|
|
boolValue, err := strconv.ParseBool(osDisableRedisForEnv)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if boolValue != envData[constants.EnvKeyDisableRedisForEnv].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableRedisForEnv] = boolValue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-18 10:01:57 +00:00
|
|
|
if _, ok := envData[constants.EnvKeyDisableStrongPassword]; !ok {
|
|
|
|
|
envData[constants.EnvKeyDisableStrongPassword] = osDisableStrongPassword == "true"
|
|
|
|
|
}
|
|
|
|
|
if osDisableStrongPassword != "" {
|
|
|
|
|
boolValue, err := strconv.ParseBool(osDisableStrongPassword)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if boolValue != envData[constants.EnvKeyDisableStrongPassword].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableStrongPassword] = boolValue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
// no need to add nil check as its already done above
|
|
|
|
|
if envData[constants.EnvKeySmtpHost] == "" || envData[constants.EnvKeySmtpUsername] == "" || envData[constants.EnvKeySmtpPassword] == "" || envData[constants.EnvKeySenderEmail] == "" && envData[constants.EnvKeySmtpPort] == "" {
|
|
|
|
|
envData[constants.EnvKeyDisableEmailVerification] = true
|
|
|
|
|
envData[constants.EnvKeyDisableMagicLinkLogin] = true
|
2022-07-29 10:30:12 +00:00
|
|
|
envData[constants.EnvKeyIsEmailServiceEnabled] = false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if envData[constants.EnvKeySmtpHost] != "" || envData[constants.EnvKeySmtpUsername] != "" || envData[constants.EnvKeySmtpPassword] != "" || envData[constants.EnvKeySenderEmail] != "" && envData[constants.EnvKeySmtpPort] != "" {
|
|
|
|
|
envData[constants.EnvKeyIsEmailServiceEnabled] = true
|
2021-10-13 16:41:41 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if envData[constants.EnvKeyDisableEmailVerification].(bool) {
|
|
|
|
|
envData[constants.EnvKeyDisableMagicLinkLogin] = true
|
|
|
|
|
}
|
2021-10-13 16:41:41 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyAllowedOrigins]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyAllowedOrigins] = osAllowedOrigins
|
|
|
|
|
if envData[constants.EnvKeyAllowedOrigins] == "" {
|
|
|
|
|
envData[constants.EnvKeyAllowedOrigins] = "*"
|
2021-10-13 16:41:41 +00:00
|
|
|
}
|
|
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osAllowedOrigins != "" && envData[constants.EnvKeyAllowedOrigins] != osAllowedOrigins {
|
|
|
|
|
envData[constants.EnvKeyAllowedOrigins] = osAllowedOrigins
|
|
|
|
|
}
|
2021-09-20 05:06:26 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyRoles]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyRoles] = osRoles
|
|
|
|
|
if envData[constants.EnvKeyRoles] == "" {
|
|
|
|
|
envData[constants.EnvKeyRoles] = "user"
|
2021-09-20 05:06:26 +00:00
|
|
|
}
|
|
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
if osRoles != "" && envData[constants.EnvKeyRoles] != osRoles {
|
|
|
|
|
envData[constants.EnvKeyRoles] = osRoles
|
2021-09-20 05:06:26 +00:00
|
|
|
}
|
2022-05-31 02:44:03 +00:00
|
|
|
roles := strings.Split(envData[constants.EnvKeyRoles].(string), ",")
|
2021-09-20 05:06:26 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyDefaultRoles]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyDefaultRoles] = osDefaultRoles
|
|
|
|
|
if envData[constants.EnvKeyDefaultRoles] == "" {
|
|
|
|
|
envData[constants.EnvKeyDefaultRoles] = "user"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if osDefaultRoles != "" && envData[constants.EnvKeyDefaultRoles] != osDefaultRoles {
|
|
|
|
|
envData[constants.EnvKeyDefaultRoles] = osDefaultRoles
|
|
|
|
|
}
|
|
|
|
|
defaultRoles := strings.Split(envData[constants.EnvKeyDefaultRoles].(string), ",")
|
|
|
|
|
if len(defaultRoles) == 0 {
|
|
|
|
|
defaultRoles = []string{roles[0]}
|
|
|
|
|
}
|
2021-09-20 05:06:26 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
for _, role := range defaultRoles {
|
|
|
|
|
if !utils.StringSliceContains(roles, role) {
|
|
|
|
|
return fmt.Errorf("Default role %s is not defined in roles", role)
|
|
|
|
|
}
|
2021-10-03 21:47:50 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
if val, ok := envData[constants.EnvKeyProtectedRoles]; !ok || val == "" {
|
|
|
|
|
envData[constants.EnvKeyProtectedRoles] = osProtectedRoles
|
|
|
|
|
}
|
|
|
|
|
if osProtectedRoles != "" && envData[constants.EnvKeyProtectedRoles] != osProtectedRoles {
|
|
|
|
|
envData[constants.EnvKeyProtectedRoles] = osProtectedRoles
|
2021-10-03 21:47:50 +00:00
|
|
|
}
|
2022-01-17 06:02:13 +00:00
|
|
|
|
2022-05-31 02:44:03 +00:00
|
|
|
err = memorystore.Provider.UpdateEnvStore(envData)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Debug("Error while updating env store: ", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
2022-02-26 04:36:26 +00:00
|
|
|
return nil
|
2021-07-28 06:23:37 +00:00
|
|
|
}
|
