From b80b81dfdee82b7ec710ddf4a2daecc2927dc64a Mon Sep 17 00:00:00 2001
From: iFargle <albert@sysctl.io>
Date: Fri, 17 Feb 2023 14:37:15 +0900
Subject: [PATCH] Test

---
 Dockerfile         |  7 ++++---
 docker-compose.yml |  8 ++++----
 server.py          | 30 +++++++++---------------------
 3 files changed, 17 insertions(+), 28 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 8e2be79..17987b0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,9 +38,10 @@ ENV BASIC_AUTH_USER="user"
 ENV BASIC_AUTH_PASS="pass"
 
 # OIDC variables
-ENV OIDC_DISCOVERY_URL=http://localhost
-ENV OIDC_CLIENT_ID=Headscale-WebUI
-ENV OIDC_CLIENT_SECRET=
+ENV FLASK_OIDC_PROVIDER_NAME="OIDC"
+ENV FLASK_OIDC_CLIENT_ID=Headscale-WebUI
+ENV FLASK_OIDC_CLIENT_SECRET=secret
+ENV FLASK_OIDC_CONFIG_URL=http://localhost
 
 # Jenkins build args
 ARG GIT_COMMIT_ARG=""
diff --git a/docker-compose.yml b/docker-compose.yml
index 5a32c4f..9807545 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,10 +12,10 @@ services:
       - BASIC_AUTH_USER=user                   # Used for basic auth - Can be omitted if not using Basic Auth  
       - BASIC_AUTH_PASS=pass                   # Used for basic auth - Can be omitted if not using Basic Auth
       # ENV for OIDC (Used only if AUTH_TYPE is "OIDC")
-      - OIDC_DISCOVERY_URL=https://auth.$DOMAIN # Check docs for your OIDC provider for the "Well Known" discovery URL
-      - OIDC_CLIENT_ID=Headscale WebUI
-      - OIDC_CLIENT_SECRET=YourOIDCClientSecret
-      # OIDC Redirect URI:  $DOMAIN/$BASE_PATH/auth
+      - FLASK_OIDC_PROVIDER_NAME="OIDC"
+      - FLASK_OIDC_CLIENT_ID=Headscale-WebUI
+      - FLASK_OIDC_CLIENT_SECRET=secret
+      - FLASK_OIDC_CONFIG_URL=https://auth.$DOMAIN/.well-known/openid-configuration
     volumes:
       - ./volume:/data                         # Headscale-WebUI's storage.  Make sure ./volume is readable by UID 1000 (chown 1000:1000 ./volume)
       - ./headscale/config/:/etc/headscale/:ro # Headscale's config storage location.  Used to read your Headscale config.
\ No newline at end of file
diff --git a/server.py b/server.py
index 1a0a864..77aad14 100644
--- a/server.py
+++ b/server.py
@@ -17,15 +17,15 @@ DEBUG_STATE = False
 AUTH_TYPE   = os.environ["AUTH_TYPE"].replace('"', '')
 
 # OIDC Variables:  https://github.com/verdan/flaskoidc
-FLASK_OIDC_PROVIDER_NAME = "OIDC"                           # Default:  'google'
-# FLASK_OIDC_SCOPES                                           # Default:  'openid email profile'
-# FLASK_OIDC_USER_ID_FIELD                                    # Default:  'email'
-FLASK_OIDC_CLIENT_ID = os.environ["OIDC_CLIENT_ID"]         # Default:  ''
-FLASK_OIDC_CLIENT_SECRET = os.environ["OIDC_CLIENT_SECRET"] # Default:  ''
-# FLASK_OIDC_FORCE_SCHEME                                     # Default:  'http'
-# FLASK_OIDC_REDIRECT_URI                                     # Default:  '/auth'
-FLASK_OIDC_CONFIG_URL = os.environ["OIDC_DISCOVERY_URL"]    # Default:  ''
-FLASK_OIDC_OVERWRITE_REDIRECT_URI = BASE_PATH               # Default:  '/'
+#    OIDC_PROVIDER = os.environ.get("FLASK_OIDC_PROVIDER_NAME", "google")
+#    OIDC_SCOPES = os.environ.get("FLASK_OIDC_SCOPES", "openid email profile")
+#    USER_ID_FIELD = os.environ.get("FLASK_OIDC_USER_ID_FIELD", "email")
+#    CLIENT_ID = os.environ.get("FLASK_OIDC_CLIENT_ID", "")
+#    CLIENT_SECRET = os.environ.get("FLASK_OIDC_CLIENT_SECRET", "")
+#    SCHEME = os.environ.get("FLASK_OIDC_FORCE_SCHEME", "http")
+#    REDIRECT_URI = os.environ.get("FLASK_OIDC_REDIRECT_URI", "/auth")
+#    OVERWRITE_REDIRECT_URI = os.environ.get("FLASK_OIDC_OVERWRITE_REDIRECT_URI", "/")
+#    CONFIG_URL = os.environ.get("FLASK_OIDC_CONFIG_URL", "")
 
 static_url_path = '/static'
 if BASE_PATH != '': static_url_path = BASE_PATH + static_url_path
@@ -34,20 +34,8 @@ if BASE_PATH != '': static_url_path = BASE_PATH + static_url_path
 if AUTH_TYPE.lower() == "oidc":
     # Load OIDC libraries
     from flaskoidc import FlaskOIDC
-    from flaskoidc.config import BaseConfig
 
-    class CustomConfig(BaseConfig):
-        DEBUG = DEBUG_STATE
-        PROVIDER_NAME = "OIDC"                           # Default:  'google'
-        CLIENT_ID = os.environ["OIDC_CLIENT_ID"]         # Default:  ''
-        CLIENT_SECRET = os.environ["OIDC_CLIENT_SECRET"] # Default:  ''
-        CONFIG_URL = os.environ["OIDC_DISCOVERY_URL"]    # Default:  ''
-        OVERWRITE_REDIRECT_URI = BASE_PATH               # Default:  '/'
-
-    print("using config "+FLASK_OIDC_CONFIG_URL)
     app = FlaskOIDC(__name__, static_url_path=static_url_path)
-    app.config.from_object(CustomConfig)
-
     app.logger.debug("Loading OIDC libraries and configuring app...")
     # TODO:
     # If OIDC is enabled, add user info and a logout button to the top bar.