borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-14 18:04:44 +02:00
parent 886f6433db
commit e7ca2ae6b5
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/routes/auth.js
View File

@@ -47,18 +47,23 @@ router.get('/config/:tenantId', async (req, res) => {
}); });
} }
// Return public auth configuration (no secrets) // Return MINIMAL public auth configuration (no internal settings exposed)
const publicConfig = { const publicConfig = {
provider: tenant.auth_provider, provider: tenant.auth_provider,
enabled: tenant.is_active, enabled: tenant.is_active,
features: { features: {
local_login: tenant.auth_provider === 'local', local_login: tenant.auth_provider === 'local',
sso_login: ['saml', 'oauth', 'ldap'].includes(tenant.auth_provider), sso_login: ['saml', 'oauth', 'ldap'].includes(tenant.auth_provider),
registration: tenant.auth_provider === 'local' && tenant.allow_registration // Only show registration as enabled if ALL server-side checks would pass
registration: (
tenant.auth_provider === 'local' &&
tenant.is_active &&
tenant.allow_registration
)
} }
}; };
// Add provider-specific public config // Add provider-specific public config (URLs only - no secrets)
if (tenant.auth_provider === 'saml') { if (tenant.auth_provider === 'saml') {
publicConfig.saml = { publicConfig.saml = {
login_url: `/auth/saml/${tenantId}/login`, login_url: `/auth/saml/${tenantId}/login`,
@@ -70,6 +75,9 @@ router.get('/config/:tenantId', async (req, res) => {
}; };
} }
// Add security notice for developers
publicConfig._security_notice = "This config is for UI display only. All security validations occur server-side.";
res.json({ res.json({
success: true, success: true,
data: publicConfig data: publicConfig