Support for client secret file. (#355)

* added ClientSecretFile in ProviderData * add documentation notes on client secret file * added Changelog entry for Client Secret File PR * fixing configuration.md * addressing PR issue of ClientSecret property naming * Update providers/provider_data.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * corrected changelog entry * fixed typo in GetClientSecret Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2025-12-01 22:51:45 +02:00 · 2020-02-15 14:44:39 +01:00
parent 3a843f815d
commit f2661c47ba
11 changed files with 161 additions and 27 deletions
--- a/providers/gitlab.go
+++ b/providers/gitlab.go
@@ -38,10 +38,15 @@ func NewGitLabProvider(p *ProviderData) *GitLabProvider {

 // Redeem exchanges the OAuth2 authentication token for an ID token
 func (p *GitLabProvider) Redeem(redirectURL, code string) (s *sessions.SessionState, err error) {
+	clientSecret, err := p.GetClientSecret()
+	if err != nil {
+		return
+	}
+
 	ctx := context.Background()
 	c := oauth2.Config{
 		ClientID:     p.ClientID,
-		ClientSecret: p.ClientSecret,
+		ClientSecret: clientSecret,
 		Endpoint: oauth2.Endpoint{
 			TokenURL: p.RedeemURL.String(),
 		},
@@ -77,9 +82,14 @@ func (p *GitLabProvider) RefreshSessionIfNeeded(s *sessions.SessionState) (bool,
 }

 func (p *GitLabProvider) redeemRefreshToken(s *sessions.SessionState) (err error) {
+	clientSecret, err := p.GetClientSecret()
+	if err != nil {
+		return
+	}
+
 	c := oauth2.Config{
 		ClientID:     p.ClientID,
-		ClientSecret: p.ClientSecret,
+		ClientSecret: clientSecret,
 		Endpoint: oauth2.Endpoint{
 			TokenURL: p.RedeemURL.String(),
 		},