From ce31e0dee1252cf966bf04702e4884e806d3c7fa Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Mon, 3 Jun 2024 09:52:37 -0400 Subject: [PATCH] Read oidc scope as yaml symbol array --- config/initializers/3_omniauth.rb | 6 +----- config/omniauth.yml | 4 +++- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/config/initializers/3_omniauth.rb b/config/initializers/3_omniauth.rb index 1dc536c55ca..d731c0fd5c4 100644 --- a/config/initializers/3_omniauth.rb +++ b/config/initializers/3_omniauth.rb @@ -27,13 +27,9 @@ Devise.setup do |config| # OpenID Connect Strategy if Rails.configuration.omniauth.oidc_enabled - oidc_options = Rails.configuration.omniauth.oidc - config.omniauth( :openid_connect, - oidc_options.merge( - scope: oidc_options[:scope].split(',').map(&:to_sym) # Convert scope to symbol array - ) + Rails.configuration.omniauth.oidc ) end end diff --git a/config/omniauth.yml b/config/omniauth.yml index 019aa2cefcb..a85ee531d19 100644 --- a/config/omniauth.yml +++ b/config/omniauth.yml @@ -60,7 +60,9 @@ shared: issuer: <%= ENV.fetch('OIDC_ISSUER', nil) %> # NEED discovery: <%= ENV.fetch('OIDC_DISCOVERY', 'false') == 'true' %> # OPTIONAL (default: false) client_auth_method: <%= ENV.fetch('OIDC_CLIENT_AUTH_METHOD', nil) %> # OPTIONAL (default: basic) - scope: <%= ENV.fetch('OIDC_SCOPE', '') %> + scope: <% ENV.fetch('OIDC_SCOPE', '').split(',').each do |value| %> + - !ruby/symbol <%= value %> + <% end %> response_type: <%= ENV.fetch('OIDC_RESPONSE_TYPE', nil) %> # OPTIONAL (default: code) response_mode: <%= ENV.fetch('OIDC_RESPONSE_MODE', nil) %> # OPTIONAL (default: query) display: <%= ENV.fetch('OIDC_DISPLAY', nil) %> # OPTIONAL (default: page)