[pve-devel] applied: [PATCH pve-access-control v2 0/5] add OpenId realms

Thomas Lamprecht t.lamprecht at proxmox.com
Thu Jul 1 13:38:58 CEST 2021


On 30.06.21 08:10, Dietmar Maurer wrote:
> Changes in v2:
> - also check if user is expired (in check_user_enabled)
> - always die with newline
> - rename "user-attr" to "username-claim"
> 
> 
> Dietmar Maurer (5):
>   check_user_enabled: also check if user is expired
>   add OpenId configuration
>   depend on libpve-rs-perl
>   api: implement openid API
>   implement OpenID autocreate user feature
> 
>  debian/control                |   2 +
>  src/PVE/API2/AccessControl.pm |  60 ++-------
>  src/PVE/API2/Makefile         |   3 +-
>  src/PVE/API2/OpenId.pm        | 238 ++++++++++++++++++++++++++++++++++
>  src/PVE/AccessControl.pm      |  18 +--
>  src/PVE/Auth/Makefile         |   3 +-
>  src/PVE/Auth/OpenId.pm        |  68 ++++++++++
>  src/PVE/RPCEnvironment.pm     |  49 +++++++
>  8 files changed, 378 insertions(+), 63 deletions(-)
>  create mode 100644 src/PVE/API2/OpenId.pm
>  create mode 100755 src/PVE/Auth/OpenId.pm
> 



applied series, thanks!

But I moved the second hunk:
-	    if (defined(my $user_attr = $config->{'user-attr'})) {
+	    if (defined(my $user_attr = $config->{'username-claim'})) {

of patch 5/5 ("implement OpenID autocreate user feature") into the previous 
patch 4/5 ("api: implement openid API") and adapted the error message in
that if/else chain, as it still talked about "user_attrs" from v1.





More information about the pve-devel mailing list