diff --git a/.env.example b/.env.example deleted file mode 100755 index 163aa0c..0000000 --- a/.env.example +++ /dev/null @@ -1,30 +0,0 @@ -# Authentik OIDC Settings -AUTHENTIK_HOST=https://auth.example.com -AUTHENTIK_CLIENT_ID=your-client-id -AUTHENTIK_CLIENT_SECRET=your-client-secret - -# Portal Settings -PORTAL_SECRET_KEY=your-random-secret-key -PORTAL_BASE_URL=https://portal.example.com - -# Site configurations (JSON) -SITES='[ - { - "id": "jfmt", - "name": "JFMT-PDX", - "unifi_host": "https://192.168.1.1", - "unifi_api_key": "your-api-key", - "unifi_site": "default", - "ssid": "jfmt_guest", - "default_duration_minutes": 1440 - }, - { - "id": "jfhr", - "name": "JFHR", - "unifi_host": "https://192.168.10.1", - "unifi_api_key": "your-api-key", - "unifi_site": "default", - "ssid": "jfhr_guest", - "default_duration_minutes": 1440 - } -]' diff --git a/app/auth.py b/app/auth.py index 964f4d6..3033143 100755 --- a/app/auth.py +++ b/app/auth.py @@ -4,7 +4,7 @@ import logging logger = logging.getLogger(__name__) -SCOPES = "openid email profile attributes" +SCOPES = "openid email profile" def get_authorization_url(config: AppConfig, state: str) -> str: @@ -16,14 +16,14 @@ def get_authorization_url(config: AppConfig, state: str) -> str: "state": state, } query = "&".join(f"{k}={v}" for k, v in params.items()) - url = f"{config.authentik_host}/application/o/authorize/?{query}" + url = f"https://accounts.google.com/o/oauth2/auth?{query}" logger.info("Authorization URL: %s", url) return url async def exchange_code_for_token(config: AppConfig, code: str) -> dict: async with httpx.AsyncClient() as client: response = await client.post( - f"{config.authentik_host}/application/o/token/", + f"https://oauth2.googleapis.com/token", data={ "grant_type": "authorization_code", "code": code, @@ -39,7 +39,7 @@ async def exchange_code_for_token(config: AppConfig, code: str) -> dict: async def get_userinfo(config: AppConfig, access_token: str) -> dict: async with httpx.AsyncClient() as client: response = await client.get( - f"{config.authentik_host}/application/o/userinfo/", + f"https://www.googleapis.com/oauth2/v1/userinfo?alt=json", headers={"Authorization": f"Bearer {access_token}"}, ) response.raise_for_status() diff --git a/docker-compose.portal.yml b/compose.yml similarity index 95% rename from docker-compose.portal.yml rename to compose.yml index 6c5b036..767b827 100755 --- a/docker-compose.portal.yml +++ b/compose.yml @@ -15,4 +15,4 @@ services: volumes: - ./nginx.conf:/etc/nginx/conf.d/default.conf depends_on: - - portal \ No newline at end of file + - portal