move oauth connector doc to dex website repo

move default key values configure to connector construct function Signed-off-by: Rui Yang <ruiya@vmware.com>

move oauth connector doc to dex website repo
8ea121b4 · Rui Yang · 49cb30af · 8ea121b4 · 8ea121b4 · 49cb30af
Commit 8ea121b4 authored 4 years ago by Rui Yang
--- a/README.md
+++ b/README.md
@@ -71,7 +71,7 @@ Dex implements the following connectors:
 | [SAML 2.0](https://dexidp.io/docs/connectors/saml/) | no | yes | no | stable | WARNING: Unmaintained and likely vulnerable to auth bypasses ([#1884](https://github.com/dexidp/dex/discussions/1884)) |
 | [GitLab](https://dexidp.io/docs/connectors/gitlab/) | yes | yes | yes | beta | |
 | [OpenID Connect](https://dexidp.io/docs/connectors/oidc/) | yes | yes | yes | beta | Includes Salesforce, Azure, etc. |
-| [Generic OAuth 2.0](https://dexidp.io/docs/connectors/oauth.md) | no | yes | yes | beta | |
+| [OAuth 2.0](https://dexidp.io/docs/connectors/oauth/) | no | yes | yes | alpha | |
 | [Google](https://dexidp.io/docs/connectors/google/) | yes | yes | yes | alpha | |
 | [LinkedIn](https://dexidp.io/docs/connectors/linkedin/) | yes | no | no | beta | |
 | [Microsoft](https://dexidp.io/docs/connectors/microsoft/) | yes | yes | no | beta | |
@@ -81,7 +81,7 @@ Dex implements the following connectors:
 | [Atlassian Crowd](https://dexidp.io/docs/connectors/atlassiancrowd/) | yes | yes | yes * | beta | preferred_username claim must be configured through config |
 | [Gitea](https://dexidp.io/docs/connectors/gitea/) | yes | no | yes | alpha | |
 | [OpenStack Keystone](https://dexidp.io/docs/connectors/keystone/) | yes | yes | no | alpha | |
-| [Generic OAuth 2.0](https://dexidp.io/docs/connectors/oauth/) | no | yes | yes | alpha |
+| [Generic OAuth 2.0](https://dexidp.io/docs/connectors/oauth/) | no | yes | yes | alpha | |

 Stable, beta, and alpha are defined as:


--- a/connector/oauth/oauth.go
+++ b/connector/oauth/oauth.go
@@ -65,6 +65,30 @@ type Config struct {
 func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) {
 	var err error

+	if c.UserIDKey == "" {
+		c.UserIDKey = "id"
+	}
+
+	if c.ClaimMapping.UserNameKey == "" {
+		c.ClaimMapping.UserNameKey = "user_name"
+	}
+
+	if c.ClaimMapping.PreferredUsernameKey == "" {
+		c.ClaimMapping.PreferredUsernameKey = "preferred_username"
+	}
+
+	if c.ClaimMapping.GroupsKey == "" {
+		c.ClaimMapping.GroupsKey = "groups"
+	}
+
+	if c.ClaimMapping.EmailKey == "" {
+		c.ClaimMapping.EmailKey = "email"
+	}
+
+	if c.ClaimMapping.EmailVerifiedKey == "" {
+		c.ClaimMapping.EmailVerifiedKey = "email_verified"
+	}
+
 	oauthConn := &oauthConnector{
 		clientID:             c.ClientID,
 		clientSecret:         c.ClientSecret,
@@ -181,36 +205,12 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id
 		return identity, fmt.Errorf("OAuth Connector: failed to parse userinfo: %v", err)
 	}

-	if c.userIDKey == "" {
-		c.userIDKey = "id"
-	}
-
 	userID, found := userInfoResult[c.userIDKey].(string)
 	if !found {
 		return identity, fmt.Errorf("OAuth Connector: not found %v claim", c.userIDKey)
 	}

 	identity.UserID = userID
-	if c.userNameKey == "" {
-		c.userNameKey = "user_name"
-	}
-
-	if c.preferredUsernameKey == "" {
-		c.preferredUsernameKey = "preferred_username"
-	}
-
-	if c.groupsKey == "" {
-		c.groupsKey = "groups"
-	}
-
-	if c.emailKey == "" {
-		c.emailKey = "email"
-	}
-
-	if c.emailVerifiedKey == "" {
-		c.emailVerifiedKey = "email_verified"
-	}
-
 	identity.Username, _ = userInfoResult[c.userNameKey].(string)
 	identity.PreferredUsername, _ = userInfoResult[c.preferredUsernameKey].(string)
 	identity.Email, _ = userInfoResult[c.emailKey].(string)

--- a/docs/connectors/oauth.md
+++ b/docs/connectors/oauth.md
-# Authentication using Generic OAuth 2.0 provider
-
-## Overview
-
-Dex users can make use of this connector to work with standards-compliant [OAuth 2.0](https://oauth.net/2/) authorization provider, in case of that authorization provider is not in the Dex connectors list.
-
-## Configuration
-
-The following is an example of a configuration for using OAuth connector with Reddit.
-
-```yaml
-connectors:
- type: oauth
-  # ID of OAuth 2.0 provider
-  id: reddit 
-  # Name of OAuth 2.0 provider
-  name: reddit
-  config:
-    # Connector config values starting with a "$" will read from the environment.
-    clientID: $REDDIT_CLIENT_ID
-    clientSecret: $REDDIT_CLIENT_SECRET
-    redirectURI: http://127.0.0.1:5556/callback
-
-    tokenURL: https://www.reddit.com/api/v1/access_token
-    authorizationURL: https://www.reddit.com/api/v1/authorize
-    userInfoURL: https: https://www.reddit.com/api/v1/me
- 
-    # Optional: Specify whether to communicate to Auth provider without validating SSL certificates
-    # insecureSkipVerify: false
-
-    # Optional: The location of file containing SSL certificates to commmunicate to Auth provider 
-    # rootCAs: /etc/ssl/reddit.pem
-
-    # Optional: List of scopes to request Auth provider for access user account
-    # scopes:
-    #  - identity
-
-    # Optional: Configurable keys for user ID look up
-    # Default: id
-    # userIDKey:
-
-    # Auth roviders return non-standard user identity profile
-    # Use claimMapping to map those user infomations to standard claims:
-    claimMapping:
-      # Optional: Configurable keys for user name look up
-      # Default: user_name
-      # userNameKey:
-
-      # Optional: Configurable keys for preferred username look up
-      # Default: preferred_username
-      # preferredUsernameKey:
-
-      # Optional: Configurable keys for user groups look up
-      # Default: groups
-      # groupsKey:
-
-      # Optional: Configurable keys for email look up
-      # Default: email
-      # emailKey:
-
-      # Optional: Configurable keys for email verified look up
-      # Default: email_verified
-      # emailVerifiedKey:
-```