From 170e663ee824aab67ee9ad47e9aab4953c125cb4 Mon Sep 17 00:00:00 2001
From: phil <phil.dev@philome.mooo.com>
Date: Fri, 10 Jan 2025 00:09:12 +0100
Subject: [PATCH] Add provider id field, relaxing name

---
 src/oidc_test/auth_utils.py | 2 +-
 src/oidc_test/main.py       | 8 ++++----
 src/oidc_test/settings.py   | 7 ++++---
 src/templates/home.html     | 2 +-
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/oidc_test/auth_utils.py b/src/oidc_test/auth_utils.py
index 60f1e02..9f9f03e 100644
--- a/src/oidc_test/auth_utils.py
+++ b/src/oidc_test/auth_utils.py
@@ -15,7 +15,7 @@ from .settings import settings
 
 logger = logging.getLogger(__name__)
 
-OIDC_PROVIDERS = set([provider.name for provider in settings.oidc.providers])
+OIDC_PROVIDERS = set([provider.id for provider in settings.oidc.providers])
 
 
 def get_provider(request: Request) -> StarletteOAuth2App:
diff --git a/src/oidc_test/main.py b/src/oidc_test/main.py
index ec6ec01..f2876bd 100644
--- a/src/oidc_test/main.py
+++ b/src/oidc_test/main.py
@@ -51,7 +51,7 @@ _providers = {}
 
 for provider in settings.oidc.providers:
     authlib_oauth.register(
-        name=provider.name,
+        name=provider.id,
         server_metadata_url=provider.openid_configuration,
         client_kwargs={
             "scope": "openid email offline_access profile roles",
@@ -62,10 +62,10 @@ for provider in settings.oidc.providers:
         # update_token=update_token,
         # client_id="some-client-id", # if enabled, authlib will also check that the access token belongs to this client id (audience)
     )
-    fastapi_providers[provider.name] = OpenIdConnect(
+    fastapi_providers[provider.id] = OpenIdConnect(
         openIdConnectUrl=provider.openid_configuration
     )
-    _providers[provider.name] = provider
+    _providers[provider.id] = provider
 
 
 # Endpoints for the login / authorization process
@@ -73,7 +73,7 @@ for provider in settings.oidc.providers:
 
 @app.get("/login/{oidc_provider_id}")
 async def login(request: Request, oidc_provider_id: str) -> RedirectResponse:
-    """Login with the provider name,
+    """Login with the provider id,
     by giving the browser a redirect to its authorize page.
     After successful authentification, the provider replies with an encrypted
     auth token that only we can decode and contains userinfo,
diff --git a/src/oidc_test/settings.py b/src/oidc_test/settings.py
index 0c3566c..c6050d7 100644
--- a/src/oidc_test/settings.py
+++ b/src/oidc_test/settings.py
@@ -11,9 +11,10 @@ from pydantic_settings import (
 
 
 class OIDCProvider(BaseModel):
-    name: str = ""
-    url: str = ""
-    client_id: str = ""
+    id: str
+    name: str
+    url: str
+    client_id: str
     client_secret: str = ""
 
     @computed_field
diff --git a/src/templates/home.html b/src/templates/home.html
index 2b2773a..c70a5fa 100644
--- a/src/templates/home.html
+++ b/src/templates/home.html
@@ -5,7 +5,7 @@
     <p>Log in with one of these authentication providers:</p>
     <div class="login-toolbox">
         {% for provider in settings.oidc.providers %}
-          <a href="login/{{ provider.name }}">{{ provider.name }}</a>
+          <a href="login/{{ provider.id }}">{{ provider.name }}</a>
         {% else %}
           <span class="error">There is no authentication provider defined.
           Hint: check the settings.yaml file.</span>