idbhub: fix secret sharing
This commit is contained in:
parent
d02214062e
commit
2a19a05f4d
|
@ -20,7 +20,7 @@ config_oidc4vp() {
|
|||
R_URI_CLEAN="${RESPONSE_URI%/}" && R_URI_CLEAN="${R_URI_CLEAN#http*://}"
|
||||
local file="$(echo ${R_URI_CLEAN} | sed 's!/!__!g')"
|
||||
data="$(_get)"
|
||||
echo "${data}" | jq --arg uri "${R_URI_CLEAN}" '{ ($uri): .}' > /sharedsecret/${file}
|
||||
echo "${data}" | jq --arg uri "${RESPONSE_URI}" '{ ($uri): .}' > /sharedsecret/${file}
|
||||
|
||||
echo wait the other idhubs to write, this is the only oportunity to sync with other idhubs in the docker compose
|
||||
sleep 2
|
||||
|
@ -28,13 +28,15 @@ config_oidc4vp() {
|
|||
for host in /sharedsecret/*; do
|
||||
# we are flexible on querying for RESPONSE_URI: the first one based on regex
|
||||
target_uri="$(cat "${host}" | jq -r 'keys[0]')"
|
||||
filtered_data="$(cat "${host}" | jq --arg uri "${target_uri}" 'first(.[][] | select(.response_uri | test ($uri)))')"
|
||||
client_id="$(echo "${filtered_data}" | jq -r '.client_id')"
|
||||
client_secret="$(echo "${filtered_data}" | jq -r '.client_secret')"
|
||||
response_uri="$(echo "${filtered_data}" | jq -r '.response_uri')"
|
||||
if [ "${target_uri}" != "${RESPONSE_URI}" ]; then
|
||||
filtered_data="$(cat "${host}" | jq --arg uri "${RESPONSE_URI}" 'first(.[][] | select(.response_uri | test ($uri)))')"
|
||||
client_id="$(echo "${filtered_data}" | jq -r '.client_id')"
|
||||
client_secret="$(echo "${filtered_data}" | jq -r '.client_secret')"
|
||||
response_uri="$(echo "${filtered_data}" | jq -r '.response_uri')"
|
||||
|
||||
_set my_client_id ${client_id} ${response_uri}
|
||||
_set my_client_secret ${client_secret} ${response_uri}
|
||||
_set my_client_id ${client_id} ${target_uri}
|
||||
_set my_client_secret ${client_secret} ${target_uri}
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
|
|
Reference in a new issue