1 bulan lalu · bdc9e2abd5
--- a/pro/auth/sync.go
+++ b/pro/auth/sync.go
@@ -74,12 +74,12 @@ func SyncFromIDP() error {
 
				 
			
 
				 	switch settings.AuthProvider {
			
 
				 	case "google":
			
 
				-		idpClient, err = google.NewGoogleWorkspaceClient()
			
 
				+		idpClient, err = google.NewGoogleWorkspaceClientFromSettings()
			
 
				 		if err != nil {
			
 
				 			return err
			
 
				 		}
			
 
				 	case "azure-ad":
			
 
				-		idpClient = azure.NewAzureEntraIDClient()
			
 
				+		idpClient = azure.NewAzureEntraIDClientFromSettings()
			
 
				 	default:
			
 
				 		if settings.AuthProvider != "" {
			
 
				 			err = fmt.Errorf("invalid auth provider: %s", settings.AuthProvider)
			
--- a/pro/idp/azure/azure.go
+++ b/pro/idp/azure/azure.go
@@ -16,16 +16,20 @@ type Client struct {
 
				 	tenantID     string
			
 
				 }
			
 
				 
			
 
				-func NewAzureEntraIDClient() *Client {
			
 
				-	settings := logic.GetServerSettings()
			
 
				-
			
 
				+func NewAzureEntraIDClient(clientID, clientSecret, tenantID string) *Client {
			
 
				 	return &Client{
			
 
				-		clientID:     settings.ClientID,
			
 
				-		clientSecret: settings.ClientSecret,
			
 
				-		tenantID:     settings.AzureTenant,
			
 
				+		clientID:     clientID,
			
 
				+		clientSecret: clientSecret,
			
 
				+		tenantID:     tenantID,
			
 
				 	}
			
 
				 }
			
 
				 
			
 
				+func NewAzureEntraIDClientFromSettings() *Client {
			
 
				+	settings := logic.GetServerSettings()
			
 
				+
			
 
				+	return NewAzureEntraIDClient(settings.ClientID, settings.ClientSecret, settings.AzureTenant)
			
 
				+}
			
 
				+
			
 
				 func (a *Client) GetUsers() ([]idp.User, error) {
			
 
				 	accessToken, err := a.getAccessToken()
			
 
				 	if err != nil {
			
--- a/pro/idp/google/google.go
+++ b/pro/idp/google/google.go
@@ -15,10 +15,8 @@ type Client struct {
 
				 	service *admindir.Service
			
 
				 }
			
 
				 
			
 
				-func NewGoogleWorkspaceClient() (*Client, error) {
			
 
				-	settings := logic.GetServerSettings()
			
 
				-
			
 
				-	credsJson, err := base64.StdEncoding.DecodeString(settings.GoogleSACredsJson)
			
 
				+func NewGoogleWorkspaceClient(adminEmail, creds string) (*Client, error) {
			
 
				+	credsJson, err := base64.StdEncoding.DecodeString(creds)
			
 
				 	if err != nil {
			
 
				 		return nil, err
			
 
				 	}
			
@@ -38,7 +36,7 @@ func NewGoogleWorkspaceClient() (*Client, error) {
 
				 				admindir.AdminDirectoryGroupReadonlyScope,
			
 
				 				admindir.AdminDirectoryGroupMemberReadonlyScope,
			
 
				 			},
			
 
				-			Subject: settings.GoogleAdminEmail,
			
 
				+			Subject: adminEmail,
			
 
				 		},
			
 
				 		option.WithCredentialsJSON(credsJson),
			
 
				 	)
			
@@ -59,6 +57,12 @@ func NewGoogleWorkspaceClient() (*Client, error) {
 
				 	}, nil
			
 
				 }
			
 
				 
			
 
				+func NewGoogleWorkspaceClientFromSettings() (*Client, error) {
			
 
				+	settings := logic.GetServerSettings()
			
 
				+
			
 
				+	return NewGoogleWorkspaceClient(settings.GoogleAdminEmail, settings.GoogleSACredsJson)
			
 
				+}
			
 
				+
			
 
				 func (g *Client) GetUsers() ([]idp.User, error) {
			
 
				 	var retval []idp.User
			
 
				 	err := g.service.Users.List().