Guwan
/
ldap-matter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1

This commit is contained in:
Guwan 2025-09-02 00:02:19 +08:00
parent 52682cae68
commit d30582faa5
6 changed files with 275 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -3,4 +3,5 @@ config_ldap.php
config_db.php
data
certs
.idea

176
Demo/config.json
View File

@ -36,7 +36,6 @@
"EnableDeveloper": false,
"DeveloperFlags": "",
"EnableClientPerformanceDebugging": false,
"EnableOpenTracing": false,
"EnableSecurityFixAlert": true,
"EnableInsecureOutgoingConnections": false,
"AllowedUntrustedInternalConnections": "",
@ -49,6 +48,7 @@
"CorsDebug": false,
"AllowCookiesForSubdomains": false,
"ExtendSessionLengthWithActivity": false,
"TerminateSessionsOnPasswordChange": false,
"SessionLengthWebInDays": 180,
"SessionLengthWebInHours": 4320,
"SessionLengthMobileInDays": 180,
@ -66,6 +66,7 @@
"EnableEmojiPicker": true,
"PostEditTimeLimit": -1,
"TimeBetweenUserTypingUpdatesMilliseconds": 5000,
"EnableCrossTeamSearch": true,
"EnablePostSearch": true,
"EnableFileSearch": true,
"MinimumHashtagLength": 3,
@ -74,7 +75,6 @@
"EnableUserStatuses": true,
"ExperimentalEnableAuthenticationTransfer": true,
"ClusterLogTimeoutMilliseconds": 2000,
"EnablePreviewFeatures": true,
"EnableTutorial": true,
"EnableOnboardingFlow": true,
"ExperimentalEnableDefaultChannelLeaveJoinMessages": true,
@ -82,6 +82,8 @@
"EnableAPITeamDeletion": false,
"EnableAPITriggerAdminNotifications": false,
"EnableAPIUserDeletion": false,
"EnableAPIPostDeletion": false,
"EnableDesktopLandingPage": true,
"ExperimentalEnableHardenedMode": false,
"ExperimentalStrictCSRFEnforcement": false,
"EnableEmailInvitations": false,
@ -107,11 +109,15 @@
"CollapsedThreads": "always_on",
"ManagedResourcePaths": "",
"EnableCustomGroups": true,
"SelfHostedPurchase": true,
"AllowSyncedDrafts": true,
"UniqueEmojiReactionLimitPerPost": 50,
"RefreshPostStatsRunTime": "00:00",
"MaximumPayloadSizeBytes": 100000
"MaximumPayloadSizeBytes": 100000,
"MaximumURLLength": 2048,
"ScheduledPosts": true,
"EnableWebHubChannelIteration": false,
"FrameAncestors": "",
"DeleteAccountLink": ""
},
"TeamSettings": {
"SiteName": "Mattermost",
@ -175,7 +181,6 @@
"VerboseDiagnostics": false,
"EnableSentry": true,
"AdvancedLoggingJSON": {},
"AdvancedLoggingConfig": "",
"MaxFieldSize": 2048
},
"ExperimentalAuditSettings": {
@ -187,7 +192,7 @@
"FileCompress": false,
"FileMaxQueueSize": 1000,
"AdvancedLoggingJSON": {},
"AdvancedLoggingConfig": ""
"Certificate": ""
},
"NotificationLogSettings": {
"EnableConsole": true,
@ -198,8 +203,7 @@
"FileLevel": "INFO",
"FileJson": true,
"FileLocation": "",
"AdvancedLoggingJSON": {},
"AdvancedLoggingConfig": ""
"AdvancedLoggingJSON": {}
},
"PasswordSettings": {
"MinimumLength": 8,
@ -234,6 +238,8 @@
"AmazonS3SSE": false,
"AmazonS3Trace": false,
"AmazonS3RequestTimeoutMilliseconds": 30000,
"AmazonS3UploadPartSizeBytes": 5242880,
"AmazonS3StorageClass": "",
"DedicatedExportStore": false,
"ExportDriverName": "local",
"ExportDirectory": "./data/",
@ -248,7 +254,9 @@
"ExportAmazonS3SSE": false,
"ExportAmazonS3Trace": false,
"ExportAmazonS3RequestTimeoutMilliseconds": 30000,
"ExportAmazonS3PresignExpiresSeconds": 21600
"ExportAmazonS3PresignExpiresSeconds": 21600,
"ExportAmazonS3UploadPartSizeBytes": 104857600,
"ExportAmazonS3StorageClass": ""
},
"EmailSettings": {
"EnableSignUpWithEmail": false,
@ -301,6 +309,9 @@
"AboutLink": "https://mattermost.com/pl/about-mattermost",
"HelpLink": "https://mattermost.com/pl/help/",
"ReportAProblemLink": "https://mattermost.com/pl/report-a-bug",
"ReportAProblemType": "default",
"ReportAProblemMail": "",
"AllowDownloadLogs": true,
"ForgotPasswordLink": "",
"SupportEmail": "",
"CustomTermsOfServiceEnabled": false,
@ -327,8 +338,8 @@
},
"GitLabSettings": {
"Enable": true,
"Secret": "fedcba987654321fedcba987654321",
"Id": "123456789abcdef123456789abcdef",
"Secret": "987654321",
"Id": "123456789",
"Scope": "",
"AuthEndpoint": "http://localhost/oauth/authorize",
"TokenEndpoint": "http://webserver/oauth/token.php",
@ -381,6 +392,7 @@
"BaseDN": "",
"BindUsername": "",
"BindPassword": "",
"MaximumLoginAttempts": 10,
"UserFilter": "",
"GroupFilter": "",
"GuestFilter": "",
@ -398,6 +410,7 @@
"LoginIdAttribute": "",
"PictureAttribute": "",
"SyncIntervalMinutes": 60,
"ReAddRemovedMembers": false,
"SkipCertificateVerification": false,
"PublicCertificateFile": "",
"PrivateKeyFile": "",
@ -406,8 +419,7 @@
"LoginFieldName": "",
"LoginButtonColor": "#0000",
"LoginButtonBorderColor": "#2389D7",
"LoginButtonTextColor": "#2389D7",
"Trace": false
"LoginButtonTextColor": "#2389D7"
},
"ComplianceSettings": {
"Enable": false,
@ -418,7 +430,8 @@
"LocalizationSettings": {
"DefaultServerLocale": "en",
"DefaultClientLocale": "en",
"AvailableLocales": ""
"AvailableLocales": "",
"EnableExperimentalLocales": false
},
"SamlSettings": {
"Enable": false,
@ -463,7 +476,21 @@
],
"AppDownloadLink": "https://mattermost.com/pl/download-apps",
"AndroidAppDownloadLink": "https://mattermost.com/pl/android-app/",
"IosAppDownloadLink": "https://mattermost.com/pl/ios-app/"
"IosAppDownloadLink": "https://mattermost.com/pl/ios-app/",
"MobileExternalBrowser": false,
"MobileEnableBiometrics": false,
"MobilePreventScreenCapture": false,
"MobileJailbreakProtection": false,
"MobileEnableSecureFilePreview": false,
"MobileAllowPdfLinkNavigation": false
},
"CacheSettings": {
"CacheType": "lru",
"RedisAddress": "",
"RedisPassword": "********************************",
"RedisDB": -1,
"RedisCachePrefix": "",
"DisableClientCache": false
},
"ClusterSettings": {
"Enable": false,
@ -475,35 +502,39 @@
"UseIPAddress": true,
"EnableGossipCompression": true,
"EnableExperimentalGossipEncryption": false,
"EnableGossipEncryption": false,
"ReadOnlyConfig": true,
"GossipPort": 8074,
"StreamingPort": 8075,
"MaxIdleConns": 100,
"MaxIdleConnsPerHost": 128,
"IdleConnTimeoutMilliseconds": 90000
"GossipPort": 8074
},
"MetricsSettings": {
"Enable": false,
"BlockProfileRate": 0,
"ListenAddress": ":8067"
"ListenAddress": ":8067",
"EnableClientMetrics": true,
"EnableNotificationMetrics": true,
"ClientSideUserIds": []
},
"ExperimentalSettings": {
"ClientSideCertEnable": false,
"ClientSideCertCheck": "secondary",
"LinkMetadataTimeoutMilliseconds": 5000,
"RestrictSystemAdmin": false,
"UseNewSAMLLibrary": false,
"EnableSharedChannels": false,
"EnableRemoteClusterService": false,
"DisableAppBar": false,
"DisableRefetchingOnBrowserFocus": false,
"DelayChannelAutocomplete": false
"DelayChannelAutocomplete": false,
"DisableWakeUpReconnectHandler": false,
"UsersStatusAndProfileFetchingPollIntervalMilliseconds": 3000,
"YoutubeReferrerPolicy": false,
"ExperimentalChannelCategorySorting": false
},
"AnalyticsSettings": {
"MaxUsersForStatistics": 2500
},
"ElasticsearchSettings": {
"ConnectionURL": "",
"Backend": "elasticsearch",
"Username": "elastic",
"Password": "changeme",
"EnableIndexing": false,
@ -519,6 +550,7 @@
"AggregatePostsAfterDays": 365,
"PostsAggregatorJobStartTime": "03:00",
"IndexPrefix": "",
"GlobalSearchPrefix": "",
"LiveIndexingBatchSize": 1,
"BatchSize": 10000,
"RequestTimeoutSeconds": 30,
@ -548,7 +580,8 @@
"DeletionJobStartTime": "02:00",
"BatchSize": 3000,
"TimeBetweenBatchesMilliseconds": 100,
"RetentionIdsBatchSize": 100
"RetentionIdsBatchSize": 100,
"PreservePinnedPosts": false
},
"MessageExportSettings": {
"EnableExport": false,
@ -557,6 +590,8 @@
"ExportFromTimestamp": 0,
"BatchSize": 10000,
"DownloadExportResults": false,
"ChannelBatchSize": 100,
"ChannelHistoryBatchSize": 10,
"GlobalRelaySettings": {
"CustomerType": "A9",
"SMTPUsername": "",
@ -573,7 +608,6 @@
"CleanupJobsThresholdDays": -1,
"CleanupConfigThresholdDays": -1
},
"ProductSettings": {},
"PluginSettings": {
"Enable": true,
"EnableUploads": true,
@ -582,8 +616,40 @@
"Directory": "./plugins",
"ClientDirectory": "./client/plugins",
"Plugins": {
"mattermost-ai": {
"allowedUpstreamHostnames": "",
"bots": null,
"defaultBotName": "",
"embeddingSearchConfig": {
"chunkingOptions": {
"chunkOverlap": 0,
"chunkSize": 0,
"chunkingStrategy": "",
"minChunkSize": 0
},
"dimensions": 0,
"embeddingProvider": {
"parameters": null,
"type": ""
},
"parameters": null,
"type": "",
"vectorStore": {
"parameters": null,
"type": ""
}
},
"enableLLMTrace": false,
"mcp": {
"enabled": false,
"idleTimeoutMinutes": 0,
"servers": null
},
"services": null,
"transcriptBackend": ""
},
"playbooks": {
"BotUserID": "xn8i86tz47rtjp8yxs4cdofh1a"
"BotUserID": "6ieoijnzdfgnzq7535rbomzqjy"
}
},
"PluginStates": {
@ -593,6 +659,9 @@
"com.mattermost.nps": {
"Enable": true
},
"mattermost-ai": {
"Enable": true
},
"playbooks": {
"Enable": true
}
@ -644,5 +713,60 @@
"MoveThreadFromPrivateChannelEnable": false,
"MoveThreadFromDirectMessageChannelEnable": false,
"MoveThreadFromGroupMessageChannelEnable": false
},
"ConnectedWorkspacesSettings": {
"EnableSharedChannels": false,
"EnableRemoteClusterService": false,
"DisableSharedChannelsStatusSync": false,
"SyncUsersOnConnectionOpen": false,
"GlobalUserSyncBatchSize": 25,
"MaxPostsPerSync": 50,
"MemberSyncBatchSize": 20
},
"AccessControlSettings": {
"EnableAttributeBasedAccessControl": false,
"EnableChannelScopeAccessControl": false,
"EnableUserManagedAttributes": false
},
"ContentFlaggingSettings": {
"EnableContentFlagging": false,
"ReviewerSettings": {
"CommonReviewers": true,
"CommonReviewerIds": [],
"TeamReviewersSetting": {},
"SystemAdminsAsReviewers": false,
"TeamAdminsAsReviewers": true
},
"NotificationSettings": {
"EventTargetMapping": {
"assigned": [
"reviewers"
],
"dismissed": [
"reviewers",
"reporter"
],
"flagged": [
"reviewers"
],
"removed": [
"reviewers",
"author",
"reporter"
]
}
},
"AdditionalSettings": {
"Reasons": [
"Inappropriate content",
"Sensitive data",
"Security concern",
"Harassment or abuse",
"Spam or phishing"
],
"ReporterCommentRequired": true,
"ReviewerCommentRequired": true,
"HideFlaggedContent": true
}
}
}

27
Demo/docker-compose.yaml
View File

@ -10,7 +10,7 @@ services:
- 389:389
- 636:636
volumes:
- ./bootstrap.ldif:/container/service/slapd/assets/config/bootstrap/ldif/50-bootstrap.ldif
- D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/Demo/bootstrap.ldif:/container/service/slapd/assets/config/bootstrap/ldif/50-bootstrap.ldif
environment:
LDAP_ORGANISATION: "Example Corp"
LDAP_DOMAIN: "example.com"
@ -26,16 +26,16 @@ services:
- 80:80
- 443:443
volumes:
- ../oauth:/var/www/html/oauth
- ./nginx.conf:/etc/nginx/nginx.conf
- D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/oauth:/var/www/html/oauth
- D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/Demo/nginx.conf:/etc/nginx/nginx.conf
depends_on:
- php
php:
build: ../Docker/php-ldap-pgsql
build: D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/Docker/php-ldap-pgsql
image: php-ldap-pgsql
volumes:
- ../oauth:/var/www/html/oauth
- D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/oauth:/var/www/html/oauth
environment:
ldap_host: ldap://ldap:389/
ldap_port: 389
@ -59,23 +59,12 @@ services:
image: postgres:alpine
restart: always
volumes:
- ../db_init/init_postgres.sh:/docker-entrypoint-initdb.d/init_postgres.sh
- ../db_init/config_init.sh.example:/docker-entrypoint-initdb.d/config_init.sh
- D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/db_init/init_postgres.sh:/docker-entrypoint-initdb.d/init_postgres.sh
- D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/db_init/config_init.sh.example:/docker-entrypoint-initdb.d/config_init.sh
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: rootroot
POSTGRES_HOST_AUTH_METHOD: trust
client_id: 123456789abcdef123456789abcdef
client_secret: fedcba987654321fedcba987654321
redirect_uri: "http://localhost/signup/gitlab/complete"
grant_types: "authorization_code"
scope: "api"
user_id: ""
db_user: "oauth"
db_pass: "oauth_secure-pass"
db_name: "oauth_db"
db_host: "127.0.0.1"
db_port: "5432"
mattermost:
image: mattermost/mattermost-preview
@ -84,4 +73,4 @@ services:
extra_hosts:
- dockerhost:127.0.0.1
volumes:
- ./config.json:/mm/mattermost/config/config_docker.json
- D:/23_Gitlab/dockerCompose/mattermost-ldap/Mattermost-LDAP/Demo/config.json:/mm/mattermost/config/config_docker.json

24
db_init/config_init.sh.example
View File

@ -1,16 +1,18 @@
#!/bin/bash
#####################################--CONFIGURATION FILE--########################################
# Client configuration
client_id=$(if [ -z $client_id ]; then echo "123456789"; else echo $client_id; fi)
client_secret=$(if [ -z $client_secret ]; then echo "987654321"; else echo $client_secret; fi)
redirect_uri=$(if [ -z $redirect_uri ]; then echo "http://mattermost.company.com/signup/gitlab/complete"; else echo $redirect_uri; fi)
grant_types=$(if [ -z $grant_types ]; then echo "authorization_code"; else echo $grant_types; fi)
scope=$(if [ -z $scope ]; then echo "api"; else echo $client_id; fi)
user_id=$(if [ -z $user_id ]; then echo ""; else echo $user_id; fi)
client_id=${client_id:-123456789}
client_secret=${client_secret:-987654321}
redirect_uri=${redirect_uri:-http://mattermost.company.com/signup/gitlab/complete}
grant_types=${grant_types:-authorization_code}
scope=${scope:-api}
user_id=${user_id:-}
# Database configuration
db_user=$(if [ -z $db_user ]; then echo "oauth"; else echo $db_user; fi)
db_name=$(if [ -z $db_name ]; then echo "oauth_db"; else echo $db_name; fi)
db_pass=$(if [ -z $db_pass ]; then echo "oauth_secure-pass"; else echo $db_pass; fi)
db_host=$(if [ -z $db_host ]; then echo "localhost"; else echo $db_host; fi)
db_port=$(if [ -z $db_port ]; then echo "5432"; else echo $db_port; fi)
db_user=${db_user:-oauth}
db_name=${db_name:-oauth_db}
db_pass=${db_pass:-oauth_secure-pass}
db_host=${db_host:-localhost}
db_port=${db_port:-5432}

64
db_init/init_postgres.sh
View File

@ -1,46 +1,46 @@
#!/bin/bash
#This script need right to become postgres user (so root) and to read/write in httpd directory
# This script needs root privileges and access to Postgres
source config_init.sh
set -e
source /docker-entrypoint-initdb.d/config_init.sh
#######################################--Fonctions--###############################################
#######################################--Functions--###############################################
ok() { echo -e '\e[32m'$1'\e[m'; }
error() { echo -e '\e[31m'$1'\e[m'; }
info() { echo -e '\e[34m'$1'\e[m'; }
warn() { echo -e '\e[33m'$1'\e[m'; }
ok() { echo -e '\e[32m'"$1"'\e[m'; }
error(){ echo -e '\e[31m'"$1"'\e[m'; }
info() { echo -e '\e[34m'"$1"'\e[m'; }
warn() { echo -e '\e[33m'"$1"'\e[m'; }
#######################################--SQL STATEMENT--###########################################
# Tables creation
create_table_oauth_client="CREATE TABLE oauth_clients (client_id VARCHAR(80) NOT NULL, client_secret VARCHAR(80), redirect_uri VARCHAR(2000) NOT NULL, grant_types VARCHAR(80), scope VARCHAR(100), user_id VARCHAR(80), CONSTRAINT clients_client_id_pk PRIMARY KEY (client_id));"
create_table_oauth_access_tokens="CREATE TABLE oauth_access_tokens (access_token VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT access_token_pk PRIMARY KEY (access_token));"
create_table_oauth_authorization_codes="CREATE TABLE oauth_authorization_codes (authorization_code VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), redirect_uri VARCHAR(2000), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT auth_code_pk PRIMARY KEY (authorization_code));"
create_table_oauth_refresh_tokens="CREATE TABLE oauth_refresh_tokens (refresh_token VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT refresh_token_pk PRIMARY KEY (refresh_token));"
create_table_users="CREATE TABLE users (id SERIAL NOT NULL, username VARCHAR(255) NOT NULL, CONSTRAINT id_pk PRIMARY KEY (id));"
create_table_oauth_scopes="CREATE TABLE oauth_scopes (scope TEXT, is_default BOOLEAN);"
create_table_oauth_client="CREATE TABLE IF NOT EXISTS oauth_clients (client_id VARCHAR(80) NOT NULL, client_secret VARCHAR(80), redirect_uri VARCHAR(2000) NOT NULL, grant_types VARCHAR(80), scope VARCHAR(100), user_id VARCHAR(80), CONSTRAINT clients_client_id_pk PRIMARY KEY (client_id));"
create_table_oauth_access_tokens="CREATE TABLE IF NOT EXISTS oauth_access_tokens (access_token VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT access_token_pk PRIMARY KEY (access_token));"
create_table_oauth_authorization_codes="CREATE TABLE IF NOT EXISTS oauth_authorization_codes (authorization_code VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), redirect_uri VARCHAR(2000), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT auth_code_pk PRIMARY KEY (authorization_code));"
create_table_oauth_refresh_tokens="CREATE TABLE IF NOT EXISTS oauth_refresh_tokens (refresh_token VARCHAR(40) NOT NULL, client_id VARCHAR(80) NOT NULL, user_id VARCHAR(255), expires TIMESTAMP NOT NULL, scope VARCHAR(2000), CONSTRAINT refresh_token_pk PRIMARY KEY (refresh_token));"
create_table_users="CREATE TABLE IF NOT EXISTS users (id SERIAL NOT NULL, username VARCHAR(255) NOT NULL, CONSTRAINT id_pk PRIMARY KEY (id));"
create_table_oauth_scopes="CREATE TABLE IF NOT EXISTS oauth_scopes (scope TEXT, is_default BOOLEAN);"
# Client creation
create_client="INSERT INTO oauth_clients (client_id,client_secret,redirect_uri,grant_types,scope,user_id) VALUES ('$client_id','$client_secret','$redirect_uri','$grant_types','$scope','$user_id');"
create_client="INSERT INTO oauth_clients (client_id,client_secret,redirect_uri,grant_types,scope,user_id) VALUES ('$client_id','$client_secret','$redirect_uri','$grant_types','$scope','$user_id') ON CONFLICT (client_id) DO NOTHING;"
###################################################################################################
#Welcome Message
info "This script will create a new Oauth role and an associated database for Mattermost-LDAP\nTo edit configuration please edit this script before running !\n"
warn "SuperUser right must be ask to create the new role and database in postgres\n"
info "Press ctrl+c to stop the script"
# Welcome
info "This script will create a new OAuth role and database for Mattermost-LDAP"
warn "SuperUser rights are required to create role and database in Postgres"
info "Press ctrl+c to stop the script if you are not ready"
sleep 5
#Creating Oauth role and associated database (need admin account on postgres)
info "Creation of role $db_user and database $db_name ..."
# Create role and DB
info "Creating role [$db_user] and database [$db_name] ..."
psql -U postgres -c "CREATE DATABASE $db_name;"
psql -U postgres -c "CREATE USER $db_user WITH ENCRYPTED PASSWORD '$db_pass';"
psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE $db_name TO $db_user;"
psql -U postgres -c "ALTER DATABASE $db_name OWNER TO $db_user;"
#Creating tables for ouath database (use oauth role)
info "Creation of tables for database $db_name (using $db_user)"
# Create tables
info "Creating tables in database $db_name (using $db_user)"
psql -U $db_user -d $db_name -c "$create_table_oauth_client"
psql -U $db_user -d $db_name -c "$create_table_oauth_access_tokens"
psql -U $db_user -d $db_name -c "$create_table_oauth_authorization_codes"
@ -48,18 +48,16 @@ psql -U $db_user -d $db_name -c "$create_table_oauth_refresh_tokens"
psql -U $db_user -d $db_name -c "$create_table_users"
psql -U $db_user -d $db_name -c "$create_table_oauth_scopes"
#Insert new client in the database
info "Insert new client in the database"
# Insert client
info "Inserting new client into database"
psql -U $db_user -d $db_name -c "$create_client"
# Verification
psql -U $db_user -d $db_name -c "SELECT * from oauth_clients WHERE client_id='$client_id';" | grep '(1'
if [ $? ]
then ok "Client has been created ! Oauth Database is configured.\n"
if psql -U $db_user -d $db_name -c "SELECT * FROM oauth_clients WHERE client_id='$client_id';" | grep -q "$client_id"; then
ok "Client has been created! OAuth Database is configured."
info "Client ID : $client_id"
warn "Client Secret : $client_secret\n"
info "Keep id and secret, you will need them to configure Mattermost"
warn "Beware Client Secret IS PRIVATE and MUST BE KEPT SECRET"
else error "Client has not been created ! Check log below"
warn "Client Secret : $client_secret"
info "Keep ID and Secret safe, you will need them to configure Mattermost"
else
error "Client was not created! Please check logs."
fi

4
两行sql.txt Normal file
View File

@ -0,0 +1,4 @@
docker exec -it demo-database-1 psql -U postgres -d oauth_db -c "SELECT client_id, client_secret, redirect_uri FROM oauth_clients;"
docker exec -it demo-database-1 psql -U oauth -d oauth_db -c "UPDATE oauth_clients SET redirect_uri='http://localhost/signup/gitlab/complete' WHERE client_id='123456789';"