phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-27 11:43:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow to configure scopes in generic SSO

Browse source 
Signed-off-by: Lunik <lunik@tiwabbit.fr>
This commit is contained in:
Lunik 2024-02-16 23:24:58 +01:00
parent b96330c5dd
commit af4537e421
No known key found for this signature in database
GPG key ID: AEC152C8AC2C85EE
2 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/my-website/docs/proxy/ui.md
View file

@ -124,6 +124,7 @@ GENERIC_CLIENT_SECRET = "G*******"
GENERIC_AUTHORIZATION_ENDPOINT = "http://localhost:9090/auth" GENERIC_AUTHORIZATION_ENDPOINT = "http://localhost:9090/auth"
GENERIC_TOKEN_ENDPOINT = "http://localhost:9090/token" GENERIC_TOKEN_ENDPOINT = "http://localhost:9090/token"
GENERIC_USERINFO_ENDPOINT = "http://localhost:9090/me" GENERIC_USERINFO_ENDPOINT = "http://localhost:9090/me"
GENERIC_SCOPE = "openid profile email"
``` ```
- Set Redirect URI, if your provider requires it - Set Redirect URI, if your provider requires it

4
litellm/proxy/proxy_server.py
View file

@ -4490,6 +4490,7 @@ async def google_login(request: Request):
from fastapi_sso.sso.generic import create_provider, DiscoveryDocument from fastapi_sso.sso.generic import create_provider, DiscoveryDocument
generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None) generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None)
generic_scope = os.getenv("GENERIC_SCOPE", "openid email profile").split(" ")
generic_authorization_endpoint = os.getenv( generic_authorization_endpoint = os.getenv(
"GENERIC_AUTHORIZATION_ENDPOINT", None "GENERIC_AUTHORIZATION_ENDPOINT", None
) )
@ -4540,6 +4541,7 @@ async def google_login(request: Request):
client_secret=generic_client_secret, client_secret=generic_client_secret,
redirect_uri=redirect_url, redirect_uri=redirect_url,
allow_insecure_http=True, allow_insecure_http=True,
scope=generic_scope,
) )
with generic_sso: with generic_sso:
return await generic_sso.get_login_redirect() return await generic_sso.get_login_redirect()
@ -4690,6 +4692,7 @@ async def auth_callback(request: Request):
from fastapi_sso.sso.generic import create_provider, DiscoveryDocument from fastapi_sso.sso.generic import create_provider, DiscoveryDocument
generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None) generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None)
generic_scope = os.getenv("GENERIC_SCOPE", "openid email profile").split(" ")
generic_authorization_endpoint = os.getenv( generic_authorization_endpoint = os.getenv(
"GENERIC_AUTHORIZATION_ENDPOINT", None "GENERIC_AUTHORIZATION_ENDPOINT", None
) )
@ -4740,6 +4743,7 @@ async def auth_callback(request: Request):
client_secret=generic_client_secret, client_secret=generic_client_secret,
redirect_uri=redirect_url, redirect_uri=redirect_url,
allow_insecure_http=True, allow_insecure_http=True,
scope=generic_scope,
) )
verbose_proxy_logger.debug(f"calling generic_sso.verify_and_process") verbose_proxy_logger.debug(f"calling generic_sso.verify_and_process")
request_body = await request.body() request_body = await request.body()