phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-27 11:43:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #2020 from Lunik/feat/generic-sso-scopes

Browse source 
 Allow to configure scopes in generic SSO
This commit is contained in:
Ishaan Jaff 2024-02-16 14:45:09 -08:00 committed by GitHub
commit e6b9e5b46f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
docs/my-website/docs/proxy/ui.md
View file

@ -126,6 +126,11 @@ GENERIC_TOKEN_ENDPOINT = "http://localhost:9090/token"
GENERIC_USERINFO_ENDPOINT = "http://localhost:9090/me" GENERIC_USERINFO_ENDPOINT = "http://localhost:9090/me"
``` ```
**Additional .env variables on your Proxy**
```shell
GENERIC_SCOPE = "openid profile email"
```
- Set Redirect URI, if your provider requires it - Set Redirect URI, if your provider requires it
- Set a redirect url = `<your proxy base url>/sso/callback` - Set a redirect url = `<your proxy base url>/sso/callback`
```shell ```shell

4
litellm/proxy/proxy_server.py
View file

@ -4565,6 +4565,7 @@ async def google_login(request: Request):
from fastapi_sso.sso.generic import create_provider, DiscoveryDocument from fastapi_sso.sso.generic import create_provider, DiscoveryDocument
generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None) generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None)
generic_scope = os.getenv("GENERIC_SCOPE", "openid email profile").split(" ")
generic_authorization_endpoint = os.getenv( generic_authorization_endpoint = os.getenv(
"GENERIC_AUTHORIZATION_ENDPOINT", None "GENERIC_AUTHORIZATION_ENDPOINT", None
) )
@ -4615,6 +4616,7 @@ async def google_login(request: Request):
client_secret=generic_client_secret, client_secret=generic_client_secret,
redirect_uri=redirect_url, redirect_uri=redirect_url,
allow_insecure_http=True, allow_insecure_http=True,
scope=generic_scope,
) )
with generic_sso: with generic_sso:
return await generic_sso.get_login_redirect() return await generic_sso.get_login_redirect()
@ -4765,6 +4767,7 @@ async def auth_callback(request: Request):
from fastapi_sso.sso.generic import create_provider, DiscoveryDocument from fastapi_sso.sso.generic import create_provider, DiscoveryDocument
generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None) generic_client_secret = os.getenv("GENERIC_CLIENT_SECRET", None)
generic_scope = os.getenv("GENERIC_SCOPE", "openid email profile").split(" ")
generic_authorization_endpoint = os.getenv( generic_authorization_endpoint = os.getenv(
"GENERIC_AUTHORIZATION_ENDPOINT", None "GENERIC_AUTHORIZATION_ENDPOINT", None
) )
@ -4815,6 +4818,7 @@ async def auth_callback(request: Request):
client_secret=generic_client_secret, client_secret=generic_client_secret,
redirect_uri=redirect_url, redirect_uri=redirect_url,
allow_insecure_http=True, allow_insecure_http=True,
scope=generic_scope,
) )
verbose_proxy_logger.debug(f"calling generic_sso.verify_and_process") verbose_proxy_logger.debug(f"calling generic_sso.verify_and_process")
request_body = await request.body() request_body = await request.body()