summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/pybind/mgr/cephadm/services/oauth2_proxy.py6
-rw-r--r--src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j22
-rw-r--r--src/python-common/ceph/deployment/service_spec.py4
3 files changed, 6 insertions, 6 deletions
diff --git a/src/pybind/mgr/cephadm/services/oauth2_proxy.py b/src/pybind/mgr/cephadm/services/oauth2_proxy.py
index c19005c95f3..cabb21bce13 100644
--- a/src/pybind/mgr/cephadm/services/oauth2_proxy.py
+++ b/src/pybind/mgr/cephadm/services/oauth2_proxy.py
@@ -67,12 +67,12 @@ class OAuth2ProxyService(CephadmService):
def generate_config(self, daemon_spec: CephadmDaemonDeploySpec) -> Tuple[Dict[str, Any], List[str]]:
assert self.TYPE == daemon_spec.daemon_type
svc_spec = cast(OAuth2ProxySpec, self.mgr.spec_store[daemon_spec.service_name].spec)
- whitelist_domains = svc_spec.whitelist_domains or []
- whitelist_domains += self.get_service_ips_and_hosts('mgmt-gateway')
+ allowlist_domains = svc_spec.allowlist_domains or []
+ allowlist_domains += self.get_service_ips_and_hosts('mgmt-gateway')
context = {
'spec': svc_spec,
'cookie_secret': svc_spec.cookie_secret or self.generate_random_secret(),
- 'whitelist_domains': whitelist_domains,
+ 'allowlist_domains': allowlist_domains,
'redirect_url': svc_spec.redirect_url or self.get_redirect_url()
}
diff --git a/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2 b/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2
index 20ca8cb6504..c8d9f920adf 100644
--- a/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2
+++ b/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2
@@ -34,4 +34,4 @@ set_xauthrequest= true
# Secret value for encrypting cookies.
cookie_secret= "{{ cookie_secret }}"
email_domains= "*"
-whitelist_domains= "{{ whitelist_domains | join(',') }}"
+whitelist_domains= "{{ allowlist_domains | join(',') }}"
diff --git a/src/python-common/ceph/deployment/service_spec.py b/src/python-common/ceph/deployment/service_spec.py
index 2238cd01c37..33a6da75f0b 100644
--- a/src/python-common/ceph/deployment/service_spec.py
+++ b/src/python-common/ceph/deployment/service_spec.py
@@ -1926,7 +1926,7 @@ class OAuth2ProxySpec(ServiceSpec):
cookie_secret: Optional[str] = None,
ssl_certificate: Optional[str] = None,
ssl_certificate_key: Optional[str] = None,
- whitelist_domains: Optional[List[str]] = None,
+ allowlist_domains: Optional[List[str]] = None,
unmanaged: bool = False,
extra_container_args: Optional[GeneralArgList] = None,
extra_entrypoint_args: Optional[GeneralArgList] = None,
@@ -1964,7 +1964,7 @@ class OAuth2ProxySpec(ServiceSpec):
self.ssl_certificate_key = ssl_certificate_key
#: List of allowed domains for safe redirection after login or logout,
# preventing unauthorized redirects.
- self.whitelist_domains = whitelist_domains
+ self.allowlist_domains = allowlist_domains
self.unmanaged = unmanaged
def get_port_start(self) -> List[int]:
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 04:24:33 +0100