fix: fix AAD single-tenant mode bug

0xhanh · Mar 31, 2023 · 8eb68ba · 8eb68ba
1 parent 8d1ae4e
commit 8eb68ba
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/idp/goth.go b/idp/goth.go
@@ -88,7 +88,7 @@ type GothIdProvider struct {
 	Session  goth.Session
 }
 
-func NewGothIdProvider(providerType string, clientId string, clientSecret string, redirectUrl string) *GothIdProvider {
+func NewGothIdProvider(providerType string, clientId string, clientSecret string, redirectUrl string, hostUrl string) *GothIdProvider {
 	var idp GothIdProvider
 	switch providerType {
 	case "Amazon":
@@ -102,8 +102,13 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Session:  &apple.Session{},
 		}
 	case "AzureAD":
+		domain := "common"
+		if hostUrl != "" {
+			domain = hostUrl
+		}
+
 		idp = GothIdProvider{
-			Provider: azureadv2.New(clientId, clientSecret, redirectUrl, azureadv2.ProviderOptions{Tenant: "common"}),
+			Provider: azureadv2.New(clientId, clientSecret, redirectUrl, azureadv2.ProviderOptions{Tenant: azureadv2.TenantType(domain)}),
 			Session:  &azureadv2.Session{},
 		}
 	case "Auth0":

diff --git a/idp/provider.go b/idp/provider.go
@@ -90,7 +90,7 @@ func GetIdProvider(typ string, subType string, clientId string, clientSecret str
 	} else if typ == "Douyin" {
 		return NewDouyinIdProvider(clientId, clientSecret, redirectUrl)
 	} else if isGothSupport(typ) {
-		return NewGothIdProvider(typ, clientId, clientSecret, redirectUrl)
+		return NewGothIdProvider(typ, clientId, clientSecret, redirectUrl, hostUrl)
 	} else if typ == "Bilibili" {
 		return NewBilibiliIdProvider(clientId, clientSecret, redirectUrl)
 	}