diff --git a/cmd/dex/config.go b/cmd/dex/config.go index aa49a18188..1f655d0a3e 100644 --- a/cmd/dex/config.go +++ b/cmd/dex/config.go @@ -365,9 +365,10 @@ func (s *Storage) UnmarshalJSON(b []byte) error { // Connector is a magical type that can unmarshal YAML dynamically. The // Type field determines the connector type, which is then customized for Config. type Connector struct { - Type string `json:"type"` - Name string `json:"name"` - ID string `json:"id"` + Type string `json:"type"` + Name string `json:"name"` + ID string `json:"id"` + Hidden bool `json:"hidden"` Config server.ConnectorConfig `json:"config"` } @@ -376,9 +377,10 @@ type Connector struct { // dynamically determine the type of the connector config. func (c *Connector) UnmarshalJSON(b []byte) error { var conn struct { - Type string `json:"type"` - Name string `json:"name"` - ID string `json:"id"` + Type string `json:"type"` + Name string `json:"name"` + ID string `json:"id"` + Hidden bool `json:"hidden"` Config json.RawMessage `json:"config"` } @@ -422,6 +424,7 @@ func (c *Connector) UnmarshalJSON(b []byte) error { Name: conn.Name, ID: conn.ID, Config: connConfig, + Hidden: conn.Hidden, } return nil } @@ -438,6 +441,7 @@ func ToStorageConnector(c Connector) (storage.Connector, error) { Type: c.Type, Name: c.Name, Config: data, + Hidden: c.Hidden, }, nil } diff --git a/server/handlers.go b/server/handlers.go index 6521bf6a93..9808b3a5a9 100644 --- a/server/handlers.go +++ b/server/handlers.go @@ -182,10 +182,11 @@ func (s *Server) handleAuthorization(w http.ResponseWriter, r *http.Request) { for index, conn := range connectors { connURL.Path = s.absPath("/auth", url.PathEscape(conn.ID)) connectorInfos[index] = connectorInfo{ - ID: conn.ID, - Name: conn.Name, - Type: conn.Type, - URL: template.URL(connURL.String()), + ID: conn.ID, + Name: conn.Name, + Type: conn.Type, + URL: template.URL(connURL.String()), + Hidden: conn.Hidden, } } diff --git a/server/templates.go b/server/templates.go index b77663e1f5..bb00c0dd6e 100644 --- a/server/templates.go +++ b/server/templates.go @@ -249,10 +249,11 @@ var scopeDescriptions = map[string]string{ } type connectorInfo struct { - ID string - Name string - URL template.URL - Type string + ID string + Name string + URL template.URL + Type string + Hidden bool } type byName []connectorInfo @@ -283,11 +284,17 @@ func (t *templates) deviceSuccess(r *http.Request, w http.ResponseWriter, client } func (t *templates) login(r *http.Request, w http.ResponseWriter, connectors []connectorInfo) error { - sort.Sort(byName(connectors)) + var visibleConnectors []connectorInfo + for _, connector := range connectors { + if !connector.Hidden { + visibleConnectors = append(visibleConnectors, connector) + } + } + sort.Sort(byName(visibleConnectors)) data := struct { Connectors []connectorInfo ReqPath string - }{connectors, r.URL.Path} + }{visibleConnectors, r.URL.Path} return renderTemplate(w, t.loginTmpl, data) } diff --git a/storage/storage.go b/storage/storage.go index 03883ef5aa..b26576fe2f 100644 --- a/storage/storage.go +++ b/storage/storage.go @@ -374,6 +374,8 @@ type Connector struct { // However, fixing this requires migrating Kubernetes objects for all previously created connectors, // or making Dex reading both tags and act accordingly. Config []byte `json:"email"` + // It specifies if the connector should be hidden in the login web page. + Hidden bool `json:"hidden"` } // VerificationKey is a rotated signing key which can still be used to verify