SSO with OIDC #156
SSO with OIDC #156
Conversation
|
Perhaps also solves #26? |
| @@ -165,10 +168,10 @@ Hi, I'm Wingy. I made this app. My website is [samwing.dev](https://samwing.dev) | |||
| <table> | |||
| <tr> | |||
| <td align="center"> | |||
| <a href="https://github.com/Wingysam"> | |||
There was a problem hiding this comment.
Apologies. First time submitting a comment on a PR on mobile. These are the lines specifically to revert before merging. Thanks.
There was a problem hiding this comment.
It’s OK, I was worried about this previously but it resolves itself when @Wingysam merges.
|
Is there an image available with these changes? I tried building one, but encountered some weird extension issues when starting a container. |
|
I'd like to keep backwards compatibility with the Google configuration. I'm also concerned that calling it OIDC on the button labels might confuse people. I doubt that anyone in my family except for me has ever heard of OIDC. Maybe we could have an environment variable where the user provides the name/icon of the service being used for login? |
This change makes the single sign on capability generic and looks to satisfy the requirements of #131.
It's basically the same as what we have already for Google accounts but would support any OIDC provider. I have tested this configuration with OIDC to Google and with Authentik,
I have renamed the configuration options and environment variables to be
OIDCinstead of google. The required environment variables to be set now are:If you are using Google, for example, all of the above items apart from issuer (which is always
https://accounts.google.com) are given to your when you download the JSON file that has the client ID and secret. For example:With something like Authentic, you get shown the URLs when you configure your OIDC provider:
When you are configuring an OIDC provider you must configure the following redirect URLs: