Open vanillajonathan opened 4 years ago
What is this? A feature request? :)
Yes, this is a feature request.
@vanillajonathan I encourage you to start this, We have a lot of providers already so you can copy all the tests and when they pass you will be all set.
You may also be able to leverage kinto-openid for Github an be ready without coding anything.
https://docs.kinto-storage.org/en/stable/api/1.x/openid.html
kinto.includes = kinto.plugins.openid
multiauth.policies = github
multiauth.policy.github.use = kinto.plugins.openid.OpenIDConnectPolicy
multiauth.policy.github.issuer_url = https://github.com
multiauth.policy.github.client_id = GITHUB_CLIENT_ID
multiauth.policy.github.client_secret = GITHUB_CLIENT_SECRET
multiauth.policy.github.userid_field = email
Well apparently we would need to support setting the oauth/authorize
and oauth/token
URLs in the config since Github doesn't handle the well-known URL
Ok sorry I wrote all this about Github while you were talking about Gitlab.
https://kinto-instance.com/v1/openid/gitlab/token
kinto.includes = kinto.plugins.openid
multiauth.policies = gitlab
multiauth.policy.gitlab.use = kinto.plugins.openid.OpenIDConnectPolicy
multiauth.policy.gitlab.issuer_url = https://gitlab.com
multiauth.policy.gitlab.client_id = GITLAB_CLIENT_ID
multiauth.policy.gitlab.client_secret = GITLAB_CLIENT_SECRET
multiauth.policy.gitlab.userid_field = email
It would be nice if this was setup on the demo server.
It is not possible to handle all the openid providers that one could think about but it is quite handy to use the kinto-heroku deploy button to try it.
I see.
Add support for using GitLab as OpenID Connect identity provider.
https://docs.gitlab.com/ee/integration/openid_connect_provider.html