Closed gramakri closed 2 months ago
gramakri
commented
3 months ago @picman if you are open to it, we can submit a patch which add a setting which would replace the use of https://github.com/kontron/redmine_oauth/blob/main/app/controllers/redmine_oauth_controller.rb#L161
picman
commented
3 months ago Of course. Create a pull request to the devel branch.
picman
commented
3 months ago Where is the patch?
gramakri
commented
3 months ago @picman ah, I missed your initial message. I can create a patch against devel tomorrow.
sgrossberndt
commented
3 months ago We at TYPO3 are missing the same feature. Great to hear there is already progress here. I will test this once a patch has been provided.
gramakri
commented
2 months ago @picman @sgrossberndt I have an initial patch working. Will test a bit more over the weekend and submit a PR. Comments welcome (I am not a ruby or a redmine dev!)
gramakri
commented
2 months ago @picman @sgrossberndt I have submitted a PR
sgrossberndt
commented
2 months ago Thanks, I did not receive a notification for the PR. I will test it in the next days.
picman
commented
2 months ago Merged. You can test it.
OIDC registration creates new users (or not) based on redmine's self registration flag. This probably makes sense if OIDC provider is some social login provider (twitter, generic Google, GitHub etc).
This does not work for situations where the OIDC provider is for an internal Directory. For example, Keycloak, Authentik, Google Workspace etc. In such a set up, we want to disable redmine's self registration but want to enable login via the OIDC provider only.
I think having a plugin specific setting instead of using redmine's self registration flag would solve this.
https://github.com/kontron/redmine_oauth/issues/18 is related , I think