Questions about integrating a custom provider

[aelogonpin]

Hi,

I'm trying to create a custom provider based on the examples of the built-in providers like GitHub and Dex. However, I have a few questions about how to properly integrate it into the application:

Should the custom provider be placed in the same folder or structure as the default providers?
Do I need to declare it in some configuration file to make it work? If so, where exactly?

Are there any specific dependencies or requirements that the custom provider needs to meet to integrate properly with the system?

Any best practices or recommendations for organizing the provider's code?

While the examples are helpful, I'm not entirely sure how to make sure the custom provider is recognized and works correctly within the application's environment. Any guidance or help would be greatly appreciated.

Thanks!

[aeltorio]

Dear @aelogonpin,

Thank you for your interest in my work! 😊

To add your new provider, it’s easiest to place it in the same folder. Your provider must implement OAuthProvider and be added to the enum in libs/oauth2/src/lib.rs. Additionally, it should be included in theInto<String> and FromStr implementations.

Regarding best practices, there aren’t specific guidelines since your provider can be quite unique. However, contributions to the project are always welcome and appreciated!

Out of curiosity, are you using sctgdesk-api-server in standalone mode or integrated with sctgdesk-server?
Ronan

[aelogonpin]

Dear @aelogonpin,

Thank you for your interest in my work! 😊

To add your new provider, it’s easiest to place it in the same folder. Your provider must implement OAuthProvider and be added to the enum in libs/oauth2/src/lib.rs. Additionally, it should be included in theInto<String> and FromStr implementations.

Regarding best practices, there aren’t specific guidelines since your provider can be quite unique. However, contributions to the project are always welcome and appreciated!

Out of curiosity, are you using sctgdesk-api-server in standalone mode or integrated with sctgdesk-server?
Ronan

Hello again🙂. I am currently using the integrated version with all the components.

I wanted to see how it worked at the API level and the frontend page.

And the truth is that it works great, everything is built in 2 containers.

On the other hand, I imagine that adding the provider will mean having to create it in the standalone version.

In principle it would take me some time because I am not familiar with rust, but hey, it is never too late to start a new challenge xD.

My goal is to integrate Authentik as an IDP provider

Thanks for the information above ☺️

[aeltorio]

Hi @aelogonpin,

I’m 50 years old and have a background in C, later transitioning to C++, Java, and more recently, Go and Rust (depending on the project). Rust offers the speed of C but with significantly reduced risk of memory corruption in buggy code. Of course, in a perfect world with perfect developers, Rust wouldn’t be necessary!

Go, on the other hand, has a major advantage over C in that it generates static executables for all supported architectures, which is very useful for creating multi-architecture Docker images.

Regarding your Authentik provider project, you might just need to customize the OAuth2 provider. You'll need to modify the sctgdesk-api-server code, and once you're satisfied, update your sctgdesk-server clone to use your sctgdesk-api-server clone in the main Cargo.toml:

sctgdesk-api-server = { git = "https://github.com/sctg-development/sctgdesk-api-server.git", branch = "main" }

Alternatively, you can make a PR in sctgdesk-api-server, and I'll update sctgdesk-server and the Docker images accordingly.

[aelogonpin]

Hi @aelogonpin,

I’m 50 years old and have a background in C, later transitioning to C++, Java, and more recently, Go and Rust (depending on the project). Rust offers the speed of C but with significantly reduced risk of memory corruption in buggy code. Of course, in a perfect world with perfect developers, Rust wouldn’t be necessary!

Go, on the other hand, has a major advantage over C in that it generates static executables for all supported architectures, which is very useful for creating multi-architecture Docker images.

Regarding your Authentik provider project, you might just need to customize the OAuth2 provider. You'll need to modify the sctgdesk-api-server code, and once you're satisfied, update your sctgdesk-server clone to use your sctgdesk-api-server clone in the main Cargo.toml:

sctgdesk-api-server = { git = "https://github.com/sctg-development/sctgdesk-api-server.git", branch = "main" }

Alternatively, you can make a PR in sctgdesk-api-server, and I'll update sctgdesk-server and the Docker images accordingly.

If in this case, it is used through a reference to a git, the truth is that it is wonderful, I'm going to get to work =).

In case I can get something, I will make a PR to show you the results =).

Thank you very much for the info.

[aelogonpin]

I will make another question about the Github IDP.

Im triying to access with github login.

But when i login in appears this error.

If i look the api documentation:

**OIDC Auth Callback get /api/oidc/callback This function is an API endpoint that serves as the OAuth2 callback. It exchanges the authorization code for an access token and stores it in the state. It is tagged with "login" for OpenAPI documentation.

Parameters code: The authorization code received from the OIDC provider.

state: The state parameter received from the OIDC provider. This is the session code.

Returns If successful, this function returns "OK". If the session does not exist or the code exchange fails, this function returns "ERROR". **

I only make the config and modify the oauth2.toml:

[[provider]] provider = "Github" authorization_url = "https://github.com/login/oauth/authorize" token_exchange_url = "https://github.com/login/oauth/access_token" app_id = "Ovxxxxxxxxxxxxxxxx" app_secret = "41axxxxxxxxxxxxxxxxxxxxxx" scope = "read:user user:email" op_auth_string = "oidc/github" op = "github"

And the app i put the callback url in the github app:

http://domain:21114/api/oidc/callback

I forgot anything?

[aeltorio]

I opened a issue #16

[aeltorio]

@aelogonpin,

The bug you discovered has been resolved. The API server binaries are now up to date, and the build for the full sctgdesk-server is currently in progress.

Ronan