feat: use oidc well-known url

simple-login / app

The SimpleLogin back-end and web app

https://simplelogin.io

GNU Affero General Public License v3.0

5.04k stars 421 forks source link

feat: use oidc well-known url #2077

Closed muhlba91 closed 5 months ago

muhlba91 commented 6 months ago

follow-up of #2046 to be able to use the well-known OIDC URL defined as OIDC_WELL_KNOWN_URL instead of specifying all OIDC related URLs.

if the OIDC_WELL_KNOWN_URL is specified all other OIDC related URL env variables are ignored and the configuration is read from the well-known endpoint.

additionally, the next URL is kept in the session (and cleared afterwards) to ensure the OIDC redirect URL is clean for the OIDC server to recognize correctly.

muhlba91 commented 6 months ago

@viq @Queuecumber this is the follow-up PR from #2046

@nguyenkims @acasajus would you mind reviewing the PR? 😃

muhlba91 commented 5 months ago

@acasajus @nguyenkims thank you for your feedback! i have reduced to only supporting the well-known endpoint and renamed the redirect_url property as requested. i'd appreciate if you could have another look. 😃