Closed FW-Notifications closed 3 weeks ago
I would also love to see this implemented.
Hi, during Hackergarten Dortmund in June we started to look into this: see https://github.com/madmas/twenty/tree/addOpenIdConnectSupport We managed to add the switch to show the "login with OpenID Connect" option when enabled. But we did not get passport-openidconnect to work, it seems to crash at https://github.com/madmas/twenty/blob/10237b19fa9db794e8a4d243c90e50654116e61e/packages/twenty-server/src/engine/core-modules/auth/strategies/openidconnect.auth.strategy.ts#L27 (at least thats where we tracked the cause of the HTTP 500 down to. Maybe someone has a good suggestion what goes wrong there for Passport and the OpenIdConnect strategy?
Hey @madmas - I was also looking forward to having this supported. I did some debugging in your branch, and managed to surface this error:
Error: OpenID Connect requires session support. Did you forget to use `express-session` middleware?
If you install the express-session
package as follows:
$ yarn add express-session
$ yarn add -D @types/express-session
And then run
import session from "express-session";
// ...
app.use(session({secret: ENV_CONFIGURE_SECRET, ...other_options}))
The app no longer results in a 500 error 🙂
You should also ensure that you allow users to set the issuer
and other URLs via environment variables.
Hope this helps!
This would be a very helpful feature!
I would also love to see this implemented.
Scope & Context
I would love to see Openid Connect Integration in this tool! It would allow to connect twenty to any authentication provider like google, microsoft354, keycloak, authentik and many more!
Technical inputs
There is a passport stragy for openid connect: passport-openidconnect