-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[feature request] different oidc/oauth providers #10164
Comments
This is already possible. Under auth tab in admin panel, add a new auth source with type oauth2, and select OIDC as type. Then use https://idp.int.identitysandbox.gov/.well-known/openid-configuration as the auto discovery URL (and the other information as provided by login.gov) |
@techknowlogick the auto discovery doesn't work with login.gov.
Basically its a different flow. ¯\(ツ)/¯. I see there are other providers, so would it be hard for me to add a custom provider if it has a different flow? |
Ah, in that case, let me re-open this issue. We use https://github.com/markbates/goth for most login systems, and so if you could get login.gov into that upstream library it isn't much additional work to get it into gitea. I could provide guidance if needed, feel free to ask any question :) |
@techknowlogick thanks, I ended up making a PR for goth earlier today. Now I’m just waiting on feedback. markbates/goth#318 |
I have the same problem. |
I'm having a similar issue, though I have a custom OIDC provider implemented with Authlib - it currently requires the "nonce" parameter be provided. (And it seems to be good practice to do that.) |
Just realized it's been 3 years. Nice. We just forked goth (see my PR above) and built gitea locally using that fork. Hope that helps. |
@andrewzah thanks for that. Thankfully, since I can just change the code for the OIDC provider I intended to use, I just disabled the nonce requirement until something happens with this. |
How feasible would it be to implement different oidc/oauth providers? Ones with a different flow than github et. al, such as login.gov. I already implemented a middleware handler for login.gov for caddy in golang, so adapting it shouldn't be too difficult.
I can work on a PR if someone can give me some pointers on where to start looking, etc.
The text was updated successfully, but these errors were encountered: