[feature request] different oidc/oauth providers #10164
Comments
techknowlogick
added
the
type/question
|
This is already possible. Under auth tab in admin panel, add a new auth source with type oauth2, and select OIDC as type. Then use https://idp.int.identitysandbox.gov/.well-known/openid-configuration as the auto discovery URL (and the other information as provided by login.gov) |
|
@techknowlogick the auto discovery doesn't work with login.gov.
Basically its a different flow. ¯\(ツ)/¯. I see there are other providers, so would it be hard for me to add a custom provider if it has a different flow? |
|
Ah, in that case, let me re-open this issue. We use https://github.com/markbates/goth for most login systems, and so if you could get login.gov into that upstream library it isn't much additional work to get it into gitea. I could provide guidance if needed, feel free to ask any question :) |
techknowlogick
added
type/proposal
|
@techknowlogick thanks, I ended up making a PR for goth earlier today. Now I’m just waiting on feedback. markbates/goth#318 |
|
I have the same problem. |
|
I'm having a similar issue, though I have a custom OIDC provider implemented with Authlib - it currently requires the "nonce" parameter be provided. (And it seems to be good practice to do that.) |
|
Just realized it's been 3 years. Nice. We just forked goth (see my PR above) and built gitea locally using that fork. Hope that helps. |
|
@andrewzah thanks for that. Thankfully, since I can just change the code for the OIDC provider I intended to use, I just disabled the nonce requirement until something happens with this. |
How feasible would it be to implement different oidc/oauth providers? Ones with a different flow than github et. al, such as login.gov. I already implemented a middleware handler for login.gov for caddy in golang, so adapting it shouldn't be too difficult.
I can work on a PR if someone can give me some pointers on where to start looking, etc.
The text was updated successfully, but these errors were encountered: