8000 Allow loading OIDC info from well-known endpoint · Issue #5712 · outline/outline · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Allow loading OIDC info from well-known endpoint #5712

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
tommoor opened this issue Aug 20, 2023 · 12 comments · Fixed by #9308
Closed

Allow loading OIDC info from well-known endpoint #5712

tommoor opened this issue Aug 20, 2023 · 12 comments · Fixed by #9308
Labels
enhancement It would be nice if… self-hosted Issues related to self-hosting the code

Comments

@tommoor
Copy link
Member
tommoor commented Aug 20, 2023
edited
Loading

Currently we require all of the OIDC endpoints to be provided separately, almost all OIDC implementations also publish a "well-known" endpoint that returns a JSON response with all of the configuration details required.

It would be good to have a new OIDC_CONFIGURATION_URL which can be provided with the client ID and secret, we can fetch the config on server startup and no more separate parameters would be required.

Related #3954
@tommoor tommoor added the enhancement It would be nice if… label Aug 20, 2023
@tommoor tommoor added the self-hosted Issues related to self-hosting the code label Aug 31, 2023
@github-actions GitHub Actions
Copy link
Contributor

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days

@github-actions github-actions bot added the stale label Dec 30, 2023
@Brukkil
Copy link
Brukkil commented Jan 3, 2024

+1
Please implement it

@github-actions github-actions bot removed the stale label Jan 4, 2024
@almereyda
Copy link

An odd convention that I have seen in multiple places now, is to reuse a given OIDC_ISSUER variable and take it for a discovery endpoint, if no other URLs are provided.

@apoorv-mishra apoorv-mishra mentioned this issue Apr 4, 2024
Closed
@almereyda
Copy link

I just returned here, intending to propose an OUTLINE_OIDC_ISSUER for the matter, as seen in other implementations.

Does this appear to be a convenient convention? The well-known URL path /.well-known/openid-configuration` comes with the guarantee, that it will always be at the same resource location.

@tommoor
Copy link
Member Author
tommoor commented May 24, 2024

as seen in other implementations

I'm not familiar with other implementations but we don't generally put OUTLINE_ in our env variables

@almereyda
Copy link

Okay. I was confused about issuer at first, when I saw it. Having seen it being used in multiple places for the sake of identifying the well-known endpoint, it can be assumed it's the standard.

The application-specific prefix in environmental variables is a common pattern seen elsewhere, which allows to distinguish and specify settings in the global .env more easily.

@github-actions GitHub Actions
Copy link
Contributor

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days

@github-actions github-actions bot added the stale label Sep 25, 2024
@almereyda
Copy link

The associated spec is OIDC Discovery.

Final: OpenID Connect Discovery 1.0 incorporating errata set 2

@github-actions github-actions bot removed the stale label Sep 26, 2024
@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@github-actions github-actions bot added the stale label Jan 25, 2025
@hmacr hmacr removed the stale label Jan 28, 2025
@coneillpj
Copy link

+1

@ados8

This comment has been minimized.

Sign in to view
@almereyda

This comment has been minimized.

Sign in to view
@outline outline deleted a comment from Neboer May 17, 2025
codegen-sh bot added a commit that referenced this issue May 25, 2025
@codegen-sh
feat: Add OIDC well-known endpoint discovery support
5359f26 
- Add OIDC_ISSUER environment variable for automatic endpoint discovery
- Implement fetchOIDCConfiguration function to fetch from well-known endpoint
- Add async plugin initialization system to PluginManager
- Create dynamic OIDC router factory for flexible endpoint configuration
- Maintain backward compatibility with manual endpoint configuration
- Add comprehensive tests for OIDC discovery functionality

Resolves #5712
@codegen-sh codegen-sh bot mentioned this issue May 25, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement It would be nice if… self-hosted Issues related to self-hosting the code
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Add OIDC well-known endpoint discovery support outline/outline
6 participants
@tommoor @almereyda @Brukkil @ados8 @coneillpj @hmacr
0