blsmedia/bot
2
0
Fork 0
Code Activity

🧑‍💻 (auth) Improve Custom OAuth set up

Browse Source 
Now only ask for a well-known URL

Closes #229
This commit is contained in:
Baptiste Arnaud
2023-01-10 08:24:44 +01:00
parent 21f1c7a17e
commit 3bc02406f3
2 changed files with 12 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apps/builder/src/pages/api/auth/[...nextauth].ts
View File

@ -97,17 +97,14 @@ if (
)
}
if (isNotEmpty(process.env.CUSTOM_OAUTH_AUTHORIZATION_URL)) {
if (isNotEmpty(process.env.CUSTOM_OAUTH_WELL_KNOWN_URL)) {
providers.push({
id: 'custom-oauth',
name: process.env.CUSTOM_OAUTH_NAME ?? 'Custom OAuth',
type: 'oauth',
clientId: process.env.CUSTOM_OAUTH_CLIENT_ID,
clientSecret: process.env.CUSTOM_OAUTH_CLIENT_SECRET,
authorization: process.env.CUSTOM_OAUTH_AUTHORIZATION_URL,
token: process.env.CUSTOM_OAUTH_TOKEN_URL,
userinfo: process.env.CUSTOM_OAUTH_USERINFO_URL,
idToken: process.env.CUSTOM_OAUTH_ENABLE_ID_TOKEN === 'true',
wellKnown: process.env.CUSTOM_OAUTH_WELL_KNOWN_URL,
profile(profile) {
return {
id: getAtPath(profile, process.env.CUSTOM_OAUTH_USER_ID_PATH ?? 'id'),

23
apps/docs/docs/self-hosting/configuration/builder.mdx
View File

@ -105,19 +105,16 @@ The Authorization callback URL should be `$NEXTAUTH_URL/api/auth/callback/azure-
## Custom OAuth Provider (Auth)
| Parameter | Default | Description |
| ------------------------------ | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| CUSTOM_OAUTH_NAME | Custom OAuth | Provider name. Is displayed in the sign in form. |
| CUSTOM_OAUTH_CLIENT_ID | -- | OAuth client ID. |
| CUSTOM_OAUTH_CLIENT_SECRET | -- | OAuth client secret. |
| CUSTOM_OAUTH_AUTHORIZATION_URL | -- | OAuth autorization URL (i.e. `https://kauth.kakao.com/oauth/authorize`) |
| CUSTOM_OAUTH_TOKEN_URL | -- | OAuth token URL (i.e. `https://kauth.kakao.com/oauth/token`) |
| CUSTOM_OAUTH_USERINFO_URL | -- | User info URL (i.e. `https://kapi.kakao.com/v2/user/me`) |
| CUSTOM_OAUTH_ENABLE_ID_TOKEN | false | If set to true, the user information will be extracted from the id_token claims, instead of making a request to the userinfo endpoint. id_token is usually present in OpenID Connect (OIDC) compliant providers. |
| CUSTOM_OAUTH_USER_ID_PATH | id | Used to map the id from the user info object |
| CUSTOM_OAUTH_USER_NAME_PATH | name | Used to map the name from the user info object |
| CUSTOM_OAUTH_USER_EMAIL_PATH | email | Used to map the email from the user info object |
| CUSTOM_OAUTH_USER_IMAGE_PATH | image | Used to map the image from the user info object |
| Parameter | Default | Description |
| ---------------------------- | ------------ | --------------------------------------------------------------------------------------- |
| CUSTOM_OAUTH_NAME | Custom OAuth | Provider name. Will be displayed in the sign in form. |
| CUSTOM_OAUTH_CLIENT_ID | -- | OAuth client ID. |
| CUSTOM_OAUTH_CLIENT_SECRET | -- | OAuth client secret. |
| CUSTOM_OAUTH_WELL_KNOWN_URL | -- | OAuth .well-known URL (i.e. `https://auth.domain.com/.well-known/openid-configuration`) |
| CUSTOM_OAUTH_USER_ID_PATH | id | Used to map the id from the user info object |
| CUSTOM_OAUTH_USER_NAME_PATH | name | Used to map the name from the user info object |
| CUSTOM_OAUTH_USER_EMAIL_PATH | email | Used to map the email from the user info object |
| CUSTOM_OAUTH_USER_IMAGE_PATH | image | Used to map the image from the user info object |
For `*_PATH` parameters, you can use dot notation to access nested properties (i.e. `account.name`).