-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add custom OAuth option #16555
Comments
You're going to have to explain this a bit more clearly. |
At present, the third-party OAuth options of Gitea are very limited. It is recommended to add a custom OAuth configuration to theoretically enable any OAuth server to access Gitea, so as to increase Gitea selectivity. |
We have the OpenIDConnect provider which can be used if the provider obeys the spec expected by that provider. However, for example, Azure AD doesn't appear to work correctly for that. It may be possible to improve/change the OpenIDConnect implementation to fix some of the issues but one of the following things would have to happen:
With all that being said I am still concerned that going a purely generic OpenIDConnect route may not be possible, the underlying library we use: https://github.com/markbates/goth/tree/master/providers has specific provider implementations for individual providers - implying that there are sufficient differences and behavioural changes that simply providing a Generic provider is not going to work well in all cases. This means that we need to integrate each of the providers above individually - however, this library does not provide a common interface or control mechanism for adding these meaning each provider needs to be added specifically. Further the current methods in Gitea for adding these are not great. My latest PR #16544 changes the way in which we add providers to Gitea to make integrating others from the above library a bit easier - (the mechanism in #16544 is still not quite right and further improvements are required). However adding providers will still require code changes due to the underlying heterogeneity in the library. So in summary:
|
Add custom OAuth option.
The text was updated successfully, but these errors were encountered: