mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Document OpenID connect setup for Miniflux (#1683)

Browse source 
This change adds documentation on how to set up OpenID connect with
Miniflux, a feedreader application.

Miniflux currently does not support PKCE, and I've therefore raised and
upstream issue, that I reference in the book section.
This commit is contained in:
Martin Weinelt 2023-06-03 03:28:24 +02:00 committed by GitHub
parent 2d99cd082d
commit d3fda4210f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CONTRIBUTORS.md
View file

@ -28,6 +28,7 @@
- Sebastiano Tocci(Seba-T)
- Minh Phan (MinhPhan8803)
- Kenton Groombridge (0xC0ncord)
- Martin Weinelt (hexa)
## Acknowledgements

17
book/src/integrations/oauth2.md
View file

@ -262,6 +262,23 @@ In the virtual host, to protect a location:
</Location>
```
### Miniflux
Miniflux is a feedreader that supports OAuth 2.0 and OpenID connect. It automatically appends
the `.well-known` parts to the discovery endpoint. The application name in the redirect URL
needs to match the `OAUTH2_PROVIDER` name.
```
OAUTH2_PROVIDER = "kanidm";
OAUTH2_CLIENT_ID = "miniflux";
OAUTH2_CLIENT_SECRET = "<oauth2_rs_basic_secret>";
OAUTH2_REDIRECT_URL = "https://feeds.example.com/oauth2/kanidm/callback";
OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://idm.example.com/oauth2/openid/<oauth2_rs_name>";
````
Currently Miniflux [does not support PKCE](https://github.com/miniflux/v2/issues/1910) and Kanidm will
prevent logins until you [disable PKCE](#extended-options-for-legacy-clients) for the resource server.
### Nextcloud
Install the module [from the nextcloud market place](https://apps.nextcloud.com/apps/user_oidc) - it