Skip to content

Add a link to OpenID Issuer URL in WebFinger response #26000

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jul 20, 2023

Conversation

peeley
Copy link
Contributor

@peeley peeley commented Jul 20, 2023

This change adds an entry to the links field of the /.well-known/webfinger response. The new entry points to the appURL as an OpenID issuer. This is consistent with the output of /.well-known/openid-configuration, which also uses the value of appURL.

This change is required for Tailscale SSO to work, as it uses the OpenID Issuer URL when querying the Tailscale user email during signup/login (docs).

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jul 20, 2023
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jul 20, 2023
@techknowlogick techknowlogick added lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. backport/v1.20 This PR should be backported to Gitea 1.20 type/enhancement An improvement of existing functionality and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. backport/v1.20 This PR should be backported to Gitea 1.20 labels Jul 20, 2023
This change adds an entry to the `links` field of the
`/.well-known/webfinger` response. The new entry points to the `appURL`
as an OpenID issuer. This is consistent with the output of
`/.well-known/openid-configuration`, which also uses the value of
`appURL`.

This change is required for Tailscale SSO to work, as it uses the OpenID
Issuer URL when querying the Tailscale user email during signup/login.
@peeley peeley force-pushed the add-oidc-issuer-webfinger-links branch from ede1c04 to 1dd2715 Compare July 20, 2023 02:36
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jul 20, 2023
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jul 20, 2023
@lunny lunny added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Jul 20, 2023
@lunny lunny merged commit df55f9b into go-gitea:main Jul 20, 2023
@GiteaBot GiteaBot added this to the 1.21.0 milestone Jul 20, 2023
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Jul 20, 2023
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Oct 18, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/enhancement An improvement of existing functionality
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants