From aaf4a2cc6bff9148a779a97751f39f3a4a3b24b2 Mon Sep 17 00:00:00 2001
From: itskovacs <itskovacs@proton.me>
Date: Thu, 24 Jul 2025 18:55:18 +0200
Subject: [PATCH] :bug: Generic OIDC authentication

---
 backend/trip/config.py       | 2 --
 backend/trip/routers/auth.py | 4 ++--
 backend/trip/security.py     | 6 +++---
 3 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/backend/trip/config.py b/backend/trip/config.py
index e665cf3..204b238 100644
--- a/backend/trip/config.py
+++ b/backend/trip/config.py
@@ -19,10 +19,8 @@ class Settings(BaseSettings):
 
     REGISTER_ENABLE: bool = True
     OIDC_DISCOVERY_URL: str = ""
-    OIDC_PROTOCOL: str = "https"
     OIDC_CLIENT_ID: str = ""
     OIDC_CLIENT_SECRET: str = ""
-    OIDC_HOST: str = ""
     OIDC_REDIRECT_URI: str = ""
 
     class Config:
diff --git a/backend/trip/routers/auth.py b/backend/trip/routers/auth.py
index d8973ae..4c2f1c0 100644
--- a/backend/trip/routers/auth.py
+++ b/backend/trip/routers/auth.py
@@ -16,7 +16,7 @@ router = APIRouter(prefix="/api/auth", tags=["auth"])
 async def auth_params() -> AuthParams:
     data = {"oidc": None, "register_enabled": settings.REGISTER_ENABLE}
 
-    if settings.OIDC_HOST and settings.OIDC_CLIENT_ID and settings.OIDC_CLIENT_SECRET:
+    if settings.OIDC_CLIENT_ID and settings.OIDC_CLIENT_SECRET:
         oidc_config = await get_oidc_config()
         auth_endpoint = oidc_config.get("authorization_endpoint")
         data["oidc"] = (
@@ -28,7 +28,7 @@ async def auth_params() -> AuthParams:
 
 @router.post("/oidc/login", response_model=Token)
 async def oidc_login(session: SessionDep, code: str = Body(..., embed=True)) -> Token:
-    if not (settings.OIDC_HOST or settings.OIDC_CLIENT_ID or settings.OIDC_CLIENT_SECRET):
+    if not (settings.OIDC_CLIENT_ID or settings.OIDC_CLIENT_SECRET):
         raise HTTPException(status_code=400, detail="Partial OIDC config")
 
     oidc_config = await get_oidc_config()
diff --git a/backend/trip/security.py b/backend/trip/security.py
index 23e2770..26c2602 100644
--- a/backend/trip/security.py
+++ b/backend/trip/security.py
@@ -71,9 +71,9 @@ async def get_oidc_config():
     if OIDC_CONFIG:
         return OIDC_CONFIG
 
-    discovery_url = f"{settings.OIDC_PROTOCOL}://{settings.OIDC_HOST}/.well-known/openid-configuration"
-    if settings.OIDC_DISCOVERY_URL:
-        discovery_url = settings.OIDC_DISCOVERY_URL
+    discovery_url = settings.OIDC_DISCOVERY_URL
+    if not discovery_url:
+        raise HTTPException(status_code=500, detail="OIDC_DISCOVERY_URL not configured")
 
     OIDC_CONFIG = await httpx_get(discovery_url)
     return OIDC_CONFIG