francescoalbano/tripweb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

📝 Generic OIDC authentication docs

Browse Source
This commit is contained in:
itskovacs 2025-07-24 18:55:29 +02:00
parent aaf4a2cc6b
commit ebafb1413f
1 changed files with 4 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
docs/config.md
View File

@ -18,22 +18,15 @@ REFRESH_TOKEN_EXPIRE_MINUTES=1440
### Configure OIDC Auth ### Configure OIDC Auth
> [!TIP]
> By default, `OIDC_PROTOCOL` is `https` and `OIDC_REALM` is `master`
```yaml ```yaml
OIDC_DISCOVERY_URL="https://sso.yourdomain.lan/.well-known/openid-configuration"
OIDC_CLIENT_ID="your-client-id" OIDC_CLIENT_ID="your-client-id"
OIDC_CLIENT_SECRET="your-client-secret" OIDC_CLIENT_SECRET="your-client-secret"
OIDC_HOST="sso.yourdomain.lan" OIDC_REDIRECT_URI="https://trip.yourdomain.lan/auth"
OIDC_REDIRECT_URI="your-redirect-uri"
# Optional,
OIDC_PROTOCOL="https"
OIDC_REALM="master"
``` ```
> [!CAUTION] > [!CAUTION]
> You might face a `SSLError` / `CERTIFICATE_VERIFY_FAILED` if you use `https` protocol. I invite you to check [Troubleshoot SSL Error](#tbshoot-cert) section > You might face a `SSLError` / `CERTIFICATE_VERIFY_FAILED`. I invite you to check [Troubleshoot SSL Error](#tbshoot-cert) section
### Disable registration ### Disable registration
@ -64,7 +57,7 @@ One way to check if you're concerned by this is simply doing the following and c
$ docker run --rm -it ghcr.io/itskovacs/trip:1 /bin/bash $ docker run --rm -it ghcr.io/itskovacs/trip:1 /bin/bash
$ python3 $ python3
>>> import httpx >>> import httpx
>>> httpx.get("https://your-keycloak-host/") >>> httpx.get("https://sso.yourdomain.lan/")
``` ```
In case you're facing this issue, it's likely due to the fact that the container does not trust you custom certificate. In case you're facing this issue, it's likely due to the fact that the container does not trust you custom certificate.