2023-09-25 16:57:47 +00:00
|
|
|
# Use OAuth providers
|
|
|
|
|
|
|
|
|
|
Opengist can be configured to use OAuth to authenticate users, with GitHub, Gitea, or OpenID Connect.
|
|
|
|
|
|
2024-09-11 23:47:15 +00:00
|
|
|
## GitHub
|
2023-09-25 16:57:47 +00:00
|
|
|
|
2024-01-04 15:45:57 +00:00
|
|
|
* Add a new OAuth app in your [GitHub account settings](https://github.com/settings/applications/new)
|
|
|
|
|
* Set 'Authorization callback URL' to `http://opengist.url/oauth/github/callback`
|
2024-09-11 23:47:15 +00:00
|
|
|
* Copy the 'Client ID' and 'Client Secret' and add them to the [configuration](cheat-sheet.md) :
|
2023-09-25 16:57:47 +00:00
|
|
|
```yaml
|
|
|
|
|
github.client-key: <key>
|
|
|
|
|
github.secret: <secret>
|
|
|
|
|
```
|
2024-09-11 23:47:15 +00:00
|
|
|
```shell
|
|
|
|
|
OG_GITHUB_CLIENT_KEY=<key>
|
|
|
|
|
OG_GITHUB_SECRET=<secret>
|
|
|
|
|
```
|
2023-09-25 16:57:47 +00:00
|
|
|
|
|
|
|
|
|
2023-12-18 00:35:44 +00:00
|
|
|
## GitLab
|
|
|
|
|
|
|
|
|
|
* Add a new OAuth app in Application settings from the [GitLab instance](https://gitlab.com/-/user_settings/applications)
|
2024-01-04 15:45:57 +00:00
|
|
|
* Set 'Redirect URI' to `http://opengist.url/oauth/gitlab/callback`
|
2024-09-11 23:47:15 +00:00
|
|
|
* Copy the 'Client ID' and 'Client Secret' and add them to the [configuration](cheat-sheet.md) :
|
2023-12-18 00:35:44 +00:00
|
|
|
```yaml
|
|
|
|
|
gitlab.client-key: <key>
|
|
|
|
|
gitlab.secret: <secret>
|
2023-12-18 17:21:28 +00:00
|
|
|
# URL of the GitLab instance. Default: https://gitlab.com/
|
2023-12-18 00:35:44 +00:00
|
|
|
gitlab.url: https://gitlab.com/
|
|
|
|
|
```
|
2024-09-11 23:47:15 +00:00
|
|
|
```shell
|
|
|
|
|
OG_GITLAB_CLIENT_KEY=<key>
|
|
|
|
|
OG_GITLAB_SECRET=<secret>
|
|
|
|
|
# URL of the GitLab instance. Default: https://gitlab.com/
|
|
|
|
|
OG_GITLAB_URL=https://gitlab.com/
|
|
|
|
|
```
|
|
|
|
|
|
2023-12-18 00:35:44 +00:00
|
|
|
|
|
|
|
|
|
2023-09-25 16:57:47 +00:00
|
|
|
## Gitea
|
|
|
|
|
|
|
|
|
|
* Add a new OAuth app in Application settings from the [Gitea instance](https://gitea.com/user/settings/applications)
|
2024-01-04 15:45:57 +00:00
|
|
|
* Set 'Redirect URI' to `http://opengist.url/oauth/gitea/callback`
|
2024-09-11 23:47:15 +00:00
|
|
|
* Copy the 'Client ID' and 'Client Secret' and add them to the [configuration](cheat-sheet.md) :
|
2023-09-25 16:57:47 +00:00
|
|
|
```yaml
|
|
|
|
|
gitea.client-key: <key>
|
|
|
|
|
gitea.secret: <secret>
|
|
|
|
|
# URL of the Gitea instance. Default: https://gitea.com/
|
|
|
|
|
gitea.url: http://localhost:3000
|
|
|
|
|
```
|
2024-09-11 23:47:15 +00:00
|
|
|
```shell
|
|
|
|
|
OG_GITEA_CLIENT_KEY=<key>
|
|
|
|
|
OG_GITEA_SECRET=<secret>
|
|
|
|
|
# URL of the Gitea instance. Default: https://gitea.com/
|
|
|
|
|
OG_GITEA_URL=http://localhost:3000
|
|
|
|
|
```
|
|
|
|
|
|
2023-09-25 16:57:47 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
## OpenID Connect
|
|
|
|
|
|
|
|
|
|
* Add a new OAuth app in Application settings of your OIDC provider
|
2024-01-04 15:45:57 +00:00
|
|
|
* Set 'Redirect URI' to `http://opengist.url/oauth/openid-connect/callback`
|
2024-09-11 23:47:15 +00:00
|
|
|
* Copy the 'Client ID', 'Client Secret', and the discovery endpoint, and add them to the [configuration](cheat-sheet.md) :
|
2023-09-25 16:57:47 +00:00
|
|
|
```yaml
|
|
|
|
|
oidc.client-key: <key>
|
|
|
|
|
oidc.secret: <secret>
|
|
|
|
|
# Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration
|
|
|
|
|
oidc.discovery-url: http://auth.example.com/.well-known/openid-configuration
|
|
|
|
|
```
|
2024-09-11 23:47:15 +00:00
|
|
|
```shell
|
|
|
|
|
OG_OIDC_CLIENT_KEY=<key>
|
|
|
|
|
OG_OIDC_SECRET=<secret>
|
|
|
|
|
# Discovery endpoint of the OpenID provider. Generally something like http://auth.example.com/.well-known/openid-configuration
|
|
|
|
|
OG_OIDC_DISCOVERY_URL=http://auth.example.com/.well-known/openid-configuration
|
|
|
|
|
```
|
|
|
|
|
|
