mirror of
https://github.com/sissbruecker/linkding
synced 2024-11-25 04:40:20 +00:00
Add option to disable SSL verification for OIDC (#684)
* Add setting OIDC_VERIFY_SSL Passtrough the setting OIDC_VERIFY_SSL in order to allow self-signed certificates/custom certificate authority for the OIDC provider * Update Options.md to include the new setting OIDC_VERIFY_SSL * add default setting test --------- Co-authored-by: Sascha Ißbrücker <sascha.issbruecker@gmail.com>
This commit is contained in:
parent
f7bd6ccb31
commit
5d8fdebb7c
3 changed files with 14 additions and 0 deletions
|
@ -49,3 +49,15 @@ class OidcSupportTest(TestCase):
|
|||
base_settings.AUTHENTICATION_BACKENDS,
|
||||
)
|
||||
del os.environ["LD_ENABLE_OIDC"] # Remove the temporary environment variable
|
||||
|
||||
def test_default_settings(self):
|
||||
os.environ["LD_ENABLE_OIDC"] = "True"
|
||||
base_settings = importlib.import_module("siteroot.settings.base")
|
||||
importlib.reload(base_settings)
|
||||
|
||||
self.assertEqual(
|
||||
True,
|
||||
base_settings.OIDC_VERIFY_SSL,
|
||||
)
|
||||
|
||||
del os.environ["LD_ENABLE_OIDC"]
|
||||
|
|
|
@ -118,6 +118,7 @@ The following options can be configured:
|
|||
- `OIDC_RP_CLIENT_SECRET` - The client secret of the application.
|
||||
- `OIDC_RP_SIGN_ALGO` - The algorithm the OIDC provider uses to sign ID tokens. Default is `RS256`.
|
||||
- `OIDC_USE_PKCE` - Whether to use PKCE for the OIDC flow. Default is `True`.
|
||||
- `OIDC_VERIFY_SSL` - Whether to verify the SSL certificate of the OIDC provider. Set to `False` if using self-signed certificates or custom certificate authority. Default is `True`.
|
||||
|
||||
<details>
|
||||
|
||||
|
|
|
@ -212,6 +212,7 @@ if LD_ENABLE_OIDC:
|
|||
OIDC_RP_CLIENT_SECRET = os.getenv("OIDC_RP_CLIENT_SECRET")
|
||||
OIDC_RP_SIGN_ALGO = os.getenv("OIDC_RP_SIGN_ALGO", "RS256")
|
||||
OIDC_USE_PKCE = os.getenv("OIDC_USE_PKCE", True) in (True, "True", "1")
|
||||
OIDC_VERIFY_SSL = os.getenv("OIDC_VERIFY_SSL", True) in (True, "True", "1")
|
||||
|
||||
# Enable authentication proxy support if configured
|
||||
LD_ENABLE_AUTH_PROXY = os.getenv("LD_ENABLE_AUTH_PROXY", False) in (True, "True", "1")
|
||||
|
|
Loading…
Reference in a new issue