WIP: Rewrite auth for generic OIDC logins #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Draft

mataai wants to merge 4 commits into coderamp-labs:main from mataai:main

mataai commented May 1, 2025 •

edited

Loading

Hello I've been working on implementing standard OIDC login flows to not be locked into keycloak.
I am opening the PR for visibility as I am only working on it on my spare time.

Known defects that still have to be fixed:

There are two implementations of get_jwks_client.
The OIDC discovery url is getting called more than once due to where I've implemented it.
Groups and roles are passed differently by different providers (under groups in authentik and under realm_access.roles in keycloak)
Refresh tokens don't have their expiration time shared by all providers

mataai mentioned this pull request

Alternative Auth Service #34

Open

atyrode force-pushed the main branch from 1f6fa38 to 5fdbd5c Compare

May 1, 2025 10:17

Member

cyclotruc commented Jun 2, 2025

Sorry for not responding earlier, we got caught up on the huge refactor required for multiplayer v1
Those changes might have affected your work and the merge conflicts might be a bit hairy now, we're sorry for not noticing you earlier I admit it's not fair towards your efforts

I'd be happy to help you merge those changes in your current branch if you want to continue working on this very welcome feature, just let me know or give me access since I currently can't push to your branch

thanks again

Author

mataai commented Jun 3, 2025 •

edited

Loading

I've been really busy recently didn't have much time to work on it.
I added you to the fork if you want to take a look at it a bit.

mataai closed this

mataai force-pushed the main branch from ba297c3 to 5dbf134 Compare

June 3, 2025 23:06


          add backend launch config for vscode

daa49a6

mataai reopened this

Author

mataai commented Jun 3, 2025

I just took a look at your changes and decided to start from scratch I think it would be more effective. Many changes you've done make the implementation easier.
From what I've seen so far most of the changes will simply be to implement and use the OIDC discovery route and using the routes it provides for the login/token/jwks/logout actions instead of hard coding the Keycloak paths.

mataai added 3 commits

June 3, 2025 20:29


          Basic OIDC implementation

3e14a16


          add 2 todos

5227a80


          fix uuid crash when checking if user exists in DB

38ef236

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet