Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OIDC support #3743

Closed
wants to merge 182 commits into from
Closed

OIDC support #3743

wants to merge 182 commits into from

Conversation

lenaxia
Copy link

@lenaxia lenaxia commented Jan 9, 2024

Description

This PR rebases the oidc changes to the current Overseerr mainline (develop), and fixes some improper OIDC implementation. Because of this, it now works with authelia. Changes have also been revalidated to work with a basic configuration of Authentik. I have not tested this with other OIDC providers.

I will open a new PR to sct/overseerr if we don't merge here.

Fixes include:

  • Adding support for scope and error parameters in the oidc-callback endpoint (these are all optional parameters)
  • fixing callback redirect_uri protocol generation to base on the initiating protocol, as opposed to assumping https, which is what it did previously
  • add support for the aud (audience) callback parameter being an array. the OIDC spec allows aud to be either a string, or an array of strings. Previous implementation here only allowed string when doing a oidc validation. This is now fixed to support both string and array
  • Added improved logging and error handling to make future debugging easier.
  • change default logging level to be info if LOG_LEVEL env variable is not defined (previously was debug)
  • Improved JWT token validation robustness

Screenshot (if UI-related)

To-Dos

  • Successful build yarn build
  • Translation keys yarn i18n:extract
  • [-] Database migration (if required)

Issues Fixed or Closed

ankarhem and others added 30 commits October 1, 2022 19:08
feat: oidc 2

feat: oidc
Fallenbagel and others added 19 commits January 3, 2024 00:49
* feat: select default seriesType for anime

Added flexibility to set default anime series type in service settings. Now you can choose
'standard' for anime if you prefer it, making it easier to use features like searching for season
packs on Sonarr.

fix sct#3626

* feat: extracted translations
* feat: added a standard series type selector

* fix: moved series type property to correct interface
* update session cookie samesite policy to lax

* set cookie samesite policy based on csrf protection setting
* docs: update README.md

* docs: update .all-contributorsrc

---------

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
deleting it for PR back to mainline
@sct
Copy link
Owner

sct commented Jan 10, 2024

Would love to review this but there is something really weird going on with the commit history here? Can we fix that? it should be rebased on develop so we are only seeing your new changes overlayed on the current head.

@lenaxia
Copy link
Author

lenaxia commented Jan 10, 2024 via email

@lenaxia
Copy link
Author

lenaxia commented Jan 10, 2024

@sct Had to open a new PR because the history of this branch got way too messed up. So #3746

@lenaxia lenaxia closed this Jan 10, 2024
Repository owner deleted a comment Jan 10, 2024
Repository owner deleted a comment Jan 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.