[openstreetmap/openstreetmap-website] Add openid connect support using doorkeeper-openid_connect gem (PR #4226)
Milan Cvetkovic
notifications at github.com
Thu Sep 7 17:24:22 UTC 2023
@tomhughes
> I think we need to understand exactly the interaction between claims and scopes and which scopes we need to enable the different claims and I still need to read up on discovery though I'm not sure if that matters to us.
>
> We also need to think about whether we want to make this generally available or whether it should be privileged and just to support internal use cases like the wiki.
The well-known endpoints (discovery) are required for openid connect to work, at least using doorkeeper-openid_connect plugin. In particular, the openid-configuration endpoint is queried for token_endpoint, jwksuri_endpoint and userinfo_endpont used in later phases.
Any 3rd party app using OSM as ID provider would require at least a persistent value correlated to userid, which would be returned as a `sub` field in `id_token`.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/4226#issuecomment-1710526577
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/pull/4226/c1710526577 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20230907/5b208945/attachment.htm>
More information about the rails-dev
mailing list