Fix ownCloud Desktop OIDC client config in Authelia
- Change public: true → false (desktop app sends client_secret_basic) - Add client_secret reference to secrets file - Add token_endpoint_auth_method: client_secret_basic - Add response_types: [code] (required for offline_access scope) - Add grant_types: [authorization_code, refresh_token] (required to issue refresh_token)
This commit is contained in:
@@ -136,10 +136,17 @@ identity_providers:
|
|||||||
userinfo_signed_response_alg: none
|
userinfo_signed_response_alg: none
|
||||||
- client_id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69
|
- client_id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69
|
||||||
client_name: ownCloud Desktop
|
client_name: ownCloud Desktop
|
||||||
public: true
|
client_secret: '{{ secret "/config/secrets/oidc_ocis_desktop" }}'
|
||||||
|
public: false
|
||||||
require_pkce: true
|
require_pkce: true
|
||||||
pkce_challenge_method: S256
|
pkce_challenge_method: S256
|
||||||
|
token_endpoint_auth_method: client_secret_basic
|
||||||
authorization_policy: one_factor
|
authorization_policy: one_factor
|
||||||
|
response_types:
|
||||||
|
- code
|
||||||
|
grant_types:
|
||||||
|
- authorization_code
|
||||||
|
- refresh_token
|
||||||
redirect_uris:
|
redirect_uris:
|
||||||
- http://127.0.0.1
|
- http://127.0.0.1
|
||||||
scopes:
|
scopes:
|
||||||
|
|||||||
Reference in New Issue
Block a user