Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: implement oidc settings api flow #3879

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Jorgagu
Copy link

@Jorgagu Jorgagu commented Apr 17, 2024

This PR have the purpose to implement the possibility to allows users setup OIDC connections through API SettingsFlow.

Related issue(s)

#3311

Checklist

  • I have read the contributing guidelines.
  • I have referenced an issue containing the design document if my change
    introduces a new feature.
  • I am following the
    contributing code guidelines.
  • I have read the security policy.
  • I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security vulnerability, I
    confirm that I got the approval (please contact
    [email protected]) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further Comments

However, all I have to do is delete the condition in [line 145 of the file selfservice/strategy/oidc/strategy_settings.go] (https://github.com/ory/kratos/blob/master/selfservice/strategy/oidc/strategy_settings.go#L145) to obtain the node link for my configured providers.

The button opens the Authorization Flow window (Google here), I've logged into my account and the window redirects to /self-service/methods/oidc/callback/google with query parameters code, state, scope...

But Kratos answers that I'm not authorized because there's no active session, since this call doesn't send the X-Session-Token header.

Now I don't know how to send my active session token obtained after the login/registration flow with the SessionTokenExchange in this OIDC method callback.

Any ideas @jonas-jonas, @vinckr ?

@jeremy-serenne
Copy link

Hi ! @Jorgagu
Can you share the exact error returned by Kratos when you said that you were not authorized pls ?

I'm encountering a similar issue through api flows when I want to update my settings with a session that needs to be refreshed and if an OIDC is choosed to refresh this session.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants