[Feat] Adding OIDC OAuth callback support #780

New Issue

Closed

opened 2026-02-04 21:19:14 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2026-02-04 21:19:14 +03:00

Owner

Copy Link

Originally created by @luisgreen on GitHub (Aug 7, 2025).

Is this a feature for the backend or frontend?

Backend

What would you like?

When the user is registered add the oauth callback suppport

      if (sails.config.custom.oidcUseOauthCallBack) {
        tokenSet = await client.oauthCallback(
          sails.config.custom.oidcRedirectUri,
          {
            iss: sails.config.custom.oidcIssuer,
            code: inputs.code,
          },
          {
            nonce: inputs.nonce,
          },
        );
      } else {
        tokenSet = await client.callback(
          sails.config.custom.oidcRedirectUri,
          {
            iss: sails.config.custom.oidcIssuer,
            code: inputs.code,
          },
          {
            nonce: inputs.nonce,
          },
        );
      }

This is still not a complete solution but enables the authentication.

You need to set a custom location in a reverse proxy like this so the discovery can work avoiding adding more environment variables.

location = /.well-known/openid-configuration {
    default_type application/json;
    return 200 '{
  "issuer": "https://<YOUR_URL>",
  "authorization_endpoint": "https://<YOUR_URL>/oauth/authorize",
  "token_endpoint": "https://<YOUR_URL>/oauth/access_token",
  "revocation_endpoint": "https://<YOUR_URL>/oauth/revoke",
  "userinfo_endpoint": "https://<YOUR_URL>/api/v4/users/me",
  "scopes_supported": ["openid", "profile", "email"],
  "response_types_supported": ["code"],
  "grant_types_supported": ["authorization_code"],
  "token_endpoint_auth_methods_supported": ["client_secret_post"],
  "claims_supported": ["name", "preferred_username", "email", "profile"]
}';
}

Why is this needed?

I have been using mattermost for a while and I would love to have this feature in code so i can oidc login with Mattermost

Other information

I think this also solves https://github.com/plankanban/planka/issues/593 and https://github.com/plankanban/planka/issues/690

Originally created by @luisgreen on GitHub (Aug 7, 2025). ### Is this a feature for the backend or frontend? Backend ### What would you like? When the user is registered add the oauth callback suppport ``` if (sails.config.custom.oidcUseOauthCallBack) { tokenSet = await client.oauthCallback( sails.config.custom.oidcRedirectUri, { iss: sails.config.custom.oidcIssuer, code: inputs.code, }, { nonce: inputs.nonce, }, ); } else { tokenSet = await client.callback( sails.config.custom.oidcRedirectUri, { iss: sails.config.custom.oidcIssuer, code: inputs.code, }, { nonce: inputs.nonce, }, ); } ``` This is still not a complete solution but enables the authentication. You need to set a custom location in a reverse proxy like this so the discovery can work avoiding adding more environment variables. ``` location = /.well-known/openid-configuration { default_type application/json; return 200 '{ "issuer": "https://<YOUR_URL>", "authorization_endpoint": "https://<YOUR_URL>/oauth/authorize", "token_endpoint": "https://<YOUR_URL>/oauth/access_token", "revocation_endpoint": "https://<YOUR_URL>/oauth/revoke", "userinfo_endpoint": "https://<YOUR_URL>/api/v4/users/me", "scopes_supported": ["openid", "profile", "email"], "response_types_supported": ["code"], "grant_types_supported": ["authorization_code"], "token_endpoint_auth_methods_supported": ["client_secret_post"], "claims_supported": ["name", "preferred_username", "email", "profile"] }'; } ``` ### Why is this needed? I have been using mattermost for a while and I would love to have this feature in code so i can oidc login with Mattermost ### Other information I think this also solves https://github.com/plankanban/planka/issues/593 and https://github.com/plankanban/planka/issues/690

OVERLORD closed this issue 2026-02-04 21:19:16 +03:00

OVERLORD commented 2026-02-04 21:19:25 +03:00

Author

Owner

Copy Link

@luisgreen commented on GitHub (Aug 7, 2025):

@meltyshev @nickbe @daniel-hiller

@luisgreen commented on GitHub (Aug 7, 2025): @meltyshev @nickbe @daniel-hiller

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

gh-pages

dependabot/npm_and_yarn/multi-795903f3f3

dependabot/npm_and_yarn/server/multi-60f2582fdd

dependabot/npm_and_yarn/client/qs-6.14.2

dependabot/npm_and_yarn/client/markdown-it-14.1.1

v2.0.2

planka-2.0.2

v2.0.1

planka-2.0.1

v2.0.0

planka-2.0.0

planka-1.1.2

planka-1.1.1

planka-1.1.0

planka-1.0.5

planka-1.0.4

v2.0.0-rc.4

v1.26.3

planka-0.2.26

planka-1.0.3

planka-1.0.2

v2.0.0-rc.3

planka-1.0.1

planka-1.0.0

v2.0.0-rc.2

planka-0.2.25

v1.26.2

v1.26.1

planka-0.2.24

v1.26.0

planka-0.2.23

v1.25.1

planka-0.2.22

v1.25.0

planka-0.2.21

v1.24.4

planka-0.2.20

v1.24.3

planka-0.2.19

planka-0.2.18

v1.24.2

planka-0.2.17

planka-0.2.16

v1.24.1

planka-0.2.15

v1.24.0

planka-0.2.14

v1.23.5

v1.23.4

planka-0.2.13

planka-0.2.12

v1.23.3

planka-0.2.11

v1.23.2

planka-0.2.10

v1.23.1

planka-0.2.9

v1.23.0

v1.22.0

planka-0.2.8

Labels

Clear labels

bug

bug

documentation

documentation

duplicate

enhancement

good first issue

help wanted

pull-request

Mirrored from GitHub Pull Request

question

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/planka#780