fix: INTERNAL_APP_URL not reflected in UI URLs

This commit is contained in:
Elias Schneider
2026-07-13 10:09:20 +02:00
parent ef9ed8de32
commit 316cf47ceb
4 changed files with 53 additions and 12 deletions

View File

@@ -22,6 +22,15 @@ export type OidcClientCredentials = {
federatedIdentities: OidcClientFederatedIdentity[];
};
export type OidcDiscoveryConfiguration = {
issuer: string;
authorization_endpoint: string;
token_endpoint: string;
userinfo_endpoint: string;
end_session_endpoint: string;
jwks_uri: string;
};
export type OidcClient = OidcClientMetaData & {
callbackURLs: string[];
logoutCallbackURLs: string[];

View File

@@ -1,6 +1,5 @@
<script lang="ts">
import { beforeNavigate } from '$app/navigation';
import { page } from '$app/state';
import { openConfirmDialog } from '$lib/components/confirm-dialog';
import CopyToClipboard from '$lib/components/copy-to-clipboard.svelte';
import FormattedMessage from '$lib/components/formatted-message.svelte';
@@ -47,13 +46,13 @@
const backNavigation = backNavigate('/settings/admin/oidc-clients');
const setupDetails = $state({
[m.issuer_url()]: `https://${page.url.host}`,
[m.authorization_url()]: `https://${page.url.host}/authorize`,
[m.oidc_discovery_url()]: `https://${page.url.host}/.well-known/openid-configuration`,
[m.token_url()]: `https://${page.url.host}/api/oidc/token`,
[m.userinfo_url()]: `https://${page.url.host}/api/oidc/userinfo`,
[m.logout_url()]: `https://${page.url.host}/api/oidc/end-session`,
[m.certificate_url()]: `https://${page.url.host}/.well-known/jwks.json`,
[m.issuer_url()]: data.oidcConfiguration.issuer,
[m.authorization_url()]: data.oidcConfiguration.authorization_endpoint,
[m.oidc_discovery_url()]: `${data.oidcConfiguration.issuer}/.well-known/openid-configuration`,
[m.token_url()]: data.oidcConfiguration.token_endpoint,
[m.userinfo_url()]: data.oidcConfiguration.userinfo_endpoint,
[m.logout_url()]: data.oidcConfiguration.end_session_endpoint,
[m.certificate_url()]: data.oidcConfiguration.jwks_uri,
[m.pkce()]: client.pkceEnabled ? m.enabled() : m.disabled(),
[m.requires_reauthentication()]: client.requiresReauthentication ? m.enabled() : m.disabled(),
[m.requires_pushed_authorization_requests()]: client.requiresPushedAuthorizationRequests

View File

@@ -1,16 +1,28 @@
import OidcService from '$lib/services/oidc-service';
import type { OidcDiscoveryConfiguration } from '$lib/types/oidc.type';
import type { PageLoad } from './$types';
export const load: PageLoad = async ({ params }) => {
export const load: PageLoad = async ({ fetch, params }) => {
const oidcService = new OidcService();
const client = await oidcService.getClient(params.id);
const scimServiceProvider = await oidcService
const clientPromise = oidcService.getClient(params.id);
const scimServiceProviderPromise = oidcService
.getScimResourceProvider(params.id)
.then((p) => p)
.catch(() => undefined);
const oidcConfigurationPromise = fetch('/.well-known/openid-configuration').then(
(response) => response.json() as Promise<OidcDiscoveryConfiguration>
);
const [client, scimServiceProvider, oidcConfiguration] = await Promise.all([
clientPromise,
scimServiceProviderPromise,
oidcConfigurationPromise
]);
return {
client,
scimServiceProvider
scimServiceProvider,
oidcConfiguration
};
};

View File

@@ -89,6 +89,27 @@ test('Edit OIDC client', async ({ page }) => {
.then((res) => expect.soft(res.status()).toBe(200));
});
test('Displays OIDC client endpoints from discovery configuration', async ({ page }) => {
const oidcConfiguration = {
issuer: 'https://id.example.com',
authorization_endpoint: 'https://id.example.com/authorize',
token_endpoint: 'http://pocket-id:1411/api/oidc/token',
userinfo_endpoint: 'http://pocket-id:1411/api/oidc/userinfo',
end_session_endpoint: 'https://id.example.com/api/oidc/end-session',
jwks_uri: 'http://pocket-id:1411/.well-known/jwks.json'
};
await page.route('**/.well-known/openid-configuration', async (route) => {
await route.fulfill({ json: oidcConfiguration });
});
await page.goto(`/settings/admin/oidc-clients/${oidcClients.nextcloud.id}`);
await page.getByRole('button', { name: 'Show more details' }).click();
await expect(page.getByText(oidcConfiguration.token_endpoint, { exact: true })).toBeVisible();
await expect(page.getByText(oidcConfiguration.userinfo_endpoint, { exact: true })).toBeVisible();
await expect(page.getByText(oidcConfiguration.jwks_uri, { exact: true })).toBeVisible();
});
test('Create new OIDC client secret', async ({ page }) => {
const oidcClient = oidcClients.nextcloud;
await page.goto(`/settings/admin/oidc-clients/${oidcClient.id}`);