Add OIDC provider for Outline wiki SSO
Add oidc-provider with MongoDB adapter so ghostguild.org can act as the identity provider for the self-hosted Outline wiki. Members authenticate via the existing magic-link flow, with automatic SSO when an active session exists. Includes interaction routes, well-known discovery endpoint, and login page.
This commit is contained in:
parent
a232a7bbf8
commit
8a529a8e7c
13 changed files with 1258 additions and 2 deletions
30
server/routes/oidc/[...].ts
Normal file
30
server/routes/oidc/[...].ts
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
/**
|
||||
* Catch-all route that delegates all /oidc/* requests to the oidc-provider.
|
||||
*
|
||||
* This exposes the standard OIDC endpoints:
|
||||
* /oidc/auth — authorization
|
||||
* /oidc/token — token exchange
|
||||
* /oidc/me — userinfo
|
||||
* /oidc/session/end — logout
|
||||
* /oidc/jwks — JSON Web Key Set
|
||||
*/
|
||||
import { getOidcProvider } from "../../utils/oidc-provider.js";
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const provider = await getOidcProvider();
|
||||
const { req, res } = event.node;
|
||||
|
||||
// oidc-provider expects paths relative to its own mount point.
|
||||
// Nitro gives us the full path, so strip the /oidc prefix.
|
||||
const originalUrl = req.url || "";
|
||||
req.url = originalUrl.replace(/^\/oidc/, "") || "/";
|
||||
|
||||
// Hand off to oidc-provider's Connect-style callback
|
||||
const callback = provider.callback() as Function;
|
||||
await new Promise<void>((resolve, reject) => {
|
||||
callback(req, res, (err: unknown) => {
|
||||
if (err) reject(err);
|
||||
else resolve();
|
||||
});
|
||||
});
|
||||
});
|
||||
Loading…
Add table
Add a link
Reference in a new issue