mirror of
https://github.com/go-gitea/gitea.git
synced 2025-07-21 09:31:19 +02:00
1. Make "Issuer" strictly follow the spec (see comment) 2. Make "/.well-known/openid-configuration" respond 404 if the OAuth2 provider is not enabled. Then by the way, remove the JSEscape template helper because it is not needed any more.
50 lines
1.1 KiB
Handlebars
50 lines
1.1 KiB
Handlebars
{
|
|
"issuer": "{{.OidcIssuer}}",
|
|
"authorization_endpoint": "{{.OidcBaseUrl}}/login/oauth/authorize",
|
|
"token_endpoint": "{{.OidcBaseUrl}}/login/oauth/access_token",
|
|
"jwks_uri": "{{.OidcBaseUrl}}/login/oauth/keys",
|
|
"userinfo_endpoint": "{{.OidcBaseUrl}}/login/oauth/userinfo",
|
|
"introspection_endpoint": "{{.OidcBaseUrl}}/login/oauth/introspect",
|
|
"response_types_supported": [
|
|
"code",
|
|
"id_token"
|
|
],
|
|
"id_token_signing_alg_values_supported": [
|
|
"{{.SigningKeyMethodAlg}}"
|
|
],
|
|
"subject_types_supported": [
|
|
"public"
|
|
],
|
|
"scopes_supported": [
|
|
"openid",
|
|
"profile",
|
|
"email",
|
|
"groups"
|
|
],
|
|
"claims_supported": [
|
|
"aud",
|
|
"exp",
|
|
"iat",
|
|
"iss",
|
|
"sub",
|
|
"name",
|
|
"preferred_username",
|
|
"profile",
|
|
"picture",
|
|
"website",
|
|
"locale",
|
|
"updated_at",
|
|
"email",
|
|
"email_verified",
|
|
"groups"
|
|
],
|
|
"code_challenge_methods_supported": [
|
|
"plain",
|
|
"S256"
|
|
],
|
|
"grant_types_supported": [
|
|
"authorization_code",
|
|
"refresh_token"
|
|
]
|
|
}
|