local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 60 Pull requests 3 Projects 2 Releases Packages 1 Activity Actions
mitgliederverwaltung/lib/mv/secrets.ex
Moritz 339d37937a
Rename OIDC strategy from :rauthy to :oidc, update callback path 
- Rename AshAuthentication strategy from :oidc :rauthy to :oidc :oidc;
  generated actions are now register_with_oidc / sign_in_with_oidc.
- Update config keys (:rauthy → :oidc) in dev.exs and runtime.exs.
- Update default_redirect_uri to /auth/user/oidc/callback everywhere.
- Rename Mv.Accounts helper functions accordingly.
- Update Mv.Secrets, AuthController, link_oidc_account_live and all tests.
- Update docker-compose.prod.yml, .env.example, README and docs.

IMPORTANT: OIDC providers must be updated to use the new redirect URI
/auth/user/oidc/callback instead of /auth/user/rauthy/callback.
2026-02-24 11:51:00 +01:00

65 lines
1.5 KiB
Elixir
Raw Blame History

defmodule Mv.Secrets do
@moduledoc """
Secret provider for AshAuthentication.
## Purpose
Provides runtime configuration secrets for Ash Authentication strategies,
particularly for OIDC (Rauthy) authentication.
## Configuration Source
Secrets are read from the `:oidc` key in the application configuration,
which is typically set in `config/runtime.exs` from environment variables:
- `OIDC_CLIENT_ID`
- `OIDC_CLIENT_SECRET`
- `OIDC_BASE_URL`
- `OIDC_REDIRECT_URI`
## Usage
This module is automatically called by AshAuthentication when resolving
secrets for the User resource's OIDC strategy.
"""
use AshAuthentication.Secret
def secret_for(
[:authentication, :strategies, :oidc, :client_id],
Mv.Accounts.User,
_opts,
_meth
) do
get_config(:client_id)
end
def secret_for(
[:authentication, :strategies, :oidc, :redirect_uri],
Mv.Accounts.User,
_opts,
_meth
) do
get_config(:redirect_uri)
end
def secret_for(
[:authentication, :strategies, :oidc, :client_secret],
Mv.Accounts.User,
_opts,
_meth
) do
get_config(:client_secret)
end
def secret_for(
[:authentication, :strategies, :oidc, :base_url],
Mv.Accounts.User,
_opts,
_meth
) do
get_config(:base_url)
end
defp get_config(key) do
:mv
|> Application.fetch_env!(:oidc)
|> Keyword.fetch!(key)
|> then(&{:ok, &1})
end
end
Reference in a new issue View git blame Copy permalink