- [OAuth2 Login on Standalone Wekan](https://github.com/wekan/wekan/wiki/OAuth2). For example, Rocket.Chat can provide OAuth2 login to Wekan.

Also, if you have Rocket.Chat using LDAP/SAML/Google/etc for logging into Rocket.Chat, then same users can login to Wekan when Rocket.Chat is providing OAuth2 login to Wekan. Thanks to salleman33 and xet7 ! Closes #234
2025-12-16 23:40:13 +01:00 · 2018-08-25 00:49:02 +03:00 · 2018-08-25 00:49:02 +03:00 · 39312a075e
commit 39312a075e
parent 96173ad431
8 changed files with 139 additions and 29 deletions
--- a/server/authentication.js
+++ b/server/authentication.js
@ -63,23 +63,27 @@ Meteor.startup(() => {
  };

  if (Meteor.isServer) {
-    ServiceConfiguration.configurations.upsert(
-      { service: 'oidc' },
-      {
-        $set: {
-          loginStyle: 'redirect',
-          clientId: 'CLIENT_ID',
-          secret: 'SECRET',
-          serverUrl: 'https://my-server',
-          authorizationEndpoint: '/oauth/authorize',
-          userinfoEndpoint: '/oauth/userinfo',
-          tokenEndpoint: '/oauth/token',
-          idTokenWhitelistFields: [],
-          requestPermissions: ['openid']
+
+    if(process.env.OAUTH2_CLIENT_ID !== '') {
+
+      ServiceConfiguration.configurations.upsert( // eslint-disable-line no-undef
+        { service: 'oidc' },
+        {
+          $set: {
+            loginStyle: 'redirect',
+            clientId: process.env.OAUTH2_CLIENT_ID,
+            secret: process.env.OAUTH2_SECRET,
+            serverUrl: process.env.OAUTH2_SERVER_URL,
+            authorizationEndpoint: process.env.OAUTH2_AUTH_ENDPOINT,
+            userinfoEndpoint: process.env.OAUTH2_USERINFO_ENDPOINT,
+            tokenEndpoint: process.env.OAUTH2_TOKEN_ENDPOINT,
+            idTokenWhitelistFields: [],
+            requestPermissions: ['openid'],
+          },
        }
-      }
-    );
+      );
    }
+  }

 });