Allow additional domains in OAuth2 redirect URLs #6483
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This somewhat goes together with #6482, as my end goal is to have 2 simple URLs for my parents to use, one for SOGo and another for mailcow. They primarily want to use SOGo, but may need to access mailcow occasionally, so I want to have the ease of navigation to SOGo with a single link, without making it harder to access mailcow. I wasn't totally sure how to implement this without affecting more standard setups though. Hopefully this is acceptable, but of course I'm happy to make any changes if necessary. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contribution Guidelines
What does this PR include?
Short Description
Currently with OAuth2, you must set a redirect URL that the OAuth provider will redirect users to after authentication.
If you want mailcow to be available on multiple domains (for example a dedicated SOGo subdomain), OAuth2 login will redirect back to the primary domain, leaving the additional domain unusable.
This lets you define additional redirect URLs, and attempts to match them based on your current domain to send to the provider.
Affected Containers
Did you run tests?
What did you tested?
Adding/editing identity providers with 0, 1 and 2 additional URLs specified.
Logging in with OAuth2 from 2 domains pointing to mailcow.
What were the final results? (Awaited, got)
I was able to login from both my primary, and webmail domains. The OAuth provider got the correct redirect URL depending on which domain I started on, and redirected me back to the appropriate URL.